From sec-adv at secunia.com Mon Jan 2 10:33:04 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 2 Jan 2012 19:33:04 +0100 Subject: [SEC] [SA47345] Debian update for cyrus-imapd-2.2 Message-ID: <201201021833.q02IX4Fs031143@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Debian update for cyrus-imapd-2.2 SECUNIA ADVISORY ID: SA47345 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47345/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47345 RELEASE DATE: 2012-01-02 DISCUSS ADVISORY: http://secunia.com/advisories/47345/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47345/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47345 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for cyrus-imapd-2.2. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information see vulnerability #2 in: SA45938 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2377-1: http://www.debian.org/security/2012/dsa-2377 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 2 11:32:54 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 2 Jan 2012 20:32:54 +0100 Subject: [SEC] [SA47436] Joomla! JE Poll Component Unspecified SQL Injection Vulnerability Message-ID: <201201021932.q02JWsns023638@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Joomla! JE Poll Component Unspecified SQL Injection Vulnerability SECUNIA ADVISORY ID: SA47436 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47436/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47436 RELEASE DATE: 2012-01-02 DISCUSS ADVISORY: http://secunia.com/advisories/47436/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47436/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47436 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the JE Poll component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks. Certain unspecified input is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is reported in versions prior to 1.1. SOLUTION: Update to version 1.1. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: JExtensions: http://joomlaextensions.co.in/product/JE-Poll OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 2 12:32:47 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 2 Jan 2012 21:32:47 +0100 Subject: [SEC] [SA47425] MaraDNS Hash Collision Denial of Service Vulnerability Message-ID: <201201022032.q02KWlhs016112@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: MaraDNS Hash Collision Denial of Service Vulnerability SECUNIA ADVISORY ID: SA47425 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47425/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47425 RELEASE DATE: 2012-01-02 DISCUSS ADVISORY: http://secunia.com/advisories/47425/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47425/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47425 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in MaraDNS, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error within a hash generation function and can be exploited to cause a hash collision resulting in high CPU consumption. The vulnerability is reported in versions prior to 1.3.07.13 and 1.4.09. SOLUTION: Update to version 1.3.07.13 or 1.4.09. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.maradns.org/changelog.html http://samiam.org/blog/20111229.html http://samiam.org/blog/20111230.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 2 13:33:14 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 2 Jan 2012 22:33:14 +0100 Subject: [SEC] [SA47381] TORQUE Munge Authentication Security Bypass Vulnerability Message-ID: <201201022133.q02LXEeb008631@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: TORQUE Munge Authentication Security Bypass Vulnerability SECUNIA ADVISORY ID: SA47381 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47381/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47381 RELEASE DATE: 2012-01-02 DISCUSS ADVISORY: http://secunia.com/advisories/47381/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47381/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47381 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in TORQUE, which can be exploited by malicious users to bypass certain security restrictions. The vulnerability is caused due to an unspecified error when using munge authentication and can be exploited to impersonate other users. The vulnerability is reported in versions prior to 2.5.9. SOLUTION: Update to version 2.5.9. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.adaptivecomputing.com/resources/docs/torque/3-0-3/changelog.php#259 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 2 14:26:37 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 2 Jan 2012 23:26:37 +0100 Subject: [SEC] [SA47427] WordPress TheCartPress Plugin "tcp_name_post_1" Cross-Site Scripting Vulnerability Message-ID: <201201022226.q02MQbgp000696@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: WordPress TheCartPress Plugin "tcp_name_post_1" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA47427 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47427/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47427 RELEASE DATE: 2012-01-02 DISCUSS ADVISORY: http://secunia.com/advisories/47427/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47427/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47427 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in the TheCartPress plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to e.g. the "tcp_name_post_1" parameter in admin/OptionsPostsList.php (when "tcp_options_posts_update" is set and "tcp_post_ids[]" is set to "1") is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 1.1.5 and reported in version 1.1.6 downloaded prior to 2011-12-31. Prior versions may also be affected. SOLUTION: Update to version 1.1.6 released after 2011-12-31. PROVIDED AND/OR DISCOVERED BY: 6Scan ORIGINAL ADVISORY: WordPress TheCartPress Plugin: http://plugins.trac.wordpress.org/changeset/482746/thecartpress 6Scan: http://packetstormsecurity.org/files/108272/wpcartpress-xss.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 2 14:47:52 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 2 Jan 2012 23:47:52 +0100 Subject: [SEC] [SA47434] Rapidleech Cross-Site Scripting and Script Insertion Vulnerabilities Message-ID: <201201022247.q02MlqQi023661@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Rapidleech Cross-Site Scripting and Script Insertion Vulnerabilities SECUNIA ADVISORY ID: SA47434 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47434/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47434 RELEASE DATE: 2012-01-02 DISCUSS ADVISORY: http://secunia.com/advisories/47434/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47434/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47434 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been discovered in Rapidleech, which can be exploited by malicious people to conduct cross-site scripting and script insertion attacks. 1) Input passed to the "links" parameter in audl.php (when "GO" is set to "GO") is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Input passed via the "notes" POST parameter to notes.php when creating a note is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. The vulnerabilities are confirmed in version 2.3 rev42 SVN r358. Other versions may also be affected. SOLUTION: Vulnerability #2 is fixed in version 2.3 rev43 Alpha SVN r399. Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: 1) farbodmahini 2) The vendor credits The Crow ORIGINAL ADVISORY: Rapidleech: http://code.google.com/p/rapidleech/source/detail?r=399 http://code.google.com/p/rapidleech/source/diff?spec=svn399&r=399&format=side&path=/trunk/notes.php farbodmahini: http://packetstormsecurity.org/files/108239/rapidleech-xss.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 2 15:12:30 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 3 Jan 2012 00:12:30 +0100 Subject: [SEC] [SA47376] Debian update for ipmitool Message-ID: <201201022312.q02NCUWp014343@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Debian update for ipmitool SECUNIA ADVISORY ID: SA47376 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47376/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47376 RELEASE DATE: 2012-01-02 DISCUSS ADVISORY: http://secunia.com/advisories/47376/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47376/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47376 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for ipmitool. This fixes a security issue, which can be exploited by malicious, local users to cause a DoS (Denial of Service). For more information: SA47173 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2376-1: http://lists.debian.org/debian-security-announce/2011/msg00255.html DSA-2376-2: http://www.debian.org/security/2011/dsa-2376 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 3 10:32:11 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 3 Jan 2012 19:32:11 +0100 Subject: [SEC] [SA47364] FuseTalk Multiple Cross-Site Scripting Vulnerabilities Message-ID: <201201031832.q03IWB9H031154@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: FuseTalk Multiple Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA47364 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47364/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47364 RELEASE DATE: 2012-01-03 DISCUSS ADVISORY: http://secunia.com/advisories/47364/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47364/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47364 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been discovered in FuseTalk, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the URL to forum/reg.cfm (when "keyword" is set), forum/index.cfm, blog/index.cfm, and the "letter" parameter in forum/whoson.cfm is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. This is related to vulnerability #2 in: SA40850 The vulnerabilities are confirmed in FuseTalk Standard Edition Evaluation version 4.0 (ColdFusion). Other versions may also be affected. SOLUTION: Filter malicious characters and character sequences using a proxy. PROVIDED AND/OR DISCOVERED BY: Mehul OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 3 11:32:22 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 3 Jan 2012 20:32:22 +0100 Subject: [SEC] [SA47377] lio-utils Debug Mode Logic Error Temporary File Security Issue Message-ID: <201201031932.q03JWM5s023658@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: lio-utils Debug Mode Logic Error Temporary File Security Issue SECUNIA ADVISORY ID: SA47377 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47377/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47377 RELEASE DATE: 2012-01-03 DISCUSS ADVISORY: http://secunia.com/advisories/47377/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47377/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47377 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in lio-utils, which can be exploited by malicious, local users to perform certain actions with escalated privileges. The security issue is caused due to a logic error within the /etc/init.d/target script when checking for the debug mode, which can lead to the script running in debug mode although it's not configured to do so. As the script creates the temporary file /tmp/tgtctl.dbug in an insecure manner when running in debug mode, this can be exploited to e.g. append data to arbitrary files via symlink attacks. The security issue is reported in version 4.1 Other versions may also be affected. SOLUTION: Restrict access to trusted users. PROVIDED AND/OR DISCOVERED BY: Reported in a Debian bug by Aurelien Jarno. ORIGINAL ADVISORY: Debian Bug #654262: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=654262 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 3 12:33:24 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 3 Jan 2012 21:33:24 +0100 Subject: [SEC] [SA47428] WordPress Whois Search Plugin "domain" Cross-Site Scripting Vulnerability Message-ID: <201201032033.q03KXO2T016188@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: WordPress Whois Search Plugin "domain" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA47428 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47428/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47428 RELEASE DATE: 2012-01-03 DISCUSS ADVISORY: http://secunia.com/advisories/47428/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47428/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47428 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in the Whois Search plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to the "domain" parameter in index.php is not properly sanitised in wp-content/plugins/wordpress-whois-search/vendors/samswhois/samswhois.inc.php before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Successful exploitation requires that the "WHOIS" widget is enabled. The vulnerability is confirmed in version 1.4.2.3. Other versions may also be affected. SOLUTION: Update to version 1.4.2.3 which fixes a vector that does not require the widget to be enabled. Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Atmon3r Additional information provided by Secunia Research. ORIGINAL ADVISORY: WordPress Whois Search: http://wordpress.org/extend/plugins/wordpress-whois-search/changelog/ http://plugins.trac.wordpress.org/changeset/482954/wordpress-whois-search Atmon3r: http://packetstormsecurity.org/files/108271/wpwhois-xss.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 3 13:32:47 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 3 Jan 2012 22:32:47 +0100 Subject: [SEC] [SA47412] Apache Geronimo Web Form Hash Collision Denial of Service Vulnerability Message-ID: <201201032132.q03LWl6W008648@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Apache Geronimo Web Form Hash Collision Denial of Service Vulnerability SECUNIA ADVISORY ID: SA47412 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47412/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47412 RELEASE DATE: 2012-01-03 DISCUSS ADVISORY: http://secunia.com/advisories/47412/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47412/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47412 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Apache Geronimo, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error within a hash generation function when hashing form posts and updating a hash table. This can be exploited to cause a hash collision resulting in high CPU consumption via a specially crafted form sent in a HTTP POST request. The vulnerability is reported in version 2.2.1 and prior. SOLUTION: Currently there is no known workaround. PROVIDED AND/OR DISCOVERED BY: Alexander Klink, n.runs AG and Julian W?lde, Technische Universit?t Darmstadt ORIGINAL ADVISORY: n.runs (SA-2011.004): http://www.nruns.com/_downloads/advisory28122011.pdf oCERT (#2011-003): http://www.ocert.org/advisories/ocert-2011-003.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 4 10:33:18 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 4 Jan 2012 19:33:18 +0100 Subject: [SEC] [SA47424] OpenKM User Permission Security Bypass Vulnerability Message-ID: <201201041833.q04IXIW4030622@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: OpenKM User Permission Security Bypass Vulnerability SECUNIA ADVISORY ID: SA47424 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47424/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47424 RELEASE DATE: 2012-01-04 DISCUSS ADVISORY: http://secunia.com/advisories/47424/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47424/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47424 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Compass Security has discovered a vulnerability in OpenKM, which can be exploited by malicious users to bypass certain security restrictions. The application does not properly verify a user's permissions, which can be exploited to e.g. assign administrative privileges to an arbitrary user. The vulnerability is confirmed in version 5.1.8. Prior versions may also be affected. SOLUTION: Update to version 5.1.8-2. PROVIDED AND/OR DISCOVERED BY: Cyrill Brunschwiler, Compass Security AG. ORIGINAL ADVISORY: COMPASS-2012-001: http://archives.neohapsis.com/archives/bugtraq/2012-01/0007.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 4 11:32:28 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 4 Jan 2012 20:32:28 +0100 Subject: [SEC] [SA47420] OpenKM Cross-Site Request Forgery Vulnerability Message-ID: <201201041932.q04JWSs3023065@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: OpenKM Cross-Site Request Forgery Vulnerability SECUNIA ADVISORY ID: SA47420 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47420/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47420 RELEASE DATE: 2012-01-04 DISCUSS ADVISORY: http://secunia.com/advisories/47420/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47420/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47420 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Compass Security has discovered a vulnerability in OpenKM, which can be exploited by malicious people to conduct cross-site request forgery attacks. The application's web interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. add an administrator by tricking a logged in administrator into visiting a malicious web site. The vulnerability is confirmed in version 5.1.8-2. Other versions may also be affected. SOLUTION: Do not browse untrusted websites or follow untrusted links while logged in to the application. PROVIDED AND/OR DISCOVERED BY: Cyrill Brunschwiler, Compass Security AG. ORIGINAL ADVISORY: COMPASS-2012-002: http://archives.neohapsis.com/archives/bugtraq/2012-01/0008.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 4 12:33:04 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 4 Jan 2012 21:33:04 +0100 Subject: [SEC] [SA47372] GraphicsClone Script "term" Cross-Site Scripting Vulnerability Message-ID: <201201042033.q04KX4Tr015591@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: GraphicsClone Script "term" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA47372 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47372/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47372 RELEASE DATE: 2012-01-04 DISCUSS ADVISORY: http://secunia.com/advisories/47372/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47372/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47372 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in GraphicsClone Script, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "term" parameter to search is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. SOLUTION: Filter malicious characters and character sequences using a proxy. PROVIDED AND/OR DISCOVERED BY: Mr.PaPaRoSSe ORIGINAL ADVISORY: http://packetstormsecurity.org/files/108145/graphicclone-xss.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 4 13:34:07 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 4 Jan 2012 22:34:07 +0100 Subject: [SEC] [SA47393] Apache Struts Multiple Vulnerabilities Message-ID: <201201042134.q04LY7tp008141@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Apache Struts Multiple Vulnerabilities SECUNIA ADVISORY ID: SA47393 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47393/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47393 RELEASE DATE: 2012-01-04 DISCUSS ADVISORY: http://secunia.com/advisories/47393/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47393/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47393 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in Apache Struts, which can be exploited by malicious people to compromise a vulnerable system. 1) An input sanitisation error can be exploited to inject and execute arbitrary Java code if a conversion error is encountered. This vulnerability is related to: SA47176 2) The CookieInterceptor class does not properly restrict access to certain static methods while handling cookie names and can be exploited to execute arbitrary commands. 3) Certain unspecified input is not properly sanitised by the ParameterInterceptor before being used to create files. This can be exploited to create or overwrite arbitrary files via directory traversal attacks. The vulnerabilities are reported in versions prior to 2.3.1.1. SOLUTION: Update to version 2.3.1.1. PROVIDED AND/OR DISCOVERED BY: Bruce Phillips. The vendor also credits Johannes Dahse, SEC Consult. ORIGINAL ADVISORY: Apache: http://struts.apache.org/2.x/docs/s2-008.html Bruce Phillips: http://www.brucephillips.name/blog/index.cfm/2011/2/19/Struts-2-Security-Vulnerability--Dynamic-Method-Invocation OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 4 14:27:01 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 4 Jan 2012 23:27:01 +0100 Subject: [SEC] [SA47370] Joomla! Simple File Upload Module Arbitrary File Upload Vulnerability Message-ID: <201201042227.q04MR1qt032643@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Joomla! Simple File Upload Module Arbitrary File Upload Vulnerability SECUNIA ADVISORY ID: SA47370 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47370/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47370 RELEASE DATE: 2012-01-04 DISCUSS ADVISORY: http://secunia.com/advisories/47370/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47370/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47370 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in the Simple File Upload module for Joomla!, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to the modules/mod_simplefileuploadv1.3/helper.php script not properly validating uploaded files, which can be exploited to execute arbitrary PHP code by uploading a PHP file with e.g. a ".pht" file extension. The vulnerability is confirmed in version 1.3.5. Other versions may also be affected. SOLUTION: Restrict access to the upload folder (e.g. via .htaccess). PROVIDED AND/OR DISCOVERED BY: Reported by the Joomla! VEL team. ORIGINAL ADVISORY: Simple File Upload: http://wasen.net/index.php?option=com_content&view=article&id=64:simple-file-upload-download&catid=40:project-simple-file-upload&Itemid=59 Joomla!: http://docs.joomla.org/Vulnerable_Extensions_List#Simple_File_Upload_1.3 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 4 14:47:38 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 4 Jan 2012 23:47:38 +0100 Subject: [SEC] [SA47371] WordPress "wp_guess_url()" Cross-Site Scripting Vulnerability Message-ID: <201201042247.q04MlcpF023117@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: WordPress "wp_guess_url()" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA47371 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47371/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47371 RELEASE DATE: 2012-01-04 DISCUSS ADVISORY: http://secunia.com/advisories/47371/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47371/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47371 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Aditya Modha and Samir Shah discovered a vulnerability in WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the URL to e.g. wp-comments-post.php is not properly sanitised within the "wp_guess_url()" function in wp-includes/functions.php before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 3.3. SOLUTION: Update to version 3.3.1. PROVIDED AND/OR DISCOVERED BY: Aditya Modha and Samir Shah. ORIGINAL ADVISORY: WordPress: http://wordpress.org/news/2012/01/wordpress-3-3-1/ Aditya Modha and Samir Shah: http://oldmanlab.blogspot.com/2012/01/wordpress-33-xss-vulnerability.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 4 15:12:00 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 5 Jan 2012 00:12:00 +0100 Subject: [SEC] [SA47380] Debian update for ffmpeg Message-ID: <201201042312.q04NC0F8013804@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Debian update for ffmpeg SECUNIA ADVISORY ID: SA47380 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47380/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47380 RELEASE DATE: 2012-01-04 DISCUSS ADVISORY: http://secunia.com/advisories/47380/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47380/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47380 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for ffmpeg. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library. For more information: SA46245 SA46888 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2378-1: http://www.debian.org/security/2012/dsa-2378 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 4 15:47:31 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 5 Jan 2012 00:47:31 +0100 Subject: [SEC] [SA47421] BigACE Web CMS Multiple Cross-Site Scripting Vulnerabilities Message-ID: <201201042347.q04NlV4t005042@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: BigACE Web CMS Multiple Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA47421 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47421/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47421 RELEASE DATE: 2012-01-04 DISCUSS ADVISORY: http://secunia.com/advisories/47421/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47421/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47421 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: sec4it has discovered multiple vulnerabilities in BIGACE Web CMS, which can be exploited by malicious people to conduct cross-site scripting attacks. 1) Input passed via the keys and values of POST parameters to public/index.php (when "cmd" is set to "application" and "id" is set to e.g. "-1_tauth_klogin_len") is not properly sanitised in system/application/auth/login.php before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Input passed via the "username" POST parameter to public/index.php (when "cmd" is set to "application" and "id" is set to e.g. "-1_tauth_kpassword_len") is not properly sanitised in system/application/auth/password.php before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 3) Input passed via the "language" POST parameter to public/index.php (when "cmd" is set to "application" and "id" is set to e.g. "-1_tsearch_len") is not properly sanitised in system/application/search/search.php before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerabilities are confirmed in version 2.7.6. Prior versions may also be affected. SOLUTION: Update to version 2.7.7. PROVIDED AND/OR DISCOVERED BY: sec4it ORIGINAL ADVISORY: BIGACE: http://www.bigace.de/news/bigace-2.7.7.html sec4it: http://sec4it.dk/public/index.php?cmd=smarty&id=64_len OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 4 16:12:41 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 5 Jan 2012 01:12:41 +0100 Subject: [SEC] [SA47419] tinyguestbook Script Insertion and SQL Injection Vulnerabilities Message-ID: <201201050012.q050CfV3028146@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: tinyguestbook Script Insertion and SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA47419 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47419/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47419 RELEASE DATE: 2012-01-04 DISCUSS ADVISORY: http://secunia.com/advisories/47419/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47419/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47419 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been discovered in tinyguestbook, which can be exploited by malicious people to conduct script insertion and SQL injection attacks. 1) Input passed via the "msg" parameter to sign.php when signing the guestbook is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. 2) Input passed via the "name" and "msg" POST parameters to sign.php (when "post" is set to "submit" and "code" is set correctly) is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation of this vulnerability requires that "magic_quotes_gpc" is disabled. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: 1) G13 2) Henri Salo in a bug report ORIGINAL ADVISORY: tinyguestbook: http://code.google.com/p/tinyguestbook/issues/detail?id=1 http://code.google.com/p/tinyguestbook/issues/detail?id=3 G13: http://seclists.org/bugtraq/2012/Jan/8 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 4 16:47:31 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 5 Jan 2012 01:47:31 +0100 Subject: [SEC] [SA47379] Apache Geronimo Multiple Vulnerabilities Message-ID: <201201050047.q050lVtI019340@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Apache Geronimo Multiple Vulnerabilities SECUNIA ADVISORY ID: SA47379 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47379/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47379 RELEASE DATE: 2012-01-04 DISCUSS ADVISORY: http://secunia.com/advisories/47379/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47379/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47379 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Apache has acknowledged some weaknesses and vulnerabilities in Apache Geronimo, which can be exploited by malicious, local users to disclose sensitive information and bypass certain security restrictions or cause a DoS (Denial of Service) and by malicious people to disclose potentially sensitive information, bypass certain security restrictions, conduct cross-site scripting attacks, and cause a DoS (Denial of Service). The application bundles a vulnerable version of Apache Tomcat. For more information: SA42337 SA43194 SA43198 SA44981 SA45232 SA45641 SA45748 SA47411 SOLUTION: Update to version 2.1.8. ORIGINAL ADVISORY: http://geronimo.apache.org/21x-security-report.html#2.1.xSecurityReport-218 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 5 12:38:05 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 5 Jan 2012 21:38:05 +0100 Subject: [SEC] [SA47441] SUSE update for heimdal Message-ID: <201201052038.q05Kc5lE023084@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: SUSE update for heimdal SECUNIA ADVISORY ID: SA47441 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47441/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47441 RELEASE DATE: 2012-01-05 DISCUSS ADVISORY: http://secunia.com/advisories/47441/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47441/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47441 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for heimdal. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system. For more information: SA47399 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: SUSE-SU-2012:0024-1: http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00007.html SUSE-SU-2012:0056-1: http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00015.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 5 12:37:51 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 5 Jan 2012 21:37:51 +0100 Subject: [SEC] [SA47416] SUSE update for krb5-appl Message-ID: <201201052037.q05Kbpu0022776@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: SUSE update for krb5-appl SECUNIA ADVISORY ID: SA47416 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47416/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47416 RELEASE DATE: 2012-01-05 DISCUSS ADVISORY: http://secunia.com/advisories/47416/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47416/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47416 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for krb5-appl. This fixes a security issue and a vulnerability, which can be exploited by malicious users to bypass certain security restrictions and by malicious people to compromise a vulnerable system. For more information: SA45145 SA47348 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2012:0019-1: http://lists.opensuse.org/opensuse-updates/2012-01/msg00007.html openSUSE-SU-2012:0051-1: http://lists.opensuse.org/opensuse-updates/2012-01/msg00018.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 5 12:38:04 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 5 Jan 2012 21:38:04 +0100 Subject: [SEC] [SA47409] SUSE update for glibc Message-ID: <201201052038.q05Kc43g023062@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: SUSE update for glibc SECUNIA ADVISORY ID: SA47409 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47409/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47409 RELEASE DATE: 2012-01-05 DISCUSS ADVISORY: http://secunia.com/advisories/47409/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47409/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47409 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for glibc. This fixes a vulnerability, which potentially can be exploited by malicious users to compromise a vulnerable system. For more information: SA47064 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: SUSE-SU-2012:0023-1: http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00006.html SUSE-SU-2012:0033-1: http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00008.html SUSE-SU-2012:0055-1: http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00013.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 5 12:37:52 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 5 Jan 2012 21:37:52 +0100 Subject: [SEC] [SA47431] Linux Kernel KVM KVM_ASSIGN_PCI_DEVICE IOCTL Denial of Service Vulnerability Message-ID: <201201052037.q05KbqpJ022817@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Linux Kernel KVM KVM_ASSIGN_PCI_DEVICE IOCTL Denial of Service Vulnerability SECUNIA ADVISORY ID: SA47431 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47431/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47431 RELEASE DATE: 2012-01-05 DISCUSS ADVISORY: http://secunia.com/advisories/47431/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47431/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47431 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service). The vulnerability is caused due to KVM not properly restricting the KVM_ASSIGN_PCI_DEVICE IOCTL, which can be exploited to stop PCI devices from working by sending specially crafted IOCTLs. SOLUTION: Restrict access to trusted users only. PROVIDED AND/OR DISCOVERED BY: Sasha Levin ORIGINAL ADVISORY: http://thread.gmane.org/gmane.comp.emulators.kvm.devel/82043 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 5 12:38:03 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 5 Jan 2012 21:38:03 +0100 Subject: [SEC] [SA47442] SUSE update for krb5 Message-ID: <201201052038.q05Kc37x023017@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: SUSE update for krb5 SECUNIA ADVISORY ID: SA47442 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47442/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47442 RELEASE DATE: 2012-01-05 DISCUSS ADVISORY: http://secunia.com/advisories/47442/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47442/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47442 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for krb5. This fixes a security issue and some vulnerabilities, which can be exploited by malicious users to bypass certain security restrictions and cause a DoS (Denial of Service) and by malicious people to conduct spoofing attacks and compromise a vulnerable system. For more information: SA39762 SA42396 SA45145 SA47348 NOTE: The vulnerabilities referenced as CVE-2010-1321 and CVE-2010-1323 affect SUSE Linux Enterprise Server (SLES) 10 SP2 only. SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: SUSE-SU-2012:0010-1: http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00002.html SUSE-SU-2012:0018-1: http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00004.html SUSE-SU-2012:0042-1: http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00010.html SUSE-SU-2012:0050-1: http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00011.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 5 14:22:54 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 5 Jan 2012 23:22:54 +0100 Subject: [SEC] [SA47432] SUSE update for mozilla-nss Message-ID: <201201052222.q05MMsWr019321@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: SUSE update for mozilla-nss SECUNIA ADVISORY ID: SA47432 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47432/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47432 RELEASE DATE: 2012-01-05 DISCUSS ADVISORY: http://secunia.com/advisories/47432/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47432/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47432 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for mozilla-nss. This fixes a weakness and a vulnerability, which can be exploited by malicious people to disclose potentially sensitive information, hijack a user's session, and compromise an application using the library. For more information: SA46168 SA46557 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2012:0030-1: https://hermes.opensuse.org/messages/13154861 openSUSE-SU-2012:0063-1: https://hermes.opensuse.org/messages/13155432 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 5 15:01:56 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 6 Jan 2012 00:01:56 +0100 Subject: [SEC] [SA47366] Ubuntu update for linux-fsl-imx51 Message-ID: <201201052301.q05N1umC010742@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Ubuntu update for linux-fsl-imx51 SECUNIA ADVISORY ID: SA47366 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47366/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47366 RELEASE DATE: 2012-01-05 DISCUSS ADVISORY: http://secunia.com/advisories/47366/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47366/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47366 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for linux-fsl-imx51. This fixes a weakness and a vulnerability, which can be exploited by malicious, local users to disclose potentially sensitive information and cause a DoS (Denial of Service). For more information: SA43576 SA46803 (#2) SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1318-1: http://www.ubuntu.com/usn/usn-1318-1/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 5 15:30:14 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 6 Jan 2012 00:30:14 +0100 Subject: [SEC] [SA47458] SUSE update for chasen Message-ID: <201201052330.q05NUEwG001531@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: SUSE update for chasen SECUNIA ADVISORY ID: SA47458 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47458/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47458 RELEASE DATE: 2012-01-05 DISCUSS ADVISORY: http://secunia.com/advisories/47458/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47458/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47458 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for chasen. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system. For more information: SA47135 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2012:0026-1: https://hermes.opensuse.org/messages/13154862 openSUSE-SU-2012:0058-1: https://hermes.opensuse.org/messages/13155433 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 5 16:23:24 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 6 Jan 2012 01:23:24 +0100 Subject: [SEC] [SA47429] SUSE update for FastCGI Message-ID: <201201060023.q060NONY026097@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: SUSE update for FastCGI SECUNIA ADVISORY ID: SA47429 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47429/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47429 RELEASE DATE: 2012-01-05 DISCUSS ADVISORY: http://secunia.com/advisories/47429/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47429/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47429 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for FastCGI. This fixes a security issue, which can be exploited by malicious people to bypass certain security restrictions. For more information: SA46263 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2012:0004-1: https://hermes.opensuse.org/messages/13154637 openSUSE-SU-2012:0036-1: https://hermes.opensuse.org/messages/13155253 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 5 16:49:51 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 6 Jan 2012 01:49:51 +0100 Subject: [SEC] [SA47400] Mozilla Firefox Drag and Drop Handling Same Origin Policy Bypass Vulnerability Message-ID: <201201060049.q060nphN016868@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Mozilla Firefox Drag and Drop Handling Same Origin Policy Bypass Vulnerability SECUNIA ADVISORY ID: SA47400 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47400/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47400 RELEASE DATE: 2012-01-05 DISCUSS ADVISORY: http://secunia.com/advisories/47400/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47400/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47400 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Soroush Dalili has discovered a vulnerability in Mozilla Firefox, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused due to an error when handling drag and drop events and can be exploited to bypass the same origin policy and e.g. execute script code in the context of another domain. The vulnerability is confirmed in version 9.0.1. Other versions may also be affected. SOLUTION: Do not perform suspicious actions on untrusted web sites. PROVIDED AND/OR DISCOVERED BY: Soroush Dalili ORIGINAL ADVISORY: http://soroush.secproject.com/blog/2011/12/drag-and-drop-xss-in-firefox-by-html5-cross-domain-in-frames/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 5 17:33:41 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 6 Jan 2012 02:33:41 +0100 Subject: [SEC] [SA47433] SUSE update for net6 Message-ID: <201201060133.q061XfEP008521@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: SUSE update for net6 SECUNIA ADVISORY ID: SA47433 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47433/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47433 RELEASE DATE: 2012-01-05 DISCUSS ADVISORY: http://secunia.com/advisories/47433/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47433/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47433 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for net6. This fixes two weaknesses, which can be exploited by malicious people to disclose certain information and conduct session hijacking attacks. For more information: SA46605 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2012:0008-1: https://hermes.opensuse.org/messages/13154695 openSUSE-SU-2012:0040-1: https://hermes.opensuse.org/messages/13155294 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 5 18:04:18 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 6 Jan 2012 03:04:18 +0100 Subject: [SEC] [SA47448] ImpressCMS Multiple Vulnerabilities Message-ID: <201201060204.q0624ImJ031914@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: ImpressCMS Multiple Vulnerabilities SECUNIA ADVISORY ID: SA47448 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47448/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47448 RELEASE DATE: 2012-01-05 DISCUSS ADVISORY: http://secunia.com/advisories/47448/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47448/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47448 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: High-Tech Bridge SA has discovered multiple vulnerabilities in ImpressCMS, which can be exploited by malicious people to conduct cross-site scripting attacks and by malicious users to compromise a vulnerable system. 1) Input passed via the URL to notifications.php (when "del_not" is set to "1" and "delete_ok is set within a POST request) is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Input passed via the URL to modules/system/admin/images/browser.php (when "imgcat_id" is set to e.g. "1", "op" is set to "listimg", "type" is set to "ibrow", and "target" is set) is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 3) Input passed via the URL to modules/content/admin/content.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 4) Input passed to the "icmsConfigPlugins[sanitizer_plugins][]" parameter in edituser.php is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources and execute arbitrary PHP code via e.g. a specially crafted image file with embedded PHP code. Successful exploitation of this vulnerability requires that the "Profile" module is disabled (enabled by default) and that "magic_quotes_gpc" is disabled. The vulnerabilities are confirmed in version 1.3 Final. Prior versions may also be affected. SOLUTION: Update to version 1.2.7 Final or 1.3.1 Final. PROVIDED AND/OR DISCOVERED BY: High-Tech Bridge SA ORIGINAL ADVISORY: HTB23064: https://www.htbridge.ch/advisory/multiple_vulnerabilities_in_impresscms.html ImpressCMS: http://community.impresscms.org/modules/smartsection/item.php?itemid=579 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 5 18:28:31 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 6 Jan 2012 03:28:31 +0100 Subject: [SEC] [SA47460] SUSE update for seamonkey Message-ID: <201201060228.q062SVCk022574@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: SUSE update for seamonkey SECUNIA ADVISORY ID: SA47460 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47460/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47460 RELEASE DATE: 2012-01-05 DISCUSS ADVISORY: http://secunia.com/advisories/47460/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47460/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47460 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for seamonkey. This fixes multiple vulnerabilities, where one has an unknown impact and others can be exploited by malicious people to disclose sensitive information and compromise a user's system. For more information: SA47302 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2012:0007-1: https://hermes.opensuse.org/messages/13154636 openSUSE-SU-2012:0039-1: https://hermes.opensuse.org/messages/13155295 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 5 18:50:06 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 6 Jan 2012 03:50:06 +0100 Subject: [SEC] [SA47435] spamdyke "STARTTLS" Plaintext Injection Vulnerability Message-ID: <201201060250.q062o6hn013117@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: spamdyke "STARTTLS" Plaintext Injection Vulnerability SECUNIA ADVISORY ID: SA47435 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47435/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47435 RELEASE DATE: 2012-01-05 DISCUSS ADVISORY: http://secunia.com/advisories/47435/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47435/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47435 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in spamdyke, which can be exploited by malicious people to manipulate certain data. The vulnerability is caused due to the TLS implementation not properly clearing transport layer buffers when upgrading from plaintext to ciphertext after receiving the "STARTTLS" command. This can be exploited to insert arbitrary plaintext data (e.g. SMTP commands) during the plaintext phase, which will then be executed after upgrading to the TLS ciphertext phase. The vulnerability is reported in versions prior to 4.2.1. SOLUTION: Update to version 4.2.1. PROVIDED AND/OR DISCOVERED BY: The vendor credits Eric Shubert. ORIGINAL ADVISORY: http://www.spamdyke.org/documentation/Changelog.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 5 19:20:28 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 6 Jan 2012 04:20:28 +0100 Subject: [SEC] [SA47385] Gentoo update for phpMyAdmin Message-ID: <201201060320.q063KSPW004585@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Gentoo update for phpMyAdmin SECUNIA ADVISORY ID: SA47385 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47385/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47385 RELEASE DATE: 2012-01-05 DISCUSS ADVISORY: http://secunia.com/advisories/47385/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47385/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47385 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gentoo has issued an update for phpMyAdmin. This fixes multiple security issues and vulnerabilities, which can be exploited by malicious users to disclose sensitive information, bypass certain security restrictions, conduct cross-site scripting attacks, manipulate certain data, potentially perform certain actions with escalated privileges, and compromise a vulnerable system and by malicious people to disclose potentially sensitive information, bypass certain security restrictions, conduct cross-site scripting and script insertion attacks, and compromise a vulnerable system. For more information: SA38211 SA41000 SA41058 SA41206 SA41210 SA43324 SA45139 SA45365 SA46431 SA46447 SA47338 SOLUTION: Update to version "dev-db/phpmyadmin-3.4.9" or later. ORIGINAL ADVISORY: GLSA 201201-01: http://www.gentoo.org/security/en/glsa/glsa-201201-01.xml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 5 19:49:11 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 6 Jan 2012 04:49:11 +0100 Subject: [SEC] [SA47423] SUSE update for openssl Message-ID: <201201060349.q063nB9i027875@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: SUSE update for openssl SECUNIA ADVISORY ID: SA47423 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47423/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47423 RELEASE DATE: 2012-01-05 DISCUSS ADVISORY: http://secunia.com/advisories/47423/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47423/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47423 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for openssl. This fixes two vulnerabilities, which can be exploited by malicious users to potentially compromise a vulnerable system and by malicious people to disclose potentially sensitive information or cause a DoS (Denial of Service). For more information: SA43227 SA47064 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: https://hermes.opensuse.org/messages/13154473 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 5 20:13:07 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 6 Jan 2012 05:13:07 +0100 Subject: [SEC] [SA47422] WordPress WPtouch Plugin Cross-Site Request Forgery Vulnerability Message-ID: <201201060413.q064D7E3018547@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: WordPress WPtouch Plugin Cross-Site Request Forgery Vulnerability SECUNIA ADVISORY ID: SA47422 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47422/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47422 RELEASE DATE: 2012-01-05 DISCUSS ADVISORY: http://secunia.com/advisories/47422/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47422/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47422 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Julio Potier has discovered a vulnerability in the WPtouch plugin for WordPress, which can be exploited by malicious people to conduct cross-site request forgery attacks. The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. delete files by tricking a logged in administrator into visiting a malicious web site. The vulnerability is confirmed in version 1.9.31. Prior versions may also be affected. SOLUTION: Update to version 1.9.32. PROVIDED AND/OR DISCOVERED BY: Julio Potier ORIGINAL ADVISORY: WPtouch: http://wordpress.org/extend/plugins/wptouch/changelog/ http://plugins.trac.wordpress.org/changeset/409622/wptouch Julio Potier: http://www.boiteaweb.fr/wptouch-free-v1-9-31-csrf-2979.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 5 20:48:17 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 6 Jan 2012 05:48:17 +0100 Subject: [SEC] [SA47438] Ubuntu update for linux-ti-omap4 Message-ID: <201201060448.q064mHRv009774@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Ubuntu update for linux-ti-omap4 SECUNIA ADVISORY ID: SA47438 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47438/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47438 RELEASE DATE: 2012-01-05 DISCUSS ADVISORY: http://secunia.com/advisories/47438/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47438/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47438 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for linux-ti-omap4. This fixes two weaknesses and a vulnerability, which can be exploited by malicious, local users to disclose potentially sensitive information and cause a DoS (Denial of Service). For more information: SA43576 SA45489 (#2) SA46803 (#2) SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1319-1: http://www.ubuntu.com/usn/usn-1319-1/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 5 21:14:14 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 6 Jan 2012 06:14:14 +0100 Subject: [SEC] [SA47446] Ubuntu update for ghostscript Message-ID: <201201060514.q065EErh000440@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Ubuntu update for ghostscript SECUNIA ADVISORY ID: SA47446 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47446/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47446 RELEASE DATE: 2012-01-05 DISCUSS ADVISORY: http://secunia.com/advisories/47446/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47446/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47446 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for ghostscript. This fixes multiple vulnerabilities, which can be exploited by malicious people to compromise a vulnerable system. For more information: SA25287 SA39753 SA47175 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1317-1: http://www.ubuntu.com/usn/usn-1317-1/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 5 21:48:15 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 6 Jan 2012 06:48:15 +0100 Subject: [SEC] [SA47389] Debian update for foomatic-filters Message-ID: <201201060548.q065mFZ0024085@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Debian update for foomatic-filters SECUNIA ADVISORY ID: SA47389 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47389/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47389 RELEASE DATE: 2012-01-05 DISCUSS ADVISORY: http://secunia.com/advisories/47389/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47389/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47389 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for foomatic-filters. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system. For more information: SA45196 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2380-1: http://www.debian.org/security/2012/dsa-2380 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 5 22:14:10 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 6 Jan 2012 07:14:10 +0100 Subject: [SEC] [SA47444] Limny URL Cross-Site Scripting Vulnerability Message-ID: <201201060614.q066EAgk014855@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Limny URL Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA47444 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47444/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47444 RELEASE DATE: 2012-01-05 DISCUSS ADVISORY: http://secunia.com/advisories/47444/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47444/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47444 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Zero Science Lab has discovered a vulnerability in Limny, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the URL to admin/login.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 3.0.1. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Gjoko Krstic, Zero Science Lab ORIGINAL ADVISORY: ZSL-2012-5066: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2012-5066.php OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 6 10:34:13 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 6 Jan 2012 19:34:13 +0100 Subject: [SEC] [SA47454] @Mail Webmail Client "Title" Script Insertion Vulnerability Message-ID: <201201061834.q06IYDYT009705@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: @Mail Webmail Client "Title" Script Insertion Vulnerability SECUNIA ADVISORY ID: SA47454 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47454/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47454 RELEASE DATE: 2012-01-06 DISCUSS ADVISORY: http://secunia.com/advisories/47454/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47454/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47454 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Vulnerability Research Laboratory has reported a vulnerability in @Mail Webmail Client, which can be exploited by malicious users to conduct script insertion attacks. Input passed via the "Title" parameter to index.php/mail/calendar/caldavglue when creating new events is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. The vulnerability is reported in version 6.30.4. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Vulnerability Research Laboratory. ORIGINAL ADVISORY: http://www.vulnerability-lab.com/get_content.php?id=375 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 6 11:34:32 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 6 Jan 2012 20:34:32 +0100 Subject: [SEC] [SA47469] VertrigoServ "ext" Cross-Site Scripting Vulnerability Message-ID: <201201061934.q06JYWal002152@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: VertrigoServ "ext" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA47469 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47469/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47469 RELEASE DATE: 2012-01-06 DISCUSS ADVISORY: http://secunia.com/advisories/47469/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47469/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47469 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Stefan Schurtz has discovered a vulnerability in VertrigoServ, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "ext" parameter to inc/extensions.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 2.25. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Stefan Schurtz, INFOSERVE. ORIGINAL ADVISORY: http://archives.neohapsis.com/archives/bugtraq/2012-01/0034.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 6 12:34:58 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 6 Jan 2012 21:34:58 +0100 Subject: [SEC] [SA47456] WordPress Pretty Link Lite Plugin "slug" Cross-Site Scripting Vulnerability Message-ID: <201201062034.q06KYwPx027118@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: WordPress Pretty Link Lite Plugin "slug" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA47456 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47456/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47456 RELEASE DATE: 2012-01-06 DISCUSS ADVISORY: http://secunia.com/advisories/47456/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47456/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47456 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in the Pretty Link Lite plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to the "slug" parameter in wp-content/plugins/pretty-link/pretty-bar.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. This vulnerability is confirmed in version 1.5.5. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: Pretty Link Lite: http://plugins.trac.wordpress.org/changeset/473693/pretty-link OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 6 13:33:13 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 6 Jan 2012 22:33:13 +0100 Subject: [SEC] [SA47470] Gelin's Guest Book Two Script Insertion Vulnerabilities Message-ID: <201201062133.q06LXDoS019533@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Gelin's Guest Book Two Script Insertion Vulnerabilities SECUNIA ADVISORY ID: SA47470 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47470/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47470 RELEASE DATE: 2012-01-06 DISCUSS ADVISORY: http://secunia.com/advisories/47470/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47470/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47470 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been discovered in Gelin's Guest Book, which can be exploited by malicious people to conduct script insertion attacks. Input passed to the "url" and "message" POST parameters to index.php (when "action" is set to "add-submit") is not properly sanitised before being used. This can be exploited to insert HTML and script code, which will be executed in a user's browser session in context of an affected site if malicious data is viewed. The vulnerabilities are confirmed in version 0.3.1. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: demonalex ORIGINAL ADVISORY: http://packetstormsecurity.org/files/108389/ggbguestbook-xss.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 6 14:40:51 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 6 Jan 2012 23:40:51 +0100 Subject: [SEC] [SA47465] Ubuntu update for ffmpeg Message-ID: <201201062240.q06Meplv012415@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Ubuntu update for ffmpeg SECUNIA ADVISORY ID: SA47465 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47465/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47465 RELEASE DATE: 2012-01-06 DISCUSS ADVISORY: http://secunia.com/advisories/47465/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47465/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47465 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for ffmpeg. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system. For more information: SA45532 (#2) SA46245 (#3) SA46888 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1320-1: http://www.ubuntu.com/usn/usn-1320-1 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 6 15:03:21 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 7 Jan 2012 00:03:21 +0100 Subject: [SEC] [SA47402] Gentoo update for mysql Message-ID: <201201062303.q06N3LMf002964@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Gentoo update for mysql SECUNIA ADVISORY ID: SA47402 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47402/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47402 RELEASE DATE: 2012-01-06 DISCUSS ADVISORY: http://secunia.com/advisories/47402/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47402/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47402 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gentoo has issued an update for mysql. This fixes multiple security issues and vulnerabilities, where one has unknown impacts and others can be exploited by malicious, local users to bypass certain security restrictions and manipulate certain data, by malicious users to bypass certain security restrictions, manipulate certain data, cause a DoS (Denial of Service), gain escalated privileges, and potentially compromise a vulnerable system, and by malicious people to conduct script insertion and spoofing attacks, cause a DoS (Denial of Service), and compromise a vulnerable system. For more information: SA30134 SA31769 SA32072 SA35767 SA37372 SA38364 SA38390 SA39454 SA39792 SA40333 SA41048 SA41716 SOLUTION: Update to version "dev-db/mysql-5.1.56" or later. ORIGINAL ADVISORY: GLSA 201201-02: http://security.gentoo.org/glsa/glsa-201201-02.xml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 6 15:59:57 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 7 Jan 2012 00:59:57 +0100 Subject: [SEC] [SA47449] Google Chrome Multiple Vulnerabilities Message-ID: <201201062359.q06Nxv78027620@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Google Chrome Multiple Vulnerabilities SECUNIA ADVISORY ID: SA47449 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47449/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47449 RELEASE DATE: 2012-01-06 DISCUSS ADVISORY: http://secunia.com/advisories/47449/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47449/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47449 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in Google Chrome, which potentially can be exploited by malicious people to compromise a user's system. 1) A use-after-free error exists within the handling of animation frames. 2) A boundary error within the "xmlStringLenDecodeEntities()" function (parser.c) of libxml2 can be exploited to cause a heap-based buffer overflow. 3) An error within the glyph handling can be exploited to cause a stack-based buffer overflow. SOLUTION: Update to version 16.0.912.75. PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1) Boris Zbarsky, Mozilla 2) J?ri Aedla 3) Google Chrome Security Team (Cris Neckar) ORIGINAL ADVISORY: http://googlechromereleases.blogspot.com/2012/01/stable-channel-update.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 6 16:30:55 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 7 Jan 2012 01:30:55 +0100 Subject: [SEC] [SA47383] FFmpeg Multiple Vulnerabilities Message-ID: <201201070030.q070UtmR018648@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: FFmpeg Multiple Vulnerabilities SECUNIA ADVISORY ID: SA47383 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47383/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47383 RELEASE DATE: 2012-01-06 DISCUSS ADVISORY: http://secunia.com/advisories/47383/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47383/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47383 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in FFmpeg, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system. 1) Errors when processing MKV and Vorbis files can be exploited to cause an out-of-bounds read. For more information see vulnerability #3 in: SA46815 2) An error when processing Vorbis files can be exploited to cause a heap-based buffer overflow. For more information see vulnerability #5 in: SA46815 3) An error within the "process_audio_header_eacs()" function (libavformat/electronicarts.c) can be exploited to cause a division by zero via e.g. specially crafted TGV files. 4) An error within the "ff_pnm_decode_header()" function (libavcodec/pnm.c) can be exploited to cause a division by zero via e.g. specially crafted PAM files. 5) An error within the "decode_band_types()" function (libavcodec/aacdec.c) can be exploited to cause an infinite loop via e.g. specially crafted of PCM files. 6) An error within the "load_ipmovie_packet()" function (libavformat/ipmovie.c) can be exploited to cause a division by zero via e.g. specially crafted MVE files. 7) An error within the "decode_slice_thread()" function (libavcodec/proresdec2.c) can be exploited to cause a crash due to an out-of-bounds read via e.g. specially crafted MOV files. 8) Errors within the "mpeg1_decode_sequence()" and "vcr2_init_sequence()" functions (libavcodec/mpeg12.c) can be exploited to cause a crash via e.g. specially crafted MPEG2 TS files. 9) A NULL-pointer dereference error within the "parse_bintree()" function (libavcodec/indeo3.c) can be exploited to cause a crash via e.g. specially crafted MOV files. 10) An error within the "get_ur_golomb_jpegls()" function (libavcodec/golomb.h) can be exploited to cause an infinite loop via e.g. specially crafted AVI files. 11) A NULL-pointer dereference error within the "ff_ivi_output_plane()" function (libavcodec/ivi_common.c) can be exploited to cause a crash via e.g. specially crafted media files using the INDEO5 codec. 12) Errors within the handling of MVE files can be exploited to cause a crash due to excessive memory consumption. 13) A NULL-pointer dereference error within the "tm2_read_stream()" function (libavcodec/truemotion2.c) can be exploited to cause a crash via e.g. specially crafted AVI files. 14) An error within the "avi_read_idx1()" function (libavformat/avidec.c) can be exploited to cause an infinite loop via e.g. specially crafted AVI files. 15) An error within the "adpcm_decode_frame()" function (libavcodec/adpcm.c) can be exploited to cause a crash via e.g. specially crafted WVE files. 16) An error within the "rl2_read_header()" function (libavformat/rl2.c) can be exploited to cause a crash due to a floating point exception. 17) A NULL-pointer dereference error within the "avpriv_mpeg4audio_get_config()" function (libavcodec/mpeg4audio.c) can be exploited to cause a crash. 18) An error within the "decodeTonalComponents()" function (libavcodec/atrac3.c) can be exploited to cause a crash. 19) An error within the "avi_read_header()" function (libavformat/avidec.c) can be exploited to cause a crash due to memory consumption via specially crafted AVI files. 20) An error within the "txd_read_header()" function (libavformat/txd.c) can be exploited to cause a crash due to memory consumption via specially crafted TXD files. 21) Errors within the processing of THP files can be exploited to cause a crash due to memory consumption. 22) An error within the "avi_read_packet()" function (libavformat/avidec.c) can be exploited to cause an infinite loop via specially crafted packages. 23) An integer overflow error within the "ff_j2k_dwt_init()" function (libavcodec/j2k_dwt.c) can be exploited to cause a heap-based buffer overflow. 24) An error within the "smacker_read_packet()" function (libavformat/smacker.c) can be exploited to cause a crash due to memory consumption via specially crafted SMK files. 25) An error within the "transcode_video()" function (ffmpeg.c) can be exploited to cause a crash via e.g. specially crafted VC1 files. 26) A boundary error within the "smka_decode_frame()" function (libavcodec/smacker.c) can be exploited to cause a crash due to out-of-bounds reads via specially crafted SMK files. 27) An error within the "ff_mov_read_stsd_entries()" function (libavformat/mov.c) can be exploited to cause an infinite loop via specially crafted MOV files. 28) An error when decoding JPEG files in lowres mode can be exploited to cause a crash via specially crafted JPEG files. 29) An error within the "sbr_qmf_synthesis()" function (libavcodec/aacsbr.c) can be exploited to cause a memory corruption via specially crafted media files. 30) An error within the "ff_h264_decode_seq_parameter_set()" function (libavcodec/h264_ps.c) can be exploited to cause a crash via e.g. specially crafted H264 files. 31) An error within the "mtv_read_header()" function (libavformat/mtv.c) can be exploited to cause a floating point exception via specially crafted MTV files. 32) Various other errors can be exploited to e.g. cause crashes due to NULL-pointer dereferences, out-of-bounds reads, floating point exceptions, integer overflows, excessive memory consumption and invalid memory frees or cause infinite loops via specially crafted media files. SOLUTION: Update to version 0.9.1. PROVIDED AND/OR DISCOVERED BY: 1, 2) Originally reported in Google Chrome by Aki Helin, OUSPG. 3, 5-15) Reported in a bug report by Oana Stratulat 4, 28) Reported in a bug report by ami_stuff 17) The vendor credits Gautam Gupta 18) cosmin 19-25, 27, 29, 30, 21) Diana Elena Muscalu 26) The vendor credits Shitiz Garg 32) Disclosed in GIT commits. ORIGINAL ADVISORY: http://ffmpeg.org/trac/ffmpeg/ticket/793 http://ffmpeg.org/trac/ffmpeg/ticket/837 http://ffmpeg.org/trac/ffmpeg/ticket/789 http://ffmpeg.org/trac/ffmpeg/ticket/807 http://ffmpeg.org/trac/ffmpeg/ticket/812 http://ffmpeg.org/trac/ffmpeg/ticket/809 http://ffmpeg.org/trac/ffmpeg/ticket/804 http://ffmpeg.org/trac/ffmpeg/ticket/806 http://ffmpeg.org/trac/ffmpeg/ticket/803 http://ffmpeg.org/trac/ffmpeg/ticket/801 http://ffmpeg.org/trac/ffmpeg/ticket/800 http://ffmpeg.org/trac/ffmpeg/ticket/794 http://ffmpeg.org/trac/ffmpeg/ticket/788 http://ffmpeg.org/trac/ffmpeg/ticket/780 http://ffmpeg.org/trac/ffmpeg/ticket/771 http://ffmpeg.org/trac/ffmpeg/ticket/772 http://ffmpeg.org/trac/ffmpeg/ticket/774 http://ffmpeg.org/trac/ffmpeg/ticket/775 http://ffmpeg.org/trac/ffmpeg/ticket/776 http://ffmpeg.org/trac/ffmpeg/ticket/777 http://ffmpeg.org/trac/ffmpeg/ticket/770 http://ffmpeg.org/trac/ffmpeg/ticket/768 http://ffmpeg.org/trac/ffmpeg/ticket/754 http://ffmpeg.org/trac/ffmpeg/ticket/760 http://ffmpeg.org/trac/ffmpeg/ticket/761 http://ffmpeg.org/trac/ffmpeg/ticket/758 http://ffmpeg.org/trac/ffmpeg/ticket/755 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 6 16:49:51 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 7 Jan 2012 01:49:51 +0100 Subject: [SEC] [SA47418] Drupal Fill PDF Module Security Bypass and Code Execution Vulnerabilities Message-ID: <201201070049.q070npJw009041@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Drupal Fill PDF Module Security Bypass and Code Execution Vulnerabilities SECUNIA ADVISORY ID: SA47418 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47418/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47418 RELEASE DATE: 2012-01-05 DISCUSS ADVISORY: http://secunia.com/advisories/47418/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47418/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47418 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in the Fill PDF module for Drupal, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to bypass certain security restrictions. 1) An error due to a missing argument in the "fillpdf_merge_pdf()" function in fillpdf.module can be exploited to bypass the authorization mechanism via a specially crafted web request. This vulnerability is reported in versions prior to 7.x-1.2. 2) Input passed via imported templates is not properly sanitised in the "fillpdf_form_export_decode()" function in fillpdf.admin.inc before being used in an "eval()" call. This can be exploited to execute arbitrary PHP code. Successful exploitation of this vulnerability requires the "administer PDFs" permission. This vulnerability is reported in versions prior to 6.x-1.16 and versions prior to 7.x-1.2. SOLUTION: Update to a fixed version. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1) Christian Johansson 2) Liam Morland ORIGINAL ADVISORY: SA-CONTRIB-2012-003: http://drupal.org/node/1394428 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 6 17:16:43 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 7 Jan 2012 02:16:43 +0100 Subject: [SEC] [SA47398] Orchard "ReturnURL" Redirection Weakness Message-ID: <201201070116.q071GhQh032252@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Orchard "ReturnURL" Redirection Weakness SECUNIA ADVISORY ID: SA47398 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47398/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47398 RELEASE DATE: 2012-01-05 DISCUSS ADVISORY: http://secunia.com/advisories/47398/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47398/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47398 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Mavituna Security has reported a weakness in Orchard, which can be exploited by malicious people to conduct spoofing attacks. Input passed via the "ReturnURL" parameter to Users/Account/LogOff is not properly verified before being used to redirect users. This can be exploited to redirect a user to an arbitrary website e.g. when a user clicks a specially crafted link to the affected script hosted on a trusted domain. The weakness is reported in versions 1.0.x prior to 1.0.21, 1.1.x prior to 1.1.31, 1.2.x prior to 1.2.42, and 1.3.x prior to 1.3.10. SOLUTION: Update to version 1.0.21, 1.1.31, 1.2.42, or 1.3.10. PROVIDED AND/OR DISCOVERED BY: Mavituna Security ORIGINAL ADVISORY: Orchard: http://orchard.codeplex.com/discussions/283667 NS-12-002: http://www.mavitunasecurity.com/open-redirection-vulnerability-in-orchard/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 6 17:49:49 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 7 Jan 2012 02:49:49 +0100 Subject: [SEC] [SA47453] Drupal Lingotek Module Script Insertion Vulnerability Message-ID: <201201070149.q071nn31023379@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Drupal Lingotek Module Script Insertion Vulnerability SECUNIA ADVISORY ID: SA47453 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47453/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47453 RELEASE DATE: 2012-01-05 DISCUSS ADVISORY: http://secunia.com/advisories/47453/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47453/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47453 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the Lingotek module for Drupal, which can be exploited by malicious users to conduct script insertion attacks. Input passed via a webform when creating or editing page content is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. Successful exploitation requires permission to edit or create node content. The vulnerability is reported in versions prior to 6.x-1.40. SOLUTION: Update to version 6.x-1.40: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Ezra Barnett Gildesgame. ORIGINAL ADVISORY: SA-CONTRIB-2012-002: http://drupal.org/node/1394220 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 6 18:14:57 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 7 Jan 2012 03:14:57 +0100 Subject: [SEC] [SA47452] UBB.threads "Loginname" Cross-Site Scripting Vulnerability Message-ID: <201201070214.q072EvLQ014104@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: UBB.threads "Loginname" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA47452 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47452/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47452 RELEASE DATE: 2012-01-05 DISCUSS ADVISORY: http://secunia.com/advisories/47452/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47452/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47452 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in UBB.threads, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to the "Loginname" POST parameter in forums/ubbthreads.php (when "ubb" is set to "start_page" and "buttforgot" is set) is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is reported in version 7.5.6. Other versions may also be affected. SOLUTION: Filter malicious characters and character sequences using a proxy. PROVIDED AND/OR DISCOVERED BY: Sony ORIGINAL ADVISORY: http://st2tea.blogspot.com/2012/01/ubb-forum756-cross-site-scripting.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 6 18:49:48 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 7 Jan 2012 03:49:48 +0100 Subject: [SEC] [SA47443] Drupal Registration Codes Module Information Disclosure Vulnerability Message-ID: <201201070249.q072nmnc005314@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Drupal Registration Codes Module Information Disclosure Vulnerability SECUNIA ADVISORY ID: SA47443 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47443/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47443 RELEASE DATE: 2012-01-05 DISCUSS ADVISORY: http://secunia.com/advisories/47443/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47443/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47443 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the Registration Codes module for Drupal, which can be exploited by malicious people to disclose sensitive information. The vulnerability is caused due to the module not restricting access to the registration code list. This can be exploited to view the registration code list. The vulnerability is reported in versions prior to 6.x-2.4. SOLUTION: Update to 6.x-2.4: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Thomas Bonte (toemaz). ORIGINAL ADVISORY: SA-CONTRIB-2012-001: http://drupal.org/node/1394172 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 6 19:19:40 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 7 Jan 2012 04:19:40 +0100 Subject: [SEC] [SA47392] Debian update for krb5 Message-ID: <201201070319.q073JeJ0029134@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Debian update for krb5 SECUNIA ADVISORY ID: SA47392 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47392/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47392 RELEASE DATE: 2012-01-05 DISCUSS ADVISORY: http://secunia.com/advisories/47392/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47392/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47392 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for krb5. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information see vulnerabilities #2 and #3 in: SA46494 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2379-1: http://www.debian.org/security/2012/dsa-2379 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 6 19:50:46 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 7 Jan 2012 04:50:46 +0100 Subject: [SEC] [SA47426] OpenSSL Multiple Vulnerabilities Message-ID: <201201070350.q073okQE020156@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: OpenSSL Multiple Vulnerabilities SECUNIA ADVISORY ID: SA47426 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47426/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47426 RELEASE DATE: 2012-01-05 DISCUSS ADVISORY: http://secunia.com/advisories/47426/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47426/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47426 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in OpenSSL, which can be exploited by malicious people to disclose potentially sensitive information, cause a DoS (Denial of Service), and potentially compromise an application using the library. 1) The CBC mode encryption of Datagram Transport Layer Security (DTLS) exposes timing differences during the decryption process, which can be exploited to recover the plaintext via a Vaudenay padding oracle attack extension. 2) A double-free error exists within the policy checks if X509_V_FLAG_POLICY_CHECK is used. Note: This vulnerability does not affect version 1.0.0 and later. 3) The library does not properly clear the block cipher padding in SSL 3.0 records, which may lead to 15 bytes of uninitialised memory containing potentially sensitive information being encrypted and sent to the SSL peer. 4) An error within the handling of malformed RFC 3779 data in certificates can be exploited to cause assertion errors. Successful exploitation of this vulnerability requires that OpenSSL is configured with "enable-rfc3779" (disabled by default). 5) An error within the handshake restart handling for Server Gated Cryptograpy (SGC) can be exploited to cause a DoS. 6) An error within the GOST ENGINE when processing invalid GOST parameters can be exploited by a TLS client to cause a crash the server by sending specially crafted GOST parameters. SOLUTION: Update to version 0.9.8s or 1.0.0f. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: 1) Nadhem Alfardan and Kenny Paterson, Information Security Group at Royal Holloway, University of London The vendor credits: 2) Ben Laurie 3, 5) Adam Langley 4) Andrew Chi, BBN Technologies 6) Andrey Kulikov ORIGINAL ADVISORY: OpenSSL Security Advisory [04 Jan 2012]: http://openssl.org/news/secadv_20120104.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 9 10:58:10 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 9 Jan 2012 19:58:10 +0100 Subject: [SEC] [SA47430] Debian update for super Message-ID: <201201091858.q09IwAFx029411@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Debian update for super SECUNIA ADVISORY ID: SA47430 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47430/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47430 RELEASE DATE: 2012-01-09 DISCUSS ADVISORY: http://secunia.com/advisories/47430/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47430/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47430 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for super. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges. For more information: SA47514 SOLUTION: Apply updated packages via the apt-get package manager. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: DSA-2383-1: http://www.us.debian.org/security/2012/dsa-2383 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 9 10:58:12 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 9 Jan 2012 19:58:12 +0100 Subject: [SEC] [SA47474] ClipBucket Cross-Site Scripting and SQL Injection Vulnerabilities Message-ID: <201201091858.q09IwCJq029451@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: ClipBucket Cross-Site Scripting and SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA47474 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47474/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47474 RELEASE DATE: 2012-01-09 DISCUSS ADVISORY: http://secunia.com/advisories/47474/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47474/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47474 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been discovered in ClipBucket, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks. 1) Input passed via various parameters to multiple scripts is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Examples: http://[host]/channels.php?cat=[script] http://[host]/collections.php?cat=[script] http://[host]/groups.php?cat=[script] http://[host]/search_result.php?query=[script] http://[host]/videos.php?cat=[script] 2) Input passed via the "type" parameter to e.g. view_collection.php, view_channel.php, or view_item.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 3) Input passed via the "time" parameter to videos.php or channels.php is not properly sanitised in the "update_counter()" function in includes/functions.php before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerabilities are confirmed in version 2.6-r738. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: YaDoY666 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 9 11:49:34 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 9 Jan 2012 20:49:34 +0100 Subject: [SEC] [SA47396] OpenTTD Pause On Join Denial Of Service Vulnerability Message-ID: <201201091949.q09JnYHn021884@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: OpenTTD Pause On Join Denial Of Service Vulnerability SECUNIA ADVISORY ID: SA47396 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47396/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47396 RELEASE DATE: 2012-01-09 DISCUSS ADVISORY: http://secunia.com/advisories/47396/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47396/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47396 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in OpenTTD, which can be exploited by malicious users to cause a DoS (Denial of Service). The vulnerability is caused due to an error within the implementation of the "pause on join" feature when handling connection requests for new users. This can be exploited to consume certain resources by reading the response very slowly and preventing the subsequent users from connecting to the game. Successful exploitation requires that "pause on join" is enabled. The vulnerability is reported in versions 1.1.4 and prior. SOLUTION: Fixed in the VCS repository. Update to version 1.1.5 when available. PROVIDED AND/OR DISCOVERED BY: Reported in a forum post. ORIGINAL ADVISORY: http://www.tt-forums.net/viewtopic.php?f=33&t=58073&hilit=pause#p989303 http://www.openwall.com/lists/oss-security/2012/01/07/2 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 9 12:32:23 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 9 Jan 2012 21:32:23 +0100 Subject: [SEC] [SA47475] WordPress Pay With Tweet Plugin Multiple Vulnerabilities Message-ID: <201201092032.q09KWNnd013514@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: WordPress Pay With Tweet Plugin Multiple Vulnerabilities SECUNIA ADVISORY ID: SA47475 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47475/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47475 RELEASE DATE: 2012-01-09 DISCUSS ADVISORY: http://secunia.com/advisories/47475/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47475/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47475 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been discovered in the Pay With Tweet plugin for WordPress, which can be exploited by malicious users to conduct SQL injection attacks and by malicious people to conduct cross-site scripting attacks. 1) Input passed to the "id" attribute to a "paywithtweet" shortcode is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation requires access rights to modify pages. 2) Input passed to the "link", "title", and "dl" parameters in wp-content/plugins/pay-with-tweet.php/pay.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Successful exploitation requires the victim to be logged into a twitter account. The vulnerabilities are confirmed in version 1.1. Prior versions may also be affected. SOLUTION: Update to version 1.2. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. Additional details provided by Gianluca Brindisi. ORIGINAL ADVISORY: Pay With Tweet: http://wordpress.org/extend/plugins/pay-with-tweet/changelog/ Gianluca Brindisi: http://www.exploit-db.com/exploits/18330/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 9 13:33:38 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 9 Jan 2012 22:33:38 +0100 Subject: [SEC] [SA47464] IBM Java Multiple Vulnerabilities Message-ID: <201201092133.q09LXc5q006087@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: IBM Java Multiple Vulnerabilities SECUNIA ADVISORY ID: SA47464 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47464/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47464 RELEASE DATE: 2012-01-09 DISCUSS ADVISORY: http://secunia.com/advisories/47464/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47464/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47464 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: IBM has acknowledged multiple vulnerabilities in IBM Java, which can be exploited by malicious users to disclose certain information and by malicious people to disclose potentially sensitive information, hijack a user's session, conduct DNS cache poisoning attacks, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system. For more information: SA46512 SOLUTION: Update to version 1.4.2 SR13-FP11 or 6.0.0 SR10. ORIGINAL ADVISORY: http://www.ibm.com/developerworks/java/jdk/alerts/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 9 14:25:43 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 9 Jan 2012 23:25:43 +0100 Subject: [SEC] [SA47514] super "Error()" Buffer Overflow Vulnerability Message-ID: <201201092225.q09MPhq1030586@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: super "Error()" Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA47514 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47514/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47514 RELEASE DATE: 2012-01-09 DISCUSS ADVISORY: http://secunia.com/advisories/47514/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47514/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47514 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in super, which can be exploited by malicious, local users to gain escalated privileges. The vulnerability is caused due to a boundary error within the "Error()" function (error.c), which can be exploited to cause a stack-based buffer overflow via overly long command line parameters. The vulnerability is confirmed in version 3.30.0. Other versions may also be affected. SOLUTION: Restrict access to trusted users only. PROVIDED AND/OR DISCOVERED BY: Debian credits Robert Luberda. ORIGINAL ADVISORY: DSA-2383-1: http://www.debian.org/security/2012/dsa-2383 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 9 14:47:23 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 9 Jan 2012 23:47:23 +0100 Subject: [SEC] [SA47451] Debian update for ecryptfs-utils Message-ID: <201201092247.q09MlNJ6021130@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Debian update for ecryptfs-utils SECUNIA ADVISORY ID: SA47451 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47451/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47451 RELEASE DATE: 2012-01-09 DISCUSS ADVISORY: http://secunia.com/advisories/47451/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47451/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47451 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for ecryptfs-utils. This fixes multiple security issues, which can be exploited by malicious, local users to manipulate certain data, cause a DoS (Denial of Service), and potentially gain escalated privileges. For more information: SA45563 SA45747 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2382-1: http://www.debian.org/security/2012/dsa-2382 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 9 15:12:12 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 10 Jan 2012 00:12:12 +0100 Subject: [SEC] [SA47457] HP LaserJet P3015 Unspecified Security Bypass Vulnerability Message-ID: <201201092312.q09NCCIt011865@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: HP LaserJet P3015 Unspecified Security Bypass Vulnerability SECUNIA ADVISORY ID: SA47457 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47457/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47457 RELEASE DATE: 2012-01-09 DISCUSS ADVISORY: http://secunia.com/advisories/47457/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47457/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47457 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in HP LaserJet P3015, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused due to an unspecified error and can be exploited to gain access to certain files. The vulnerability is reported in versions prior to 07.080.3. SOLUTION: Update to version 07.080.3. PROVIDED AND/OR DISCOVERED BY: The vendor credits Digital Defense, Inc. Vulnerability Research Team ORIGINAL ADVISORY: HPSBPI02733 SSRT100646: http://h20565.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c03140700 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 9 15:48:15 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 10 Jan 2012 00:48:15 +0100 Subject: [SEC] [SA47445] Gentoo update for chromium and v8 Message-ID: <201201092348.q09NmFSg003102@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Gentoo update for chromium and v8 SECUNIA ADVISORY ID: SA47445 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47445/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47445 RELEASE DATE: 2012-01-09 DISCUSS ADVISORY: http://secunia.com/advisories/47445/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47445/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47445 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gentoo has issued an update for chromium and v8. This fixes multiple vulnerabilities, which can be exploited by malicious people to conduct spoofing attacks, disclose potentially sensitive information, and compromise a user's system. For more information: SA47231 SA47449 SOLUTION: Update to "www-client/chromium-16.0.912.75" or later and "dev-lang/v8-3.6.6.11" or later. ORIGINAL ADVISORY: GLSA 201201-03: http://security.gentoo.org/glsa/glsa-201201-03.xml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 9 16:12:43 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 10 Jan 2012 01:12:43 +0100 Subject: [SEC] [SA47487] IBM Cognos TM1 Executive Viewer Two Cross-Site Scripting Vulnerabilities Message-ID: <201201100012.q0A0ChhK026237@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: IBM Cognos TM1 Executive Viewer Two Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA47487 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47487/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47487 RELEASE DATE: 2012-01-09 DISCUSS ADVISORY: http://secunia.com/advisories/47487/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47487/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47487 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in IBM Cognos TM1 Executive Viewer, which can be exploited by malicious people to conduct cross-site scripting attacks. 1) Certain unspecified input passed to evserver/createcontrol.js is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Certain unspecified input passed to aspnet_client/ is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerabilities are reported in version 9.4. SOLUTION: Update to version 9.5 Fix Pack 1. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.ibm.com/support/docview.wss?uid=swg1PM26682 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 9 16:46:58 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 10 Jan 2012 01:46:58 +0100 Subject: [SEC] [SA47459] Debian update for squid3 Message-ID: <201201100046.q0A0kwV2017446@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Debian update for squid3 SECUNIA ADVISORY ID: SA47459 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47459/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47459 RELEASE DATE: 2012-01-09 DISCUSS ADVISORY: http://secunia.com/advisories/47459/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47459/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47459 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for squid3. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA46609 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2381-1: http://www.debian.org/security/2012/dsa-2381 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 9 17:14:27 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 10 Jan 2012 02:14:27 +0100 Subject: [SEC] [SA47387] ZNC "bouncedcc" Module Denial of Service Vulnerability Message-ID: <201201100114.q0A1EREf008295@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: ZNC "bouncedcc" Module Denial of Service Vulnerability SECUNIA ADVISORY ID: SA47387 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47387/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47387 RELEASE DATE: 2012-01-09 DISCUSS ADVISORY: http://secunia.com/advisories/47387/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47387/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47387 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in ZNC, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error within the "CBounceDCCMod::OnPrivCTCP()" function (modules/bouncedcc.cpp) of the "bouncedcc" module, which can be exploited to cause a crash by sending specially crafted DCC commands to a vulnerable server. The vulnerability is confirmed in version 0.202. Other versions may also be affected. SOLUTION: Fixed in the GIT repository. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: The vendor credits howeyc. ORIGINAL ADVISORY: https://github.com/znc/znc/commit/11508aa72efab4fad0dbd8292b9614d9371b20a9#modules/bouncedcc.cpp OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 9 17:47:16 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 10 Jan 2012 02:47:16 +0100 Subject: [SEC] [SA47505] GnuTLS DTLS CBC Mode Plaintext Recovery Vulnerability Message-ID: <201201100147.q0A1lGed031808@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: GnuTLS DTLS CBC Mode Plaintext Recovery Vulnerability SECUNIA ADVISORY ID: SA47505 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47505/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47505 RELEASE DATE: 2012-01-09 DISCUSS ADVISORY: http://secunia.com/advisories/47505/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47505/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47505 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in GnuTLS, which can be exploited by malicious people to disclose potentially sensitive information. The vulnerability is caused due to the CBC mode encryption of the Datagram Transport Layer Security (DTLS) implementation exposing timing differences, which can be exploited to recover parts of the plaintext via a timing attack. The vulnerability is reported in versions prior to 3.0.11. SOLUTION: Update to version 3.0.11. PROVIDED AND/OR DISCOVERED BY: Nadhem Alfardan and Kenny Paterson. ORIGINAL ADVISORY: http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/5657 GNUTLS-SA-2012-1: http://www.gnu.org/software/gnutls/security.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 9 18:12:23 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 10 Jan 2012 03:12:23 +0100 Subject: [SEC] [SA47504] Ubuntu update for firefox Message-ID: <201201100212.q0A2CNpK022544@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Ubuntu update for firefox SECUNIA ADVISORY ID: SA47504 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47504/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47504 RELEASE DATE: 2012-01-09 DISCUSS ADVISORY: http://secunia.com/advisories/47504/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47504/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47504 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for firefox. This fixes multiple vulnerabilities, where one has an unknown impact and others can be exploited by malicious people to disclose sensitive information and compromise a user's system. For more information: SA47302 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1306-1: http://www.ubuntu.com/usn/usn-1306-1/ USN-1306-2: http://www.ubuntu.com/usn/usn-1306-2/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 9 18:46:55 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 10 Jan 2012 03:46:55 +0100 Subject: [SEC] [SA47468] MangosWeb Enhanced "login" SQL Injection Vulnerability Message-ID: <201201100246.q0A2ktvH013762@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: MangosWeb Enhanced "login" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA47468 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47468/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47468 RELEASE DATE: 2012-01-09 DISCUSS ADVISORY: http://secunia.com/advisories/47468/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47468/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47468 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in MangosWeb Enhanced, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "login" POST parameter to mangos/index.php (when "p" is set to "account", "sub" is set to "login", and "action" is set to "login") is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation requires that "magic_quotes_gpc" is disabled. The vulnerability is confirmed in version 3.0.3. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Hood3dRob1n ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/18335/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 10 10:32:53 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 10 Jan 2012 19:32:53 +0100 Subject: [SEC] [SA47498] Mambo configuration.php SQL Password Disclosure Security Issue Message-ID: <201201101832.q0AIWrGm019638@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Mambo configuration.php SQL Password Disclosure Security Issue SECUNIA ADVISORY ID: SA47498 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47498/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47498 RELEASE DATE: 2012-01-10 DISCUSS ADVISORY: http://secunia.com/advisories/47498/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47498/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47498 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been discovered in Mambo, which can be exploited by malicious, local users to disclose certain sensitive information. The security issue is caused due to the password for a SQL user being stored in plain text in the world-readable file configuration.php within the installation directory. The security issue is confirmed in version 4.6.5. Other version may also be affected. SOLUTION: Restrict access to the configuration.php file. PROVIDED AND/OR DISCOVERED BY: Larry W. Cashdollar ORIGINAL ADVISORY: http://packetstormsecurity.org/files/108462/mambocms465-permdosdisclose.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 10 11:32:30 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 10 Jan 2012 20:32:30 +0100 Subject: [SEC] [SA47479] Microsoft Windows Client/Server Run-time Subsystem Privilege Escalation Message-ID: <201201101932.q0AJWUBS012141@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Microsoft Windows Client/Server Run-time Subsystem Privilege Escalation SECUNIA ADVISORY ID: SA47479 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47479/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47479 RELEASE DATE: 2012-01-10 DISCUSS ADVISORY: http://secunia.com/advisories/47479/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47479/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47479 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious, local users to gain escalated privileges. The vulnerability is caused due to an error in the client/server run-time subsystem when processing specially crafted sequences of Unicode characters. Successful exploitation allows execution of arbitrary code with LocalSystem privileges, but requires that the system is configured with a Chinese, Japanese, or Korean system locale. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Kang Wu, Shenzhen Jowto Research Dep. ORIGINAL ADVISORY: MS12-003 (KB2646524): http://technet.microsoft.com/en-us/security/bulletin/ms12-003 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 10 12:32:10 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 10 Jan 2012 21:32:10 +0100 Subject: [SEC] [SA47480] Microsoft Windows Embedded ClickOnce Application Vulnerability Message-ID: <201201102032.q0AKWALm004621@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Microsoft Windows Embedded ClickOnce Application Vulnerability SECUNIA ADVISORY ID: SA47480 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47480/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47480 RELEASE DATE: 2012-01-10 DISCUSS ADVISORY: http://secunia.com/advisories/47480/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47480/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47480 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system. The vulnerability is cause due to the Windows Packager not restricting ClickOnce application files from being embedded into Microsoft Office documents. Successful exploitation allows execution of arbitrary code, but requires that Microsoft Office is installed. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: The vendor credits an anonymous person via SecuriTeam Secure Disclosure. ORIGINAL ADVISORY: MS12-005 (KB2584146): http://technet.microsoft.com/en-us/security/bulletin/ms12-005 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 10 13:38:52 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 10 Jan 2012 22:38:52 +0100 Subject: [SEC] [SA47516] Microsoft AntiXSS Library Escaped CSS Content Parsing Bypass Weakness Message-ID: <201201102138.q0ALcqOP029873@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Microsoft AntiXSS Library Escaped CSS Content Parsing Bypass Weakness SECUNIA ADVISORY ID: SA47516 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47516/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47516 RELEASE DATE: 2012-01-10 DISCUSS ADVISORY: http://secunia.com/advisories/47516/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47516/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47516 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A weakness has been reported in Microsoft AntiXSS Library, which can be exploited by malicious people to bypass certain security restrictions. For more information: SA47483 SOLUTION: Upgrade to version 4.2. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Adi Cohen, IBM Rational Application Security. ORIGINAL ADVISORY: MS12-007 (KB2607664): http://technet.microsoft.com/en-us/security/bulletin/ms12-007 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 10 14:26:38 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 10 Jan 2012 23:26:38 +0100 Subject: [SEC] [SA47356] Microsoft Windows SafeSEH Bypass Weakness Message-ID: <201201102226.q0AMQciD021764@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Microsoft Windows SafeSEH Bypass Weakness SECUNIA ADVISORY ID: SA47356 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47356/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47356 RELEASE DATE: 2012-01-10 DISCUSS ADVISORY: http://secunia.com/advisories/47356/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47356/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47356 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A weakness has been reported in Microsoft Windows, which can be exploited by malicious people to bypass certain security features. The weakness is caused due an error in the way the kernel (ntdll.dll) loads structured exception handling tables and allows bypassing the SafeSEH security mechanism. This facilitates easier exploitation of other vulnerabilities in affected applications to execute code. NOTE: The weakness only affects applications compiled using Microsoft Visual C++ .NET 2003. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Joshua J. Drake, VeriSign iDefense Labs. ORIGINAL ADVISORY: MS12-001 (KB2644615): http://technet.microsoft.com/en-us/security/bulletin/ms12-001 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 10 14:49:06 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 10 Jan 2012 23:49:06 +0100 Subject: [SEC] [SA47492] SumatraPDF "fz_crash_abort()" Arbitrary NULL Byte Write Vulnerability Message-ID: <201201102249.q0AMn6kb012339@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: SumatraPDF "fz_crash_abort()" Arbitrary NULL Byte Write Vulnerability SECUNIA ADVISORY ID: SA47492 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47492/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47492 RELEASE DATE: 2012-01-10 DISCUSS ADVISORY: http://secunia.com/advisories/47492/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47492/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47492 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Luigi Auriemma has discovered a vulnerability in SumatraPDF, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused due to the "fz_crash_abort()" function trying to write a NULL byte to an address that can be controlled by the attacker. This can be exploited to corrupt memory by e.g. tricking a user into opening a specially crafted PDF file. The vulnerability is confirmed in version 1.9. Other versions may also be affected. SOLUTION: Fixed in the GIT repository. PROVIDED AND/OR DISCOVERED BY: Luigi Auriemma ORIGINAL ADVISORY: http://aluigi.altervista.org/adv/sumatrapdf_1-adv.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 10 15:12:41 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 11 Jan 2012 00:12:41 +0100 Subject: [SEC] [SA47461] razorCMS File and Directory Access Security Bypass Message-ID: <201201102312.q0ANCfSe002976@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: razorCMS File and Directory Access Security Bypass SECUNIA ADVISORY ID: SA47461 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47461/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47461 RELEASE DATE: 2012-01-10 DISCUSS ADVISORY: http://secunia.com/advisories/47461/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47461/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47461 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in razorCMS, which can be exploited by malicious users to bypass certain security restrictions. The application does not properly verify access to certain directories and files. This can be exploited to disclose and modify access restricted files within the e.g. backup folder by creating and deleting a directory or providing certain input to the "dir" parameter (when "action" is set to e.g. "filemanview"). The vulnerability is confirmed in version 1.2 STABLE. Prior versions may also be affected. SOLUTION: Update to version 1.2.1 STABLE. PROVIDED AND/OR DISCOVERED BY: chap0 ORIGINAL ADVISORY: chap0: http://www.exploit-db.com/exploits/18344/ razorCMS: http://www.razorcms.co.uk/core-system.htm OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 10 15:50:55 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 11 Jan 2012 00:50:55 +0100 Subject: [SEC] [SA47485] Microsoft Windows Media Two Vulnerabilities Message-ID: <201201102350.q0ANotc6026809@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Microsoft Windows Media Two Vulnerabilities SECUNIA ADVISORY ID: SA47485 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47485/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47485 RELEASE DATE: 2012-01-10 DISCUSS ADVISORY: http://secunia.com/advisories/47485/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47485/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47485 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system. 1) An unspecified error in the Windows multimedia library (winmm.dll) when parsing MIDI files can be exploited via a specially crafted file opened in Windows Media Player. Successful exploitation of this vulnerability allows execution of arbitrary code in context of the Network service. 2) An unspecified error exists in the Line21 DirectShow filter (Quartz.dll and Qdvd.dll) when parsing specially crafted media files. Successful exploitation of this vulnerability allows execution of arbitrary code in context of the current user. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: 1) The vendor credits Shane Garrett, IBM Security System's X-Force Research. 2) The vendor credits Neel Mehta, Google Inc. ORIGINAL ADVISORY: MS12-004 (KB2598479, KB2628259, KB2628642, KB2631813, KB2636391): http://technet.microsoft.com/en-us/security/bulletin/ms12-004 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 10 16:15:36 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 11 Jan 2012 01:15:36 +0100 Subject: [SEC] [SA46748] X3 CMS Two Cross-Site Scripting Vulnerabilities Message-ID: <201201110015.q0B0FaBZ017526@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: X3 CMS Two Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA46748 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46748/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46748 RELEASE DATE: 2012-01-10 DISCUSS ADVISORY: http://secunia.com/advisories/46748/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46748/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46748 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Stefan Schurtz has discovered two vulnerabilities in X3 CMS, which can be exploited by malicious people to conduct cross-site scripting attacks. 1) Input passed via the URL to admin/login is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Successful exploitation requires that the victim uses a browser that does not URL-encode the request (e.g. Internet Explorer 6). 2) Input passed via the "username" and "password" POST parameters to admin/login (when e.g. other POST parameters are not set) is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerabilities are confirmed in version 0.4.3.1-STABLE. Other versions may also be affected. SOLUTION: Vulnerability #2 is fixed within the Bazaar repository. Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Stefan Schurtz, INFOSERVE via Secunia. ORIGINAL ADVISORY: X3 CMS: http://www.x3cms.net/en/news/article/dae363948eb4b27f8b02a84ca054c3fc/release_0.4.3.1 http://x3cms.bzr.sourceforge.net/bzr/x3cms/revision/977 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 10 16:48:46 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 11 Jan 2012 01:48:46 +0100 Subject: [SEC] [SA47455] Debian update for cacti Message-ID: <201201110048.q0B0mkF1008657@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Debian update for cacti SECUNIA ADVISORY ID: SA47455 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47455/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47455 RELEASE DATE: 2012-01-10 DISCUSS ADVISORY: http://secunia.com/advisories/47455/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47455/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47455 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for cacti. This fixes multiple vulnerabilities, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to conduct cross-site scripting and SQL injection attacks. For more information: SA39570 SA44133 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2384-1: http://www.debian.org/security/2012/dsa-2384 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 10 17:15:24 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 11 Jan 2012 02:15:24 +0100 Subject: [SEC] [SA47466] dl Download Ticket Service Internal Authentication Security Bypass Vulnerability Message-ID: <201201110115.q0B1FOT4031861@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: dl Download Ticket Service Internal Authentication Security Bypass Vulnerability SECUNIA ADVISORY ID: SA47466 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47466/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47466 RELEASE DATE: 2012-01-10 DISCUSS ADVISORY: http://secunia.com/advisories/47466/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47466/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47466 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in dl Download Ticket Service, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused due to an error in the internal authentication mechanism and can be exploited to login as an arbitrary user by supplying an authorisation header. The vulnerability is reported in versions 0.3 through 0.9. SOLUTION: Update to version 0.9.1. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.thregr.org/~wavexx/software/dl/NEWS.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 10 17:46:57 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 11 Jan 2012 02:46:57 +0100 Subject: [SEC] [SA47476] Red Hat update for java-1.4.2-ibm Message-ID: <201201110146.q0B1kvxq022923@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Red Hat update for java-1.4.2-ibm SECUNIA ADVISORY ID: SA47476 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47476/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47476 RELEASE DATE: 2012-01-10 DISCUSS ADVISORY: http://secunia.com/advisories/47476/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47476/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47476 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for java-1.4.2-ibm. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, hijack a user's session, conduct DNS cache poisoning attacks, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system. For more information: SA47464 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2012:0006-01: https://rhn.redhat.com/errata/RHSA-2012-0006.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 10 18:12:49 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 11 Jan 2012 03:12:49 +0100 Subject: [SEC] [SA47483] Microsoft AntiXSS Library Escaped CSS Content Parsing Bypass Weakness Message-ID: <201201110212.q0B2CnUh013687@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Microsoft AntiXSS Library Escaped CSS Content Parsing Bypass Weakness SECUNIA ADVISORY ID: SA47483 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47483/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47483 RELEASE DATE: 2012-01-10 DISCUSS ADVISORY: http://secunia.com/advisories/47483/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47483/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47483 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A weakness has been reported in Microsoft AntiXSS Library, which can be exploited by malicious people to bypass certain security restrictions. The weakness is caused due to an error within the sanitisation module when parsing escaped CSS content and which can be exploited to conduct cross-site scripting attacks. The weakness is reported in version 4.0. SOLUTION: Update to version 4.2. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Adi Cohen, IBM Rational Application Security. ORIGINAL ADVISORY: MS12-007 (KB2607664): http://technet.microsoft.com/en-us/security/bulletin/ms12-007 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 10 18:47:38 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 11 Jan 2012 03:47:38 +0100 Subject: [SEC] [SA47311] CEDET EDE Automatic Project Loading Vulnerability Message-ID: <201201110247.q0B2lcmn004915@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: CEDET EDE Automatic Project Loading Vulnerability SECUNIA ADVISORY ID: SA47311 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47311/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47311 RELEASE DATE: 2012-01-10 DISCUSS ADVISORY: http://secunia.com/advisories/47311/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47311/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47311 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in CEDET, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the EDE part of CEDET automatically loading "Project.ede" files when visiting other files in the same directory tree, which can be exploited to execute arbitrary LISP code by tricking a user into opening a file in a directory containing a malicious EDE project. The vulnerability is reported in version 1.0. Other versions may also be affected. SOLUTION: Do not visit files in untrusted directories. PROVIDED AND/OR DISCOVERED BY: The vendor credits Hiroshi Oota. ORIGINAL ADVISORY: http://lists.gnu.org/archive/html/emacs-devel/2012-01/msg00387.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 10 19:20:14 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 11 Jan 2012 04:20:14 +0100 Subject: [SEC] [SA45189] Microsoft Windows Object Packager Insecure Executable Loading Vulnerability Message-ID: <201201110320.q0B3KErj028884@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Microsoft Windows Object Packager Insecure Executable Loading Vulnerability SECUNIA ADVISORY ID: SA45189 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45189/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45189 RELEASE DATE: 2012-01-10 DISCUSS ADVISORY: http://secunia.com/advisories/45189/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45189/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45189 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Parvez Anwar has discovered a vulnerability in Microsoft Windows, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the way that Windows registers and uses Windows Object Packager. This can be exploited to load an executable file (packager.exe) in an insecure manner by tricking a user into opening e.g. a Publisher file (".pub") containing an embedded packaged object located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Parvez Anwar via Secunia ORIGINAL ADVISORY: MS12-002 (KB2603381): http://technet.microsoft.com/en-us/security/bulletin/ms12-002 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 10 19:49:24 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 11 Jan 2012 04:49:24 +0100 Subject: [SEC] [SA47515] Emacs EDE Automatic Project Loading Vulnerability Message-ID: <201201110349.q0B3nOss019811@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Emacs EDE Automatic Project Loading Vulnerability SECUNIA ADVISORY ID: SA47515 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47515/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47515 RELEASE DATE: 2012-01-10 DISCUSS ADVISORY: http://secunia.com/advisories/47515/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47515/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47515 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Emacs, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an error in the EDE component, which can be exploited to execute arbitrary LISP code. For more information: SA47311 Successful exploitation requires that the minor mode "global-ede-mode" is enabled. The vulnerability is reported in version 23.2 and 23.3. SOLUTION: Apply patch or update to version 23.4 as soon as available. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Hiroshi Oota. ORIGINAL ADVISORY: http://lists.gnu.org/archive/html/emacs-devel/2012-01/msg00387.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 10 20:14:43 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 11 Jan 2012 05:14:43 +0100 Subject: [SEC] [SA47467] Hitachi IT Operations Analyzer Unspecified Cross-Site Scripting Vulnerability Message-ID: <201201110414.q0B4Eh3d010558@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Hitachi IT Operations Analyzer Unspecified Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA47467 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47467/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47467 RELEASE DATE: 2012-01-10 DISCUSS ADVISORY: http://secunia.com/advisories/47467/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47467/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47467 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Hitachi IT Operations Analyzer, which can be exploited by malicious people to conduct cross-site scripting attacks. Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is reported in versions 02-01, 02-51 through 02-51-01, and 02-53 through 02-53-02. SOLUTION: Filter malicious characters and character sequences using a proxy. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: Hitachi (English): http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-001/index.html Hitachi (Japanese): http://www.hitachi.co.jp/Prod/comp/soft1/security/info/./vuls/HS12-001/index.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 10 20:48:55 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 11 Jan 2012 05:48:55 +0100 Subject: [SEC] [SA47463] libvirt "bridge" Forward Mode Firewall Rules Weakness Message-ID: <201201110448.q0B4mtNR001665@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: libvirt "bridge" Forward Mode Firewall Rules Weakness SECUNIA ADVISORY ID: SA47463 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47463/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47463 RELEASE DATE: 2012-01-10 DISCUSS ADVISORY: http://secunia.com/advisories/47463/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47463/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47463 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A weakness has been reported in libvirt, which can be exploited by malicious people to bypass certain security restrictions. The weakness is caused due to libvirt incorrectly inserting certain firewall rules, which can lead to unintended access to ports 53 and 67. Successful exploitation requires that a libvirt network with "bridge" forward mode is defined and started and that libvirtd is restarted. The weakness is reported in version 0.9.4 through 0.9.8. SOLUTION: Update to version 0.9.9. PROVIDED AND/OR DISCOVERED BY: David Ja?a ORIGINAL ADVISORY: Red Hat bug #760442: https://bugzilla.redhat.com/show_bug.cgi?id=760442 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 10 21:13:52 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 11 Jan 2012 06:13:52 +0100 Subject: [SEC] [SA47473] IBM WebSphere Application Server Community Edition Tomcat Container Denial of Service Message-ID: <201201110513.q0B5DqWE024863@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: IBM WebSphere Application Server Community Edition Tomcat Container Denial of Service SECUNIA ADVISORY ID: SA47473 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47473/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47473 RELEASE DATE: 2012-01-10 DISCUSS ADVISORY: http://secunia.com/advisories/47473/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47473/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47473 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in IBM WebSphere Application Server Community Edition, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an unspecified error within the Tomcat container and can be exploited to cause a crash by sending a request with many parameters. The vulnerability is reported in versions 1.1.0.1, 1.1.0.2, 2.1.0.1, 2.1.1.1 through 2.1.1.5, and 3.0.0.0. SOLUTION: Apply update. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: IBM: http://www.ibm.com/support/docview.wss?uid=swg21577274 http://www.ibm.com/support/docview.wss?uid=swg21575700 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 10 21:48:42 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 11 Jan 2012 06:48:42 +0100 Subject: [SEC] [SA47472] Linux Kernel "igmp_heard_query()" Denial of Service Vulnerability Message-ID: <201201110548.q0B5mg6C016097@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Linux Kernel "igmp_heard_query()" Denial of Service Vulnerability SECUNIA ADVISORY ID: SA47472 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47472/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47472 RELEASE DATE: 2012-01-10 DISCUSS ADVISORY: http://secunia.com/advisories/47472/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47472/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47472 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error within the "igmp_heard_query()" function (net/ipv4/igmp.c) and can be exploited to cause a kernel crash via specially crafted IGMP queries. SOLUTION: Fixed in the GIT repository. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Simon McVittie ORIGINAL ADVISORY: Debian bug #654876: http://bugs.debian.org/654876 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=a8c1f65c79cbbb2f7da782d4c9d15639a9b94b27 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 10 22:13:19 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 11 Jan 2012 07:13:19 +0100 Subject: [SEC] [SA47490] Hitachi IT Operations Director Unspecified Cross-Site Scripting Vulnerability Message-ID: <201201110613.q0B6DJLS006799@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Hitachi IT Operations Director Unspecified Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA47490 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47490/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47490 RELEASE DATE: 2012-01-10 DISCUSS ADVISORY: http://secunia.com/advisories/47490/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47490/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47490 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Hitachi IT Operations Director, which can be exploited by malicious people to conduct cross-site scripting attacks. Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is reported in versions 02-50-01 through 02-50-07 and 03-00 through 03-00-04. SOLUTION: Update or upgrade to version 03-00-06. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: Hitachi (English): http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-001/index.html Hitachi (Japanese): http://www.hitachi.co.jp/Prod/comp/soft1/security/info/./vuls/HS12-001/index.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 11 10:33:36 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 11 Jan 2012 19:33:36 +0100 Subject: [SEC] [SA47517] Ubuntu update for linux-ec2 Message-ID: <201201111833.q0BIXa4w001549@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Ubuntu update for linux-ec2 SECUNIA ADVISORY ID: SA47517 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47517/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47517 RELEASE DATE: 2012-01-11 DISCUSS ADVISORY: http://secunia.com/advisories/47517/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47517/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47517 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for linux-ec2. This fixes a vulnerability, which can be exploited by malicious, local users to cause a DoS (Denial of Service). For more information see vulnerability #2 in: SA46803 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1324-1: http://www.ubuntu.com/usn/usn-1324-1/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 11 11:43:32 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 11 Jan 2012 20:43:32 +0100 Subject: [SEC] [SA47496] Cogent DataHub Cross-Site Scripting and HTTP Header Injection Vulnerabilities Message-ID: <201201111943.q0BJhWEP027020@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Cogent DataHub Cross-Site Scripting and HTTP Header Injection Vulnerabilities SECUNIA ADVISORY ID: SA47496 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47496/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47496 RELEASE DATE: 2012-01-11 DISCUSS ADVISORY: http://secunia.com/advisories/47496/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47496/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47496 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in Cogent DataHub, which can be exploited by malicious people to conduct cross-site scripting attacks and HTTP response splitting attacks. 1) Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Certain unspecified input is not properly sanitised before being used to display HTTP headers. This can be exploited to include arbitrary HTTP headers in a response sent to the user. The vulnerabilities are reported in versions 7.1.2 and prior. SOLUTION: Update to version 7.2.0. PROVIDED AND/OR DISCOVERED BY: JVN credits Kuang-Chun Hung of Security Research and Service Institute, ICST. ORIGINAL ADVISORY: JVN: http://jvn.jp/en/jp/JVN63249231/index.html http://jvn.jp/en/jp/JVN12983784/index.html http://jvndb.jvn.jp/en/contents/2012/JVNDB-2012-000002.html http://jvndb.jvn.jp/en/contents/2012/JVNDB-2012-000001.html Cogent: http://www.cogentdatahub.com/ReleaseNotes.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 11 12:33:39 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 11 Jan 2012 21:33:39 +0100 Subject: [SEC] [SA47531] KnowledgeTree Cross-Site Scripting Vulnerability Message-ID: <201201112033.q0BKXdWM019025@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: KnowledgeTree Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA47531 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47531/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47531 RELEASE DATE: 2012-01-11 DISCUSS ADVISORY: http://secunia.com/advisories/47531/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47531/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47531 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: High-Tech Bridge SA has discovered a vulnerability in KnowledgeTree, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the URL to login.php, admin.php, and preferences.php is not properly sanitised in config/dmsDefaults.php before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 3.7.0.2. Prior versions may also be affected. SOLUTION: Apply patch. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: High-Tech Bridge SA ORIGINAL ADVISORY: KnowledgeTree: http://www.knowledgetree.org/Security_advisory:_URL_Manipulation HTB23065: https://www.htbridge.ch/advisory/multiple_vulnerabilities_in_knowledgetree_community_edition.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 11 13:34:50 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 11 Jan 2012 22:34:50 +0100 Subject: [SEC] [SA47501] ExpressView Browser Plug-In SID Image Processing Two Vulnerabilities Message-ID: <201201112134.q0BLYork011600@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: ExpressView Browser Plug-In SID Image Processing Two Vulnerabilities SECUNIA ADVISORY ID: SA47501 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47501/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47501 RELEASE DATE: 2012-01-11 DISCUSS ADVISORY: http://secunia.com/advisories/47501/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47501/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47501 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Luigi Auriemma has discovered two vulnerabilities in ExpressView Browser Plug-In, which can be exploited by malicious people to compromise a user's system. 1) An integer overflow error when allocating memory during the processing of Seamless Image Database (SID) files can be exploited to cause a heap-based buffer overflow via a specially crafted file. 2) An error within processing of Seamless Image Database (SID) files can be exploited to load an uninitialised object pointer for use in a virtual function call via a specially crafted file. Successful exploitation of the vulnerabilities may allow execution of arbitrary code, but requires tricking a user into viewing a malicious web page. The vulnerabilities are confirmed in version 6.5.0.3300. Other versions may also be affected. SOLUTION: Disable the plug-in. PROVIDED AND/OR DISCOVERED BY: Luigi Auriemma ORIGINAL ADVISORY: http://aluigi.altervista.org/adv/expressview_1-adv.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 11 14:29:06 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 11 Jan 2012 23:29:06 +0100 Subject: [SEC] [SA47525] Cogent Products Cross-Site Scripting and HTTP Header Injection Vulnerabilities Message-ID: <201201112229.q0BMT6AJ003802@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Cogent Products Cross-Site Scripting and HTTP Header Injection Vulnerabilities SECUNIA ADVISORY ID: SA47525 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47525/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47525 RELEASE DATE: 2012-01-11 DISCUSS ADVISORY: http://secunia.com/advisories/47525/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47525/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47525 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in OPC DataHub and Cascade DataHub, which can be exploited by malicious people to conduct cross-site scripting attacks and HTTP response splitting attacks. For more information: SA47496 The vulnerabilities are reported in versions 6.4.21 and prior. SOLUTION: Upgrade to Cogent DataHub version 7.2.0. PROVIDED AND/OR DISCOVERED BY: JVN credits Kuang-Chun Hung of Security Research and Service Institute, ICST. ORIGINAL ADVISORY: JVN: http://jvn.jp/en/jp/JVN63249231/index.html http://jvn.jp/en/jp/JVN12983784/index.html http://jvndb.jvn.jp/en/contents/2012/JVNDB-2012-000002.html http://jvndb.jvn.jp/en/contents/2012/JVNDB-2012-000001.html Cogent: http://www.cogentdatahub.com/ReleaseNotes.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 11 14:51:30 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 11 Jan 2012 23:51:30 +0100 Subject: [SEC] [SA47462] F5 TMOS HTTP Server ByteRange Filter Denial of Service Vulnerability Message-ID: <201201112251.q0BMpU0C026797@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: F5 TMOS HTTP Server ByteRange Filter Denial of Service Vulnerability SECUNIA ADVISORY ID: SA47462 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47462/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47462 RELEASE DATE: 2012-01-11 DISCUSS ADVISORY: http://secunia.com/advisories/47462/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47462/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47462 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: F5 has acknowledged a vulnerability in F5 TMOS, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA45606 The vulnerability is reported in versions prior to 10.2.3 and 11.1.0. SOLUTION: Update to version 10.2.3 or 11.1.0. ORIGINAL ADVISORY: http://support.f5.com/kb/en-us/products/big-ip_ltm/releasenotes/product/relnote-ltm-11-1-0.html http://support.f5.com/kb/en-us/products/big-ip_ltm/releasenotes/product/relnotes-LTM-10-2-3.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 11 15:14:36 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 12 Jan 2012 00:14:36 +0100 Subject: [SEC] [SA47513] Blue Coat PolicyCenter Multiple Vulnerabilities Message-ID: <201201112314.q0BNEarr017426@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Blue Coat PolicyCenter Multiple Vulnerabilities SECUNIA ADVISORY ID: SA47513 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47513/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47513 RELEASE DATE: 2012-01-11 DISCUSS ADVISORY: http://secunia.com/advisories/47513/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47513/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47513 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Blue Coat has acknowledged a security issue and multiple vulnerabilities in Blue Coat PolicyCenter, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and by malicious people to disclose system and potentially sensitive information, bypass certain security restrictions, and cause a DoS (Denial of Service). For more information: SA20144 SA24634 SA25048 SA25091 SA25666 SA33850 SA34751 The security issue and the vulnerabilities are reported in versions prior to 8.7.2. SOLUTION: Update to version 8.7.2. ORIGINAL ADVISORY: https://kb.bluecoat.com/index?page=content&id=SA64 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 11 16:14:12 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 12 Jan 2012 01:14:12 +0100 Subject: [SEC] [SA47503] Blue Coat IntelligenceCenter Multiple Vulnerabilities Message-ID: <201201120014.q0C0ECiP009867@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Blue Coat IntelligenceCenter Multiple Vulnerabilities SECUNIA ADVISORY ID: SA47503 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47503/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47503 RELEASE DATE: 2012-01-11 DISCUSS ADVISORY: http://secunia.com/advisories/47503/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47503/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47503 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Blue Coat has acknowledged multiple weaknesses, security issues and vulnerabilities in Blue Coat IntelligenceCenter, which can be exploited by malicious, local users to disclose sensitive information and bypass certain security restrictions, by malicious users to disclose sensitive information, bypass certain security restrictions, manipulate certain data, gain escalated privileges, cause a DoS (Denial of Service), and compromise a vulnerable system, and by malicious people to conduct spoofing and cross-site scripting attacks, disclose certain system information, bypass certain security restrictions, and cause a DoS (Denial of Service). For more information: SA35326 SA36660 SA37663 SA39574 SA39845 SA41692 SA42337 SA43144 SA43194 SA44981 SA45641 The weaknesses, security issues, and vulnerabilities are reported in versions 2.1.2 and prior. SOLUTION: Upgrade to version 3.2.2.1. ORIGINAL ADVISORY: https://kb.bluecoat.com/index?page=content&id=SA66 https://kb.bluecoat.com/index?page=content&id=SA67 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 11 16:50:33 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 12 Jan 2012 01:50:33 +0100 Subject: [SEC] [SA47502] Ubuntu update for linux Message-ID: <201201120050.q0C0oXPv001096@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Ubuntu update for linux SECUNIA ADVISORY ID: SA47502 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47502/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47502 RELEASE DATE: 2012-01-11 DISCUSS ADVISORY: http://secunia.com/advisories/47502/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47502/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47502 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for linux. This fixes a weakness and two vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive information and to cause a DoS (Denial of Service). For more information: SA43576 SA43846 SA46803 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1323-1: http://www.ubuntu.com/usn/usn-1323-1/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 11 17:16:41 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 12 Jan 2012 02:16:41 +0100 Subject: [SEC] [SA47495] PowerDNS Response Packet Processing Endless Loop Vulnerability Message-ID: <201201120116.q0C1Gf9C024335@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: PowerDNS Response Packet Processing Endless Loop Vulnerability SECUNIA ADVISORY ID: SA47495 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47495/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47495 RELEASE DATE: 2012-01-11 DISCUSS ADVISORY: http://secunia.com/advisories/47495/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47495/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47495 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in PowerDNS, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to the server responding to response packets, which can be exploited to trigger an endless packet response loop via a specially crafted response packet and disrupt the service. The vulnerability is reported in versions prior to 2.9.22.5 and 3.0.1. SOLUTION: Update to version 2.9.22.5 or 3.0.1. PROVIDED AND/OR DISCOVERED BY: The vendor credits Ray Morris, BetterCGI. ORIGINAL ADVISORY: http://doc.powerdns.com/powerdns-advisory-2012-01.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 11 17:48:42 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 12 Jan 2012 02:48:42 +0100 Subject: [SEC] [SA47489] Debian update for pdns Message-ID: <201201120148.q0C1mg6j015417@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Debian update for pdns SECUNIA ADVISORY ID: SA47489 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47489/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47489 RELEASE DATE: 2012-01-11 DISCUSS ADVISORY: http://secunia.com/advisories/47489/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47489/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47489 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for pdns. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA47495 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2385-1: http://www.debian.org/security/2012/dsa-2385 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 11 18:15:43 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 12 Jan 2012 03:15:43 +0100 Subject: [SEC] [SA45166] NTR ActiveX Control Multiple Vulnerabilities Message-ID: <201201120215.q0C2FhFa006256@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: NTR ActiveX Control Multiple Vulnerabilities SECUNIA ADVISORY ID: SA45166 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45166/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45166 RELEASE DATE: 2012-01-11 DISCUSS ADVISORY: http://secunia.com/advisories/45166/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45166/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45166 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Secunia Research has discovered multiple vulnerabilities in NTR ActiveX control, which can be exploited by malicious people to compromise a user's system. 1) A boundary error in the handling of the "StartModule()" method can be exploited to cause a stack-based buffer overflow via an overly long "bstrUrl" parameter. 2) Missing input validation in the handling of the "StopModule()" method can be exploited via a specially crafted "lModule" parameter to reference an expected module structure at an arbitrary memory address. This can be exploited to dereference an arbitrary value in memory as a function pointer. 3) A boundary error when constructing an url can be exploited to cause a stack-based buffer overflow via e.g. an overly long, specially crafted "bstrParams" parameter passed to the "Check()" method. 4) A boundary error when constructing the path to a .ntr file can be exploited to cause a limited stack-based buffer overflow via an overly long, specially crafted "bstrUrl" parameter passed to the "Download()" or "DownloadModule()" methods. 5) A boundary error when constructing an url can be exploited to cause a stack-based buffer overflow via an overly long, specially crafted "bstrUrl" parameter passed to the "Download()" or "DownloadModule()" methods. Successful exploitation of the vulnerabilities allows execution of arbitrary code. The vulnerabilities are confirmed in version 1.1.8. Other versions may also be affected. SOLUTION: Upgrade to version 2.0.4.8. PROVIDED AND/OR DISCOVERED BY: Carsten Eiram, Secunia Research. ORIGINAL ADVISORY: Secunia Research: http://secunia.com/secunia_research/2012-1/ http://secunia.com/secunia_research/2012-2/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 11 18:49:47 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 12 Jan 2012 03:49:47 +0100 Subject: [SEC] [SA47491] SimpleSAMLphp Two Cross-Site Scripting Vulnerabilities Message-ID: <201201120249.q0C2nlS3029817@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: SimpleSAMLphp Two Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA47491 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47491/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47491 RELEASE DATE: 2012-01-11 DISCUSS ADVISORY: http://secunia.com/advisories/47491/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47491/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47491 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been discovered in SimpleSAMLphp, which can be exploited by malicious people to conduct cross-site scripting attacks. 1) Input passed to the "retryURL" parameter in module.php/core/no_cookie.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Input passed to the "link_href" parameter in logout.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerabilities are confirmed in version 1.8.1. Prior versions may also be affected. SOLUTION: Update to version 1.8.2. PROVIDED AND/OR DISCOVERED BY: 1) Reported by timtai1 in a bug report 2) Reported by the vendor ORIGINAL ADVISORY: SimpleSAMLphp: http://code.google.com/p/simplesamlphp/issues/detail?id=468 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 11 19:20:48 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 12 Jan 2012 04:20:48 +0100 Subject: [SEC] [SA47494] Wireshark Multiple Vulnerabilities Message-ID: <201201120320.q0C3Km7e021321@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Wireshark Multiple Vulnerabilities SECUNIA ADVISORY ID: SA47494 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47494/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47494 RELEASE DATE: 2012-01-11 DISCUSS ADVISORY: http://secunia.com/advisories/47494/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47494/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47494 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Wireshark, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a user's system. 1) NULL pointer dereference errors when reading certain packet information can be exploited to cause a crash. 2) An error within the RLC dissector can be exploited to cause a buffer overflow via a specially crafted RLC packet capture file. Successful exploitation of this vulnerability may allow execution of arbitrary code. NOTE: A weakness within the file parser, which can lead to a crash when handling capture files has also been reported. The vulnerabilities are reported in versions 1.4.0 through 1.4.10 and 1.6.0 through 1.6.4. SOLUTION: Update to version 1.4.11 or 1.6.5. PROVIDED AND/OR DISCOVERED BY: 1) nechtom in a bug report. 2) porche in a bug report. ORIGINAL ADVISORY: http://www.wireshark.org/docs/relnotes/wireshark-1.6.5.html http://www.wireshark.org/docs/relnotes/wireshark-1.4.11.html http://www.wireshark.org/security/wnpa-sec-2012-01.html http://www.wireshark.org/security/wnpa-sec-2012-02.html http://www.wireshark.org/security/wnpa-sec-2012-03.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 11 19:50:06 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 12 Jan 2012 04:50:06 +0100 Subject: [SEC] [SA47512] Red Hat update for kernel Message-ID: <201201120350.q0C3o6KD012272@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Red Hat update for kernel SECUNIA ADVISORY ID: SA47512 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47512/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47512 RELEASE DATE: 2012-01-11 DISCUSS ADVISORY: http://secunia.com/advisories/47512/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47512/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47512 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for the kernel. This fixes a weakness and some vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions, to cause a DoS (Denial of Service), and potentially gain escalated privileges. For more information: SA36617 SA43496 SA46591 SA46802 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2012:0007-1: https://rhn.redhat.com/errata/RHSA-2012-0007.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 11 20:15:02 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 12 Jan 2012 05:15:02 +0100 Subject: [SEC] [SA47488] Linux Kernel "xfs_acl_from_disk()" Integer Overflow Vulnerability Message-ID: <201201120415.q0C4F2Zw002937@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Linux Kernel "xfs_acl_from_disk()" Integer Overflow Vulnerability SECUNIA ADVISORY ID: SA47488 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47488/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47488 RELEASE DATE: 2012-01-11 DISCUSS ADVISORY: http://secunia.com/advisories/47488/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47488/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47488 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the Linux Kernel, which potentially can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an integer overflow within the "xfs_acl_from_disk()" function (fs/xfs/xfs_acl.c) and can be exploited to corrupt kernel memory. Successful exploitation requires physical access to systems that automatically mount inserted media devices or that a user is tricked into mounting a malicious filesystem (e.g. USB drives). SOLUTION: Fixed in the GIT repository. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Initially disclosed in a GIT commit. Additional information regarding an incorrect fix provided by Xi Wang. ORIGINAL ADVISORY: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=093019cf1b18dd31b2c3b77acce4e000e2cbc9ce http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=fa8b18edd752a8b4e9d1ee2cd615b82c93cf8bba Xi Wang: http://kqueue.org/blog/2012/01/10/cve-2012-0038-xfs-acl-count-integer-overflow/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 11 20:50:12 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 12 Jan 2012 05:50:12 +0100 Subject: [SEC] [SA47526] Ubuntu update for linux-ti-omap4 Message-ID: <201201120450.q0C4oCt7026628@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Ubuntu update for linux-ti-omap4 SECUNIA ADVISORY ID: SA47526 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47526/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47526 RELEASE DATE: 2012-01-11 DISCUSS ADVISORY: http://secunia.com/advisories/47526/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47526/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47526 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for linux-ti-omap4. This fixes two weaknesses and two vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive information and cause a DoS (Denial of Service). For more information: SA43576 SA43846 SA45489 SA46803 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1325-1: http://www.ubuntu.com/usn/usn-1325-1/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 11 21:15:04 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 12 Jan 2012 06:15:04 +0100 Subject: [SEC] [SA47486] Linux Kernel DRM "drm_mode_dirtyfb_ioctl()" Integer Overflow Vulnerability Message-ID: <201201120515.q0C5F4hi017342@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Linux Kernel DRM "drm_mode_dirtyfb_ioctl()" Integer Overflow Vulnerability SECUNIA ADVISORY ID: SA47486 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47486/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47486 RELEASE DATE: 2012-01-11 DISCUSS ADVISORY: http://secunia.com/advisories/47486/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47486/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47486 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges. The vulnerability is caused due to an integer overflow error within the "drm_mode_dirtyfb_ioctl()" function (drivers/gpu/drm/crm_crtc.c) and can be exploited to cause a memory corruption by sending specially crafted IOCTLs. SOLUTION: Fixed in the GIT repository. PROVIDED AND/OR DISCOVERED BY: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=a5cd335165e31db9dbab636fd29895d41da55dd2 ORIGINAL ADVISORY: Haogang Chen OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 11 21:50:34 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 12 Jan 2012 06:50:34 +0100 Subject: [SEC] [SA47511] Red Hat update for kernel-rt Message-ID: <201201120550.q0C5oYbQ008614@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Red Hat update for kernel-rt SECUNIA ADVISORY ID: SA47511 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47511/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47511 RELEASE DATE: 2012-01-11 DISCUSS ADVISORY: http://secunia.com/advisories/47511/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47511/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47511 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for kernel-rt. This fixes multiple weaknesses and vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive and system information and to cause a DoS (Denial of Service) and by malicious people to cause a DoS. For more information: SA43576 SA43846 SA44754 SA45420 SA45489 SA45695 SA45936 SA46584 SA46802 SA46803 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2012:0010-01: https://rhn.redhat.com/errata/RHSA-2012-0010.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 11 22:15:41 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 12 Jan 2012 07:15:41 +0100 Subject: [SEC] [SA47510] Red Hat update for acroread Message-ID: <201201120615.q0C6FfPX031728@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Red Hat update for acroread SECUNIA ADVISORY ID: SA47510 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47510/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47510 RELEASE DATE: 2012-01-11 DISCUSS ADVISORY: http://secunia.com/advisories/47510/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47510/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47510 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for acroread. This fixes two vulnerabilities, which can be exploited by malicious people to compromise a user's system. For more information: SA47133 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2012:0011-01: https://rhn.redhat.com/errata/RHSA-2012-0011.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 12 10:36:35 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 12 Jan 2012 19:36:35 +0100 Subject: [SEC] [SA47497] CodeMeter Unspecified Denial of Service Vulnerability Message-ID: <201201121836.q0CIaZZL022501@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: CodeMeter Unspecified Denial of Service Vulnerability SECUNIA ADVISORY ID: SA47497 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47497/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47497 RELEASE DATE: 2012-01-12 DISCUSS ADVISORY: http://secunia.com/advisories/47497/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47497/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47497 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in CodeMeter, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an unspecified error. No further information is currently available. The vulnerability is reported in versions prior to 4.40. SOLUTION: Update to version 4.40. PROVIDED AND/OR DISCOVERED BY: JVN credits Kuang-Chun Hung, Information and Communication Security Technology Center. ORIGINAL ADVISORY: JVN: http://jvn.jp/en/jp/JVN78901873/index.html http://jvndb.jvn.jp/en/contents/2012/JVNDB-2012-000003.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 12 11:33:53 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 12 Jan 2012 20:33:53 +0100 Subject: [SEC] [SA47543] Ubuntu update for nova Message-ID: <201201121933.q0CJXrR7014900@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Ubuntu update for nova SECUNIA ADVISORY ID: SA47543 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47543/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47543 RELEASE DATE: 2012-01-12 DISCUSS ADVISORY: http://secunia.com/advisories/47543/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47543/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47543 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for nova. This fixes a vulnerability, which can be exploited by malicious users to bypass certain security restrictions. For more information see vulnerability #3 in: SA47254 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1326-1: http://www.ubuntu.com/usn/usn-1326-1/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 12 12:33:43 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 12 Jan 2012 21:33:43 +0100 Subject: [SEC] [SA47537] Red Hat update for libxml2 Message-ID: <201201122033.q0CKXhJB007399@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Red Hat update for libxml2 SECUNIA ADVISORY ID: SA47537 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47537/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47537 RELEASE DATE: 2012-01-12 DISCUSS ADVISORY: http://secunia.com/advisories/47537/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47537/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47537 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for libxml2. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library. For more information see vulnerabilities #3 and #4 in: SA46632 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2012:0018-1: https://rhn.redhat.com/errata/RHSA-2012-0018.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 12 13:39:05 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 12 Jan 2012 22:39:05 +0100 Subject: [SEC] [SA47540] Red Hat update for libxml2 Message-ID: <201201122139.q0CLd5Wu032572@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Red Hat update for libxml2 SECUNIA ADVISORY ID: SA47540 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47540/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47540 RELEASE DATE: 2012-01-12 DISCUSS ADVISORY: http://secunia.com/advisories/47540/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47540/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47540 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for libxml2. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library. For more information: SA45325 SA46632 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2012:0016-1: https://rhn.redhat.com/errata/RHSA-2012-0016.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 12 14:28:36 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 12 Jan 2012 23:28:36 +0100 Subject: [SEC] [SA47538] Red Hat update for libxml2 Message-ID: <201201122228.q0CMSarF024534@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Red Hat update for libxml2 SECUNIA ADVISORY ID: SA47538 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47538/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47538 RELEASE DATE: 2012-01-12 DISCUSS ADVISORY: http://secunia.com/advisories/47538/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47538/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47538 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for libxml2. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library. For more information: SA42175 SA44711 SA45325 SA46632 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2012:0017-1: https://rhn.redhat.com/errata/RHSA-2012-0017.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 12 14:49:20 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 12 Jan 2012 23:49:20 +0100 Subject: [SEC] [SA47521] JBoss Cache NonManagedConnectionFactory Credentials Logging Weakness Message-ID: <201201122249.q0CMnKCA015060@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: JBoss Cache NonManagedConnectionFactory Credentials Logging Weakness SECUNIA ADVISORY ID: SA47521 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47521/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47521 RELEASE DATE: 2012-01-12 DISCUSS ADVISORY: http://secunia.com/advisories/47521/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47521/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47521 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A weakness has been reported in JBoss Cache, which can be exploited by malicious, local users to disclose potentially sensitive information. The weakness is caused due to the "getConnection()" function (jboss/cache/loader/NonManagedConnectionFactory.java) logging credentials in clear text when the connection fails. The weakness is reported in version 3.2.8.GA. Other versions may also be affected. SOLUTION: Fixed in the CVS repository. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: https://issues.jboss.org/browse/JBCACHE-1612 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 12 15:14:07 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 13 Jan 2012 00:14:07 +0100 Subject: [SEC] [SA47547] MediaWiki Cached Deleted Revision Content Disclosure Weakness Message-ID: <201201122314.q0CNE7NE005775@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: MediaWiki Cached Deleted Revision Content Disclosure Weakness SECUNIA ADVISORY ID: SA47547 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47547/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47547 RELEASE DATE: 2012-01-12 DISCUSS ADVISORY: http://secunia.com/advisories/47547/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47547/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47547 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A weakness has been reported in MediaWiki, which can be exploited by malicious users to disclose certain sensitive information. The weakness is caused due to an error within the "execute()" function (includes/api/ApiQueryRevisions.php), which discloses old revision content and can be exploited to disclose deleted cached content by diffing to a hidden revision. Successful exploitation requires that the content is cached by a caching server. The weakness is reported in versions prior to 1.18.1 and 1.17.2. SOLUTION: Update to version 1.18.1 or 1.17.2. PROVIDED AND/OR DISCOVERED BY: Roan Kattouw in a bug report. ORIGINAL ADVISORY: https://bugzilla.wikimedia.org/show_bug.cgi?id=33117 http://lists.wikimedia.org/pipermail/mediawiki-announce/2012-January/000107.html http://lists.wikimedia.org/pipermail/mediawiki-announce/2012-January/000106.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 12 15:51:55 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 13 Jan 2012 00:51:55 +0100 Subject: [SEC] [SA47533] Drupal Date Module Event Node Conversion SQL Injection Vulnerability Message-ID: <201201122351.q0CNptq7029539@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Drupal Date Module Event Node Conversion SQL Injection Vulnerability SECUNIA ADVISORY ID: SA47533 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47533/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47533 RELEASE DATE: 2012-01-12 DISCUSS ADVISORY: http://secunia.com/advisories/47533/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47533/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47533 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the Date module for Drupal, which can be exploited by malicious users to conduct SQL injection attacks. Certain input when converting nodes created with the Event module to date fields is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation requires the "administer Date Tools" permission and the existence of the "Event" table in the database. The vulnerability is reported in versions prior to 6.x-2.8. SOLUTION: Update to version 6.x-2.8. PROVIDED AND/OR DISCOVERED BY: Greg Knaddison, Drupal Security Team. ORIGINAL ADVISORY: SA-CONTRIB-2012-004: http://drupal.org/node/1401434 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 12 16:14:06 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 13 Jan 2012 01:14:06 +0100 Subject: [SEC] [SA47493] Debian update for openttd Message-ID: <201201130014.q0D0E6u4020127@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Debian update for openttd SECUNIA ADVISORY ID: SA47493 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47493/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47493 RELEASE DATE: 2012-01-12 DISCUSS ADVISORY: http://secunia.com/advisories/47493/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47493/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47493 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for openttd. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system. For more information: SA45832 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2386-1: http://www.debian.org/security/2012/dsa-2386 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 12 17:05:25 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 13 Jan 2012 02:05:25 +0100 Subject: [SEC] [SA47534] Debian update for simplesamlphp Message-ID: <201201130105.q0D15PQA012203@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Debian update for simplesamlphp SECUNIA ADVISORY ID: SA47534 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47534/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47534 RELEASE DATE: 2012-01-12 DISCUSS ADVISORY: http://secunia.com/advisories/47534/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47534/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47534 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for simplesamlphp. This fixes two vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks. For more information: SA47491 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2387-1: http://www.debian.org/security/2012/dsa-2387 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 12 17:28:42 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 13 Jan 2012 02:28:42 +0100 Subject: [SEC] [SA47536] vBulletin Products Blog Posts Security Bypass Security Issue Message-ID: <201201130128.q0D1SgaS002792@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: vBulletin Products Blog Posts Security Bypass Security Issue SECUNIA ADVISORY ID: SA47536 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47536/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47536 RELEASE DATE: 2012-01-12 DISCUSS ADVISORY: http://secunia.com/advisories/47536/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47536/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47536 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in vBulletin and vBulletin Publishing Suite, which can be exploited by malicious users to bypass certain security restrictions. The security issue is caused due to the blog_post.php script not checking certain permissions, and can be exploited to post blog entries. The security issue is reported in vBulletin versions 3.x using Blogs and vBulletin Publishing Suite versions prior to 4.1.10. SOLUTION: Apply update. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Reported by Truth66 in a bug report. ORIGINAL ADVISORY: vBulletin: https://www.vbulletin.com/forum/showthread.php/394259 http://tracker.vbulletin.com/browse/VBIV-13921 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 12 17:48:46 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 13 Jan 2012 02:48:46 +0100 Subject: [SEC] [SA47549] Drupal Vote Up/Down Module Taxonomy Script Insertion Vulnerability Message-ID: <201201130148.q0D1mknG025698@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Drupal Vote Up/Down Module Taxonomy Script Insertion Vulnerability SECUNIA ADVISORY ID: SA47549 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47549/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47549 RELEASE DATE: 2012-01-12 DISCUSS ADVISORY: http://secunia.com/advisories/47549/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47549/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47549 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the Vote Up/Down module for Drupal, which can be exploited by malicious users to conduct script insertion attacks. Input passed via taxonomy terms is not properly sanitised in the vud_term sub-module before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. Successful exploitation requires permissions to create or edit taxonomy terms. The vulnerability is reported in versions prior to 6.x-2.8 and versions prior to 6.x-3.1. SOLUTION: Update to a fixed version. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Justin C. Klein Keane. ORIGINAL ADVISORY: SA-CONTRIB-2012-005: http://drupal.org/node/1401580 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 12 18:14:28 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 13 Jan 2012 03:14:28 +0100 Subject: [SEC] [SA47482] Linux Kernel KVM "syscall" Emulation Denial of Service Vulnerability Message-ID: <201201130214.q0D2ESlm016485@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Linux Kernel KVM "syscall" Emulation Denial of Service Vulnerability SECUNIA ADVISORY ID: SA47482 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47482/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47482 RELEASE DATE: 2012-01-12 DISCUSS ADVISORY: http://secunia.com/advisories/47482/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47482/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47482 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users in a guest virtual machine to cause a DoS (Denial of Service). The vulnerability is caused due to KVM not properly handling the "syscall" instruction (opcode 0f05) in certain CPU modes on certain CPU models, which can be exploited to e.g. crash 32bit guest machines and potentially cause 64bit guest machines to behave incorrectly by running a specially crafted executable. SOLUTION: Restrict access to trusted users only. PROVIDED AND/OR DISCOVERED BY: Stephan B?rwolf ORIGINAL ADVISORY: https://lkml.org/lkml/2011/12/28/170 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 12 18:50:23 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 13 Jan 2012 03:50:23 +0100 Subject: [SEC] [SA47541] Drupal Password Policy Module Cross-Site Request Forgery and Script Insertion Vulnerabilities Message-ID: <201201130250.q0D2oNQ5007761@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Drupal Password Policy Module Cross-Site Request Forgery and Script Insertion Vulnerabilities SECUNIA ADVISORY ID: SA47541 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47541/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47541 RELEASE DATE: 2012-01-12 DISCUSS ADVISORY: http://secunia.com/advisories/47541/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47541/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47541 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in the Password Policy module for Drupal, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site request forgery attacks. 1) The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. unblock a user by tricking a logged-in administrative user into visiting a malicious web site. 2) Input passed via the policy name when creating a password policy is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. Successful exploitation of this vulnerability requires the "administer policies" permission. The vulnerabilities are reported in versions prior to 6.x-1.4. SOLUTION: Update to version 6.x-1.4. PROVIDED AND/OR DISCOVERED BY: Greg Knaddison, Drupal Security Team. ORIGINAL ADVISORY: SA-CONTRIB-2012-007: http://drupal.org/node/1401678 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 12 19:23:34 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 13 Jan 2012 04:23:34 +0100 Subject: [SEC] [SA47539] Red Hat update for php53 and php Message-ID: <201201130323.q0D3NYpZ031774@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Red Hat update for php53 and php SECUNIA ADVISORY ID: SA47539 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47539/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47539 RELEASE DATE: 2012-01-12 DISCUSS ADVISORY: http://secunia.com/advisories/47539/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47539/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47539 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for php53 and php. This fixes two vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information or cause a DoS (Denial of Service). For more information: SA46107 SA47404 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2012:0019-1: https://rhn.redhat.com/errata/RHSA-2012-0019.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 12 19:53:00 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 13 Jan 2012 04:53:00 +0100 Subject: [SEC] [SA45852] Adobe Reader/Acrobat Multiple Vulnerabilities Message-ID: <201201130353.q0D3r0br022715@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Adobe Reader/Acrobat Multiple Vulnerabilities SECUNIA ADVISORY ID: SA45852 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45852/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45852 RELEASE DATE: 2012-01-11 DISCUSS ADVISORY: http://secunia.com/advisories/45852/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45852/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45852 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Reader and Adobe Acrobat, which can be exploited by malicious people to compromise a user's system. 1) A unspecified error can be exploited to corrupt memory. 2) A unspecified error can be exploited to corrupt heap memory. 3) A signedness error in rt3d.dll when parsing certain BMP image content can be exploited to cause a heap-based buffer overflow via a specially crafted BMP image embedded in a PDF document. 4) A unspecified error can be exploited to corrupt memory. Successful exploitation of the vulnerabilities may allow execution of arbitrary code. The vulnerabilities are reported in the following products: * Adobe Reader X (10.1.1) and earlier 10.x versions for Windows and Macintosh * Adobe Reader 9.4.7 and earlier 9.x versions for Windows * Adobe Reader 9.4.6 and earlier 9.x versions for Macintosh * Adobe Acrobat X (10.1.1) and earlier 10.x versions for Windows and Macintosh * Adobe Acrobat 9.4.7 and earlier 9.x versions for Windows * Adobe Acrobat 9.4.6 and earlier 9.x versions for Macintosh SOLUTION: Update to version 9.5 or 10.1.2. PROVIDED AND/OR DISCOVERED BY: 1) The vendor credits Tavis Ormandy, Google Security Team. 2) The vendor credits Billy Rios, Google Security Team. 3) Hossein Lotfi via Secunia. 4) The vendor credits Alin Rad Pop via ZDI. ORIGINAL ADVISORY: http://www.adobe.com/support/security/bulletins/apsb12-01.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 12 20:15:10 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 13 Jan 2012 05:15:10 +0100 Subject: [SEC] [SA47524] IBM Telelogic / Rational License Server License Manager Log File Upload Vulnerability Message-ID: <201201130415.q0D4FAmf013321@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: IBM Telelogic / Rational License Server License Manager Log File Upload Vulnerability SECUNIA ADVISORY ID: SA47524 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47524/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47524 RELEASE DATE: 2012-01-11 DISCUSS ADVISORY: http://secunia.com/advisories/47524/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47524/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47524 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: IBM has acknowledged a vulnerability in IBM Telelogic License Server and IBM Rational License Server, which can be exploited by malicious people to compromise a vulnerable system. For more information: SA45615 The vulnerability is reported in IBM Telelogic License Server version 2.0 and IBM Rational License Server versions 7.x. SOLUTION: Upgrade to version 8.1.2 and apply fix. ORIGINAL ADVISORY: IBM: http://www.ibm.com/support/docview.wss?uid=swg21577760 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 12 20:50:30 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 13 Jan 2012 05:50:30 +0100 Subject: [SEC] [SA47522] IBM Rational License Key Server License Manager Log File Upload Vulnerability Message-ID: <201201130450.q0D4oUkN004557@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: IBM Rational License Key Server License Manager Log File Upload Vulnerability SECUNIA ADVISORY ID: SA47522 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47522/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47522 RELEASE DATE: 2012-01-11 DISCUSS ADVISORY: http://secunia.com/advisories/47522/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47522/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47522 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: IBM has acknowledged a vulnerability in IBM Rational License Key Server, which can be exploited by malicious people to compromise a vulnerable system. For more information: SA45615 The vulnerability is reported in versions 8.1.2 and prior. SOLUTION: Update to version 8.1.1 or 8.1.2 and apply the iFix. ORIGINAL ADVISORY: IBM: http://www.ibm.com/support/docview.wss?uid=swg21577760 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 12 21:14:46 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 13 Jan 2012 06:14:46 +0100 Subject: [SEC] [SA47507] Blue Coat IntelligenceCenter Multiple Vulnerabilities Message-ID: <201201130514.q0D5Ek9m027638@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Blue Coat IntelligenceCenter Multiple Vulnerabilities SECUNIA ADVISORY ID: SA47507 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47507/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47507 RELEASE DATE: 2012-01-11 DISCUSS ADVISORY: http://secunia.com/advisories/47507/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47507/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47507 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Blue Coat has acknowledged multiple weaknesses, security issues and vulnerabilities in Blue Coat IntelligenceCenter, which can be exploited by malicious, local users to disclose sensitive information and bypass certain security restrictions, by malicious users to disclose sensitive information, bypass certain security restrictions, manipulate certain data, gain escalated privileges, cause a DoS (Denial of Service), and compromise a vulnerable system, and by malicious people to conduct spoofing and cross-site scripting attacks, disclose certain system information, bypass certain security restrictions, and cause a DoS (Denial of Service). For more information: SA35326 SA36660 SA37663 SA39574 SA39845 SA41692 SA42337 SA43144 SA43194 SA44981 SA45641 The weaknesses, security issues, and vulnerabilities are reported in versions prior to 3.2.2.1. SOLUTION: Update to version 3.2.2.1. ORIGINAL ADVISORY: https://kb.bluecoat.com/index?page=content&id=SA66 https://kb.bluecoat.com/index?page=content&id=SA67 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 12 21:50:52 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 13 Jan 2012 06:50:52 +0100 Subject: [SEC] [SA47527] w-CMS Cross-Site Scripting and Script Insertion Vulnerabilities Message-ID: <201201130550.q0D5oq8X018937@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: w-CMS Cross-Site Scripting and Script Insertion Vulnerabilities SECUNIA ADVISORY ID: SA47527 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47527/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47527 RELEASE DATE: 2012-01-11 DISCUSS ADVISORY: http://secunia.com/advisories/47527/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47527/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47527 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been discovered in w-CMS, which can be exploited by malicious people to conduct cross-site scripting and script insertion attacks. 1) Input passed via the "p" parameter to index.php is not properly sanitised in the "getMenus()" function in codes/wcms.php before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Input passed via the "COMMENT" parameter to index.php is not properly sanitised before being used in codes/blog.php, codes/guestbook.php, or codes/forum.php. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. The vulnerabilities are confirmed in version 2.01. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: th3.g4m3_0v3r OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 12 22:16:18 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 13 Jan 2012 07:16:18 +0100 Subject: [SEC] [SA47122] HP PKI ActiveX Control Arbitrary Process Termination Weakness Message-ID: <201201130616.q0D6GIVI009692@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: HP PKI ActiveX Control Arbitrary Process Termination Weakness SECUNIA ADVISORY ID: SA47122 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47122/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47122 RELEASE DATE: 2012-01-10 DISCUSS ADVISORY: http://secunia.com/advisories/47122/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47122/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47122 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Parvez Anwar has discovered a weakness in HP PKI ActiveX control, which can be exploited by malicious people to cause a DoS (Denial of Service). The weakness is caused due to the insecure "KillProcess()" method allowing arbitrary running user processes to be terminated by supplying the partial or full name of the process as argument. This can be exploited to terminate a specific process by supplying its name or alternatively all processes matching a supplied character or string in their name (e.g. "exe" or "."). The weakness is confirmed in version 1.1.0.6. Other versions may also be affected. SOLUTION: Update to version 1.2.0.1. PROVIDED AND/OR DISCOVERED BY: Parvez Anwar via Secunia OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 13 10:35:08 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 13 Jan 2012 19:35:08 +0100 Subject: [SEC] [SA47546] Joomla! HD Video Share Component "id" SQL Injection Vulnerability Message-ID: <201201131835.q0DIZ8Y5004451@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Joomla! HD Video Share Component "id" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA47546 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47546/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47546 RELEASE DATE: 2012-01-13 DISCUSS ADVISORY: http://secunia.com/advisories/47546/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47546/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47546 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in the HD Video Share component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "id" parameter to index.php (when "option" is set to "com_contushdvideoshare" and "view" is set to "player") is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is confirmed in version 1.3. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Lazmania61 ORIGINAL ADVISORY: Lazmania61: http://packetstormsecurity.org/files/108623/joomlacdvs-sql.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 13 11:37:45 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 13 Jan 2012 20:37:45 +0100 Subject: [SEC] [SA47572] SUSE update for libxml2 Message-ID: <201201131937.q0DJbjwu029488@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: SUSE update for libxml2 SECUNIA ADVISORY ID: SA47572 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47572/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47572 RELEASE DATE: 2012-01-13 DISCUSS ADVISORY: http://secunia.com/advisories/47572/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47572/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47572 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for libxml2. This fixes two vulnerabilities, which can be exploited by malicious people to potentially compromise an application using the library. For more information see vulnerabilities #1 and #2 in: SA46632 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2012:0073-1: http://lists.opensuse.org/opensuse-updates/2012-01/msg00026.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 13 12:39:38 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 13 Jan 2012 21:39:38 +0100 Subject: [SEC] [SA47529] WordPress Count Per Day Plugin Cross-Site Scripting and File Disclosure Vulnerabilities Message-ID: <201201132039.q0DKdcvN022091@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: WordPress Count Per Day Plugin Cross-Site Scripting and File Disclosure Vulnerabilities SECUNIA ADVISORY ID: SA47529 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47529/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47529 RELEASE DATE: 2012-01-13 DISCUSS ADVISORY: http://secunia.com/advisories/47529/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47529/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47529 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been discovered in the Count Per Day plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks and disclose sensitive information. 1) Input passed to the "map" parameter in wp-content/plugins/count-per-day/map/map.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Input passed to the "f" parameter in wp-content/plugins/count-per-day/download.php (when "n" is set) is not properly verified before being used to display files. This can be exploited to disclose the contents of arbitrary files via directory traversal sequences. The vulnerabilities are confirmed in version 3.1. Prior versions may also be affected. SOLUTION: Update to version 3.1.1. PROVIDED AND/OR DISCOVERED BY: 6scan ORIGINAL ADVISORY: Count Per Day: http://wordpress.org/extend/plugins/count-per-day/changelog/ http://plugins.trac.wordpress.org/changeset/488883/count-per-day 6scan: http://packetstormsecurity.org/files/108631/countperday-downloadxss.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 13 13:36:47 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 13 Jan 2012 22:36:47 +0100 Subject: [SEC] [SA47562] MailEnable Products "Username" Cross-Site Scripting Vulnerability Message-ID: <201201132136.q0DLalv6014462@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: MailEnable Products "Username" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA47562 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47562/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47562 RELEASE DATE: 2012-01-13 DISCUSS ADVISORY: http://secunia.com/advisories/47562/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47562/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47562 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in multiple MailEnable products, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "Username" parameter to ForgottenPassword.aspx is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is reported in versions 5.52 and prior and versions 6.02 and prior. SOLUTION: Update to version 5.53 or 6.03. PROVIDED AND/OR DISCOVERED BY: Sajjad Pourali, Narendra Shinde, and Shahab NamaziKhah. ORIGINAL ADVISORY: Nerv: http://www.nerv.fi/CVE-2012-0389.txt MailEnable (ME020567): http://www.mailenable.com/kb/Content/Article.asp?ID=me020567 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 13 14:31:45 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 13 Jan 2012 23:31:45 +0100 Subject: [SEC] [SA47518] MailEnable Products "Username" Cross-Site Scripting Vulnerability Message-ID: <201201132231.q0DMVjXq006729@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: MailEnable Products "Username" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA47518 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47518/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47518 RELEASE DATE: 2012-01-13 DISCUSS ADVISORY: http://secunia.com/advisories/47518/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47518/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47518 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in multiple MailEnable products, which can be exploited by malicious people to conduct cross-site scripting attacks. For more information: SA47562 The vulnerability is confirmed in MailEnable Professional version 4.26 and reported in MailEnable Enterprise and MailEnable Premium versions 4.26 and prior. SOLUTION: Upgrade to version 5.53 or 6.03. PROVIDED AND/OR DISCOVERED BY: Sajjad Pourali, Narendra Shinde, and Shahab NamaziKhah. ORIGINAL ADVISORY: Nerv: http://www.nerv.fi/CVE-2012-0389.txt MailEnable (ME020567): http://www.mailenable.com/kb/Content/Article.asp?ID=me020567 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 13 15:03:33 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 14 Jan 2012 00:03:33 +0100 Subject: [SEC] [SA47570] Ubuntu update for linux-ti-omap4 Message-ID: <201201132303.q0DN3XTe030189@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Ubuntu update for linux-ti-omap4 SECUNIA ADVISORY ID: SA47570 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47570/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47570 RELEASE DATE: 2012-01-13 DISCUSS ADVISORY: http://secunia.com/advisories/47570/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47570/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47570 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for linux-ti-omap4. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges. For more information: SA46591 SA46802 SA46803 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1330-1: http://www.ubuntu.com/usn/usn-1330-1/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 13 15:29:49 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 14 Jan 2012 00:29:49 +0100 Subject: [SEC] [SA47573] Ubuntu update for linux-ti-omap4 Message-ID: <201201132329.q0DNTnr8020960@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Ubuntu update for linux-ti-omap4 SECUNIA ADVISORY ID: SA47573 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47573/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47573 RELEASE DATE: 2012-01-13 DISCUSS ADVISORY: http://secunia.com/advisories/47573/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47573/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47573 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for linux-ti-omap4. This fixes one weakness, which can be exploited by malicious, local users to cause a DoS (Denial of Service). For more information see weakness #2 in: SA45489 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1329-1: http://www.ubuntu.com/usn/usn-1329-1/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 13 15:49:45 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 14 Jan 2012 00:49:45 +0100 Subject: [SEC] [SA47568] Ubuntu update for linux-mvl-dove Message-ID: <201201132349.q0DNnj9t011435@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Ubuntu update for linux-mvl-dove SECUNIA ADVISORY ID: SA47568 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47568/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47568 RELEASE DATE: 2012-01-13 DISCUSS ADVISORY: http://secunia.com/advisories/47568/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47568/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47568 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for linux-mvl-dove. This fixes one vulnerability, which can be exploited by malicious, local users to cause a DoS (Denial of Service). For more information see vulnerability #2 in: SA46803 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1328-1: http://www.ubuntu.com/usn/usn-1328-1 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 13 16:14:37 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 14 Jan 2012 01:14:37 +0100 Subject: [SEC] [SA47542] Ubuntu update for linux-lts-backport-maverick Message-ID: <201201140014.q0E0Eb0q002103@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Ubuntu update for linux-lts-backport-maverick SECUNIA ADVISORY ID: SA47542 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47542/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47542 RELEASE DATE: 2012-01-13 DISCUSS ADVISORY: http://secunia.com/advisories/47542/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47542/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47542 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for linux-lts-backport-maverick. This fixes a weakness and a vulnerability, which can be exploited by malicious, local users to disclose potentially sensitive information and to cause a DoS (Denial of Service). For more information: SA43576 SA46803 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1332-1: http://www.ubuntu.com/usn/usn-1332-1/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 13 16:50:08 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 14 Jan 2012 01:50:08 +0100 Subject: [SEC] [SA47440] @Mail Server Multiple Script Insertion Vulnerabilities Message-ID: <201201140050.q0E0o8Z3025806@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: @Mail Server Multiple Script Insertion Vulnerabilities SECUNIA ADVISORY ID: SA47440 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47440/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47440 RELEASE DATE: 2012-01-13 DISCUSS ADVISORY: http://secunia.com/advisories/47440/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47440/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47440 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in @Mail Server, which can be exploited by malicious users to conduct script insertion attacks. 1) Input passed via the "UserFirstName" and "UserLastName" parameters to index.php/admin/users/create or index.php/admin/users/update is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. Successful exploitation of this vulnerability requires permissions to create or edit users. 2) Input passed via the range and index values is not properly sanitised before being used in the log search functionality. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. The vulnerabilities are reported in version 6.30.4. Other versions may also be affected. SOLUTION: Update to version 6.30.5. PROVIDED AND/OR DISCOVERED BY: 1) Vulnerability Research Laboratory. 2) Reported by the vendor. ORIGINAL ADVISORY: Vulnerability Research Laboratory: http://www.vulnerability-lab.com/get_content.php?id=376 @Mail: http://atmail.com/changelog/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 13 17:16:43 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 14 Jan 2012 02:16:43 +0100 Subject: [SEC] [SA47571] GreenBrowser iframe Handling Double Free Vulnerability Message-ID: <201201140116.q0E1GhFx016623@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: GreenBrowser iframe Handling Double Free Vulnerability SECUNIA ADVISORY ID: SA47571 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47571/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47571 RELEASE DATE: 2012-01-13 DISCUSS ADVISORY: http://secunia.com/advisories/47571/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47571/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47571 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in GreenBrowser, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a double free error related to the handling of iframes in combination with the "Find keyword" functionality, which can be exploited by tricking a user into opening a specially crafted website. Successful exploitation may allow the execution of arbitrary code, but requires that the user uses the "Find keyword" functionality (F6) on a malicious website. The vulnerability is confirmed in version 6.0.1002. Other versions may also be affected. SOLUTION: Do not browse untrusted websites. PROVIDED AND/OR DISCOVERED BY: The penetration test team Of NCNIPC (China). ORIGINAL ADVISORY: http://archives.neohapsis.com/archives/bugtraq/2012-01/0079.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Jan 14 10:31:15 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 14 Jan 2012 19:31:15 +0100 Subject: [SEC] [SA47550] Contus Jobs Portal "Category" SQL Injection Vulnerability Message-ID: <201201141831.q0EIVF6H032487@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Contus Jobs Portal "Category" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA47550 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47550/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47550 RELEASE DATE: 2012-01-13 DISCUSS ADVISORY: http://secunia.com/advisories/47550/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47550/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47550 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Contus Jobs Portal, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "Category" parameter to jobresult is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Lazmania61 ORIGINAL ADVISORY: http://packetstormsecurity.org/files/108622/contusjob-sql.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Jan 14 11:31:07 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 14 Jan 2012 20:31:07 +0100 Subject: [SEC] [SA47555] ISC DHCP DHCPv6 Dynamic DNS Lease Status Updating Denial of Service Vulnerability Message-ID: <201201141931.q0EJV7e8022846@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: ISC DHCP DHCPv6 Dynamic DNS Lease Status Updating Denial of Service Vulnerability SECUNIA ADVISORY ID: SA47555 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47555/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47555 RELEASE DATE: 2012-01-13 DISCUSS ADVISORY: http://secunia.com/advisories/47555/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47555/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47555 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in ISC DHCP, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to a NULL pointer dereference error within the handling of the DHCPv6 lease structure when updating Dynamic DNS lease status, which can be exploited to cause a crash by sending specially crafted DHCP packets. Successful exploitation requires that DHCPv6 and Dynamic DNS are used. The vulnerability is reported in versions 4.2.2, 4.2.3, and 4.2.3-P1. SOLUTION: Update to version 4.2.3-P2. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: https://www.isc.org/software/dhcp/advisories/cve-2011-4868 https://deepthought.isc.org/article/AA-00595 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Jan 14 12:30:47 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 14 Jan 2012 21:30:47 +0100 Subject: [SEC] [SA47569] IBM WebSphere Application Server for z/OS Two Vulnerabilities Message-ID: <201201142030.q0EKUl38013204@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: IBM WebSphere Application Server for z/OS Two Vulnerabilities SECUNIA ADVISORY ID: SA47569 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47569/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47569 RELEASE DATE: 2012-01-13 DISCUSS ADVISORY: http://secunia.com/advisories/47569/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47569/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47569 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in IBM WebSphere Application Server for z/OS, where one has an unknown impact and the other can be exploited by malicious people to conduct cross-site scripting attacks. 1) An unspecified error exists in a WS-Security policy enabled Java API for XML Web Services (JAX-WS) application. No further information is currently available. 2) Certain unspecified input passed to the web messaging component is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerabilities are reported in versions prior to 7.0.0 Fix Pack 21. SOLUTION: Update to version 7.0.0.21. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: IBM (PM37840, PM43585): http://www.ibm.com/support/docview.wss?uid=swg1PM54061 http://www.ibm.com/support/docview.wss?uid=swg1PM45731 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Jan 14 13:31:14 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 14 Jan 2012 22:31:14 +0100 Subject: [SEC] [SA47410] Apache HTTP Server Scoreboard Invalid Free Security Bypass Message-ID: <201201142131.q0ELVETV003559@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Apache HTTP Server Scoreboard Invalid Free Security Bypass SECUNIA ADVISORY ID: SA47410 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47410/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47410 RELEASE DATE: 2012-01-13 DISCUSS ADVISORY: http://secunia.com/advisories/47410/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47410/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47410 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: halfdog has reported a weakness in the Apache HTTP Server, which can be exploited by malicious, local users to bypass certain security restrictions. The weakness is caused due to child processes being able to change the memory type record of the "scoreboard" shared memory segment, which can be exploited to cause an invalid free operation during the shutdown of the parent process. SOLUTION: Fixed in the SVN repository. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: halfdog ORIGINAL ADVISORY: halfdog: http://www.halfdog.net/Security/2011/ApacheScoreboardInvalidFreeOnShutdown/ Apache commit: http://svn.apache.org/viewvc?view=revision&revision=1230065 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Jan 14 14:29:29 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 14 Jan 2012 23:29:29 +0100 Subject: [SEC] [SA47041] Yahoo Messenger JPG Photo Sharing Integer Overflow Vulnerability Message-ID: <201201142229.q0EMTTmY026271@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Yahoo Messenger JPG Photo Sharing Integer Overflow Vulnerability SECUNIA ADVISORY ID: SA47041 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47041/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47041 RELEASE DATE: 2012-01-13 DISCUSS ADVISORY: http://secunia.com/advisories/47041/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47041/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47041 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Tielei Wang has discovered a vulnerability in Yahoo Messenger, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an integer overflow error in the "CYImage::LoadJPG()" method (YImage.dll) when allocating memory using the image dimension values. This can be exploited to cause a heap-based buffer overflow via a specially crafted JPG file. Successful exploitation may allow execution of arbitrary code, but requires a victim to allow photo sharing with an attacker. The vulnerability is confirmed in version 11.5.0.152. Other versions may also be affected. SOLUTION: Update to version 11.5.0.155. PROVIDED AND/OR DISCOVERED BY: Tielei Wang, Georgia Tech Information Security Center via Secunia. OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Jan 14 14:45:07 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 14 Jan 2012 23:45:07 +0100 Subject: [SEC] [SA47506] Tahoe-LAFS Integrity Check Logic Error Security Issue Message-ID: <201201142245.q0EMj7IH015955@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Tahoe-LAFS Integrity Check Logic Error Security Issue SECUNIA ADVISORY ID: SA47506 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47506/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47506 RELEASE DATE: 2012-01-13 DISCUSS ADVISORY: http://secunia.com/advisories/47506/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47506/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47506 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in Tahoe-LAFS, which can be exploited by malicious people to manipulate certain data. The security issue is caused due to a logic error within the integrity checking of the mutable downloader, which can be exploited to deliver manipulated shares to a client without triggering an integrity failure. Successful exploitation requires that the attacker is able to provide multiple shares in a certain order to a client (e.g. controls one or more storage servers). The security issue is reported in version 1.9.0. SOLUTION: Update to version 1.9.1. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Reported by the vendor (Kevan Carstensen). ORIGINAL ADVISORY: https://tahoe-lafs.org/trac/tahoe-lafs/ticket/1654 https://tahoe-lafs.org/pipermail/tahoe-announce/2012-January/000033.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Jan 14 15:15:54 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 15 Jan 2012 00:15:54 +0100 Subject: [SEC] [SA47481] SUSE update for pidgin Message-ID: <201201142315.q0ENFseC005878@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: SUSE update for pidgin SECUNIA ADVISORY ID: SA47481 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47481/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47481 RELEASE DATE: 2012-01-10 DISCUSS ADVISORY: http://secunia.com/advisories/47481/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47481/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47481 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for pidgin. This fixes some weaknesses, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA43695 SA46298 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2012:0066-1: http://lists.opensuse.org/opensuse-updates/2012-01/msg00025.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Jan 14 16:45:04 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 15 Jan 2012 01:45:04 +0100 Subject: [SEC] [SA47484] Ubuntu update for the kernel Message-ID: <201201150045.q0F0j46Q029067@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Ubuntu update for the kernel SECUNIA ADVISORY ID: SA47484 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47484/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47484 RELEASE DATE: 2012-01-10 DISCUSS ADVISORY: http://secunia.com/advisories/47484/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47484/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47484 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for the kernel. This fixes a vulnerability, which can be exploited by malicious, local users to cause a DoS (Denial of Service). For more information: SA46584 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1322-1: http://www.ubuntu.com/usn/usn-1322-1/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 16 10:34:26 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 16 Jan 2012 19:34:26 +0100 Subject: [SEC] [SA47499] Giveaway Manager "id" Cross-Site Scripting Vulnerability Message-ID: <201201161834.q0GIYQX6023841@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Giveaway Manager "id" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA47499 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47499/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47499 RELEASE DATE: 2012-01-16 DISCUSS ADVISORY: http://secunia.com/advisories/47499/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47499/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47499 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Giveaway Manager, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to the "id" parameter in members.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. SOLUTION: Filter malicious characters and character sequences using a proxy. PROVIDED AND/OR DISCOVERED BY: Am!r ORIGINAL ADVISORY: http://packetstormsecurity.org/files/108550/giveawaymanager-xss.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 16 11:31:11 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 16 Jan 2012 20:31:11 +0100 Subject: [SEC] [SA47351] Apigee Facebook API Cross-Site Scripting Vulnerability Message-ID: <201201161931.q0GJVBmO014160@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Apigee Facebook API Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA47351 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47351/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47351 RELEASE DATE: 2012-01-16 DISCUSS ADVISORY: http://secunia.com/advisories/47351/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47351/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47351 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Asish Agarwalla has reported a vulnerability in Apigee, which can be exploited by malicious people to conduct cross-site scripting attacks. Input posted to a user's wall, in a comment, or message on Facebook is not properly sanitised before being returned to the user by Apigee. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. SOLUTION: Reportedly fixed in the version released on December 26th 2011 (please contact the vendor for more information). PROVIDED AND/OR DISCOVERED BY: Asish Agarwalla ORIGINAL ADVISORY: http://seclists.org/fulldisclosure/2012/Jan/24 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 16 12:31:33 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 16 Jan 2012 21:31:33 +0100 Subject: [SEC] [SA47567] GNU C Library EMFILE Error Handling Two Denial of Service Vulnerabilities Message-ID: <201201162031.q0GKVXGd004539@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: GNU C Library EMFILE Error Handling Two Denial of Service Vulnerabilities SECUNIA ADVISORY ID: SA47567 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47567/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47567 RELEASE DATE: 2012-01-16 DISCUSS ADVISORY: http://secunia.com/advisories/47567/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47567/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47567 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in the GNU C Library, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerabilities are caused due to errors within the "rendezvous_request()" and "svcudp_recv()" functions when handling EMFILE errors, which can be exploited to cause high CPU consumption and render the system unresponsive. The vulnerabilities are reported in version 2.14.1. Other versions may also be affected. SOLUTION: Restrict access to RPC services to trusted hosts only. PROVIDED AND/OR DISCOVERED BY: Vincent Danen in a bug report. ORIGINAL ADVISORY: https://bugzilla.redhat.com/show_bug.cgi?id=767299 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 16 13:31:58 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 16 Jan 2012 22:31:58 +0100 Subject: [SEC] [SA47535] Tine 2.0 Two Script Insertion Vulnerabilities Message-ID: <201201162131.q0GLVwrq027294@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Tine 2.0 Two Script Insertion Vulnerabilities SECUNIA ADVISORY ID: SA47535 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47535/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47535 RELEASE DATE: 2012-01-16 DISCUSS ADVISORY: http://secunia.com/advisories/47535/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47535/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47535 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in Tine 2.0, which can be exploited by malicious users to conduct script insertion attacks. Certain unspecified input passed to the CRM and Addressbook modules is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. The vulnerabilities are reported in version Maisha released prior to January 13th, 2012. SOLUTION: Update to version Maisha released on January 13th, 2012. PROVIDED AND/OR DISCOVERED BY: Ucha Gobejishvili (longrifle0x) ORIGINAL ADVISORY: http://www.vulnerability-lab.com/get_content.php?id=379 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 16 14:29:51 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 16 Jan 2012 23:29:51 +0100 Subject: [SEC] [SA47551] Debian update for linux-2.6 Message-ID: <201201162229.q0GMTpFs017632@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Debian update for linux-2.6 SECUNIA ADVISORY ID: SA47551 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47551/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47551 RELEASE DATE: 2012-01-16 DISCUSS ADVISORY: http://secunia.com/advisories/47551/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47551/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47551 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for linux-2.6. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to disclose certain system information, cause a DoS (Denial of Service), and potentially gain escalated privileges, by malicious, local users in a guest virtual machine to cause a DoS (Denial of Service) and gain escalated privileges, and by malicious people to compromise a vulnerable system. For more information: SA43846 SA44754 SA45489 SA46591 SA46803 SA47293 SA47296 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2389-1: http://www.debian.org/security/2012/dsa-2389 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 16 14:46:33 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 16 Jan 2012 23:46:33 +0100 Subject: [SEC] [SA47577] PHP Ringtone Website "getparam()" Cross-Site Scripting Vulnerability Message-ID: <201201162246.q0GMkXfh007349@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: PHP Ringtone Website "getparam()" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA47577 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47577/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47577 RELEASE DATE: 2012-01-16 DISCUSS ADVISORY: http://secunia.com/advisories/47577/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47577/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47577 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in PHP Ringtone Website, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to e.g. the "mmchar0_1" and "mmsection0_1" parameters in ringtones.php is not properly sanitised by the "getparam()" JavaScript function before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. SOLUTION: Filter malicious characters and character sequences using a proxy. PROVIDED AND/OR DISCOVERED BY: Atmon3r ORIGINAL ADVISORY: http://packetstormsecurity.org/files/108688/phpringtone-xss.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 16 15:12:00 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 17 Jan 2012 00:12:00 +0100 Subject: [SEC] [SA47532] Debian update for t1lib Message-ID: <201201162312.q0GNC0hA029579@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Debian update for t1lib SECUNIA ADVISORY ID: SA47532 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47532/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47532 RELEASE DATE: 2012-01-16 DISCUSS ADVISORY: http://secunia.com/advisories/47532/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47532/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47532 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for t1lib. This fixes multiple vulnerabilities, which can be exploited by malicious people to compromise an application using the library. For more information: SA43491 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2388-1: http://www.debian.org/security/2012/dsa-2388 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 16 16:35:17 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 17 Jan 2012 01:35:17 +0100 Subject: [SEC] [SA47360] IrfanView PlugIns JPEG2000 Image Processing Buffer Overflow Vulnerability Message-ID: <201201170035.q0H0ZHH4020314@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: IrfanView PlugIns JPEG2000 Image Processing Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA47360 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47360/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47360 RELEASE DATE: 2012-01-16 DISCUSS ADVISORY: http://secunia.com/advisories/47360/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47360/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47360 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Parvez Anwar has discovered a vulnerability in IrfanView PlugIns, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an error in the JPEG2000 plug-in when processing the Quantization Default (QCD) marker segment. This can be exploited to cause a stack-based buffer overflow via a specially crafted JPEG2000 (JP2) file. Successful exploitation allows execution of arbitrary code, but requires tricking a user into opening a malicious file. The vulnerability is confirmed in version 4.32. Other versions may also be affected. SOLUTION: Update the JPEG2000 plug-in to version 4.33. PROVIDED AND/OR DISCOVERED BY: Parvez Anwar via Secunia. OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 16 17:02:52 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 17 Jan 2012 02:02:52 +0100 Subject: [SEC] [SA47574] HP Diagnostics magentservice.exe Buffer Overflow Vulnerability Message-ID: <201201170102.q0H12qL9010302@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: HP Diagnostics magentservice.exe Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA47574 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47574/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47574 RELEASE DATE: 2012-01-16 DISCUSS ADVISORY: http://secunia.com/advisories/47574/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47574/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47574 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in HP Diagnostics, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error within the magentservice.exe process when processing certain requests. This can be exploited to cause a stack-based buffer overflow via a specially crafted request sent to TCP port 23472. The vulnerability is reported in version 9.00. Other versions may also be affected. SOLUTION: Restrict access to trusted hosts only. PROVIDED AND/OR DISCOVERED BY: AbdulAziz Hariri via ZDI. ORIGINAL ADVISORY: ZDI: http://www.zerodayinitiative.com/advisories/ZDI-12-016/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 16 17:27:26 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 17 Jan 2012 02:27:26 +0100 Subject: [SEC] [SA47528] Debian update for openssl Message-ID: <201201170127.q0H1RQit032510@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Debian update for openssl SECUNIA ADVISORY ID: SA47528 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47528/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47528 RELEASE DATE: 2012-01-16 DISCUSS ADVISORY: http://secunia.com/advisories/47528/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47528/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47528 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for openssl. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, cause a DoS (Denial of Service), and potentially compromise an application using the library. For more information: SA30405 SA47426 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2390-1: http://www.debian.org/security/2012/dsa-2390 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 16 17:55:22 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 17 Jan 2012 02:55:22 +0100 Subject: [SEC] [SA47593] IBM WebSphere Application Server iscdeploy Script Insecure Permissions Weakness Message-ID: <201201170155.q0H1tMio022393@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: IBM WebSphere Application Server iscdeploy Script Insecure Permissions Weakness SECUNIA ADVISORY ID: SA47593 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47593/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47593 RELEASE DATE: 2012-01-16 DISCUSS ADVISORY: http://secunia.com/advisories/47593/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47593/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47593 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A weakness has been reported in IBM WebSphere Application Server, which can be exploited by malicious, local users to manipulate certain data or disclose certain information. The weakness is caused due to the iscdeploy script setting insecure permissions to files in the $WAS_HOME/systemapps/isclite.ear and $WAS_HOME/bin/client_ffdc directories, which can be exploited to modify or read the files. The weakness is reported in versions 6.1, 7.0, and 8.0 running on IBM i series. SOLUTION: Apply APAR PM49712. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: IBM (PM49712): http://www.ibm.com/support/docview.wss?uid=swg21569205 http://www.ibm.com/support/docview.wss?uid=swg24031675 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 16 18:14:23 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 17 Jan 2012 03:14:23 +0100 Subject: [SEC] [SA47589] HP StorageWorks Modular Smart Array P2000 G3 Web Interface Directory Traversal Vulnerability Message-ID: <201201170214.q0H2ENHW012147@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: HP StorageWorks Modular Smart Array P2000 G3 Web Interface Directory Traversal Vulnerability SECUNIA ADVISORY ID: SA47589 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47589/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47589 RELEASE DATE: 2012-01-16 DISCUSS ADVISORY: http://secunia.com/advisories/47589/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47589/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47589 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in HP StorageWorks Modular Smart Array P2000, which can be exploited by malicious people to disclose sensitive information. Certain input passed to the web interface is not properly verified before being used to display files. This can be exploited to disclose the contents of arbitrary files via directory traversal attacks. The vulnerability is reported in HP StorageWorks Modular Smart Array P2000 G3 running firmware versions prior to TS230P008. SOLUTION: Update to firmware version TS230P008. PROVIDED AND/OR DISCOVERED BY: Carlos Perez, Tenable Network Security via ZDI. ORIGINAL ADVISORY: HPSBST02735 SSRT100516: http://h20565.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c03153338 ZDI: http://www.zerodayinitiative.com/advisories/ZDI-12-015/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 16 18:48:43 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 17 Jan 2012 03:48:43 +0100 Subject: [SEC] [SA47520] McAfee SaaS Endpoint Protection ActiveX Control "ShowReport()" Command Injection Message-ID: <201201170248.q0H2mhxW002057@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: McAfee SaaS Endpoint Protection ActiveX Control "ShowReport()" Command Injection SECUNIA ADVISORY ID: SA47520 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47520/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47520 RELEASE DATE: 2012-01-16 DISCUSS ADVISORY: http://secunia.com/advisories/47520/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47520/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47520 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in McAfee SaaS Endpoint Protection, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an error in myCIOScn.dll when processing the "ShowReport()" method, which accepts arbitrary commands without authentication. Successful exploitation may allow execution of arbitrary code. The vulnerability is reported in version 5.2.0.603. Other versions may also be affected. SOLUTION: Set the kill-bit for the affected ActiveX control. PROVIDED AND/OR DISCOVERED BY: Andrea Micalizzi (rgod) via ZDI. ORIGINAL ADVISORY: http://www.zerodayinitiative.com/advisories/ZDI-12-012/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 16 19:27:13 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 17 Jan 2012 04:27:13 +0100 Subject: [SEC] [SA47576] PHP Membership Site Manager "key" Cross-Site Scripting Vulnerability Message-ID: <201201170327.q0H3RDsR025054@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: PHP Membership Site Manager "key" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA47576 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47576/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47576 RELEASE DATE: 2012-01-16 DISCUSS ADVISORY: http://secunia.com/advisories/47576/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47576/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47576 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in PHP Membership Site Manager, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "key" manager to index.php (when "action" is set to "search") is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is reported in version 2.1. Other versions may also be affected. SOLUTION: Filter malicious characters and character sequences using a proxy. PROVIDED AND/OR DISCOVERED BY: Atmon3r OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 17 10:48:08 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 17 Jan 2012 19:48:08 +0100 Subject: [SEC] [SA47590] Moodle Email Header Injection Vulnerability Message-ID: <201201171848.q0HIm8Wv028499@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Moodle Email Header Injection Vulnerability SECUNIA ADVISORY ID: SA47590 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47590/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47590 RELEASE DATE: 2012-01-17 DISCUSS ADVISORY: http://secunia.com/advisories/47590/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47590/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47590 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Moodle, which can be exploited by malicious people to bypass certain security restrictions. For more information, see vulnerability #1 in: SA47559 This vulnerability is reported in versions 1.9 through 1.9.15+. SOLUTION: Update to version 1.9.16 or later. ORIGINAL ADVISORY: Moodle (MSA-12-0007): http://moodle.org/mod/forum/discuss.php?d=194015 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 17 11:34:32 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 17 Jan 2012 20:34:32 +0100 Subject: [SEC] [SA47471] phpMyDirectory "id" SQL Injection Vulnerability Message-ID: <201201171934.q0HJYWgo018669@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: phpMyDirectory "id" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA47471 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47471/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47471 RELEASE DATE: 2012-01-17 DISCUSS ADVISORY: http://secunia.com/advisories/47471/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47471/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47471 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in phpMyDirectory, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "id" parameter to page.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is reported in version 1.3.3. Other versions may also be affected. SOLUTION: Filter malicious characters and character sequences using a proxy. PROVIDED AND/OR DISCOVERED BY: Serseri OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 17 12:32:21 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 17 Jan 2012 21:32:21 +0100 Subject: [SEC] [SA47561] Joomla! Discussions Component "catid" SQL Injection Vulnerability Message-ID: <201201172032.q0HKWLZL009019@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Joomla! Discussions Component "catid" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA47561 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47561/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47561 RELEASE DATE: 2012-01-17 DISCUSS ADVISORY: http://secunia.com/advisories/47561/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47561/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47561 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in the Discussions component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "catid" parameter to index.php (when "option" is set to "com_discussions" and "view" is set to "thread") is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is confirmed in version 1.4. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Red Security TEAM ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/18380/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 17 13:30:12 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 17 Jan 2012 22:30:12 +0100 Subject: [SEC] [SA47439] SonicWALL AntiSpam & EMail Security Cross-Site Scripting and Script Insertion Vulnerabilities Message-ID: <201201172130.q0HLUCI4031726@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: SonicWALL AntiSpam & EMail Security Cross-Site Scripting and Script Insertion Vulnerabilities SECUNIA ADVISORY ID: SA47439 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47439/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47439 RELEASE DATE: 2012-01-17 DISCUSS ADVISORY: http://secunia.com/advisories/47439/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47439/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47439 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in SonicWALL AntiSpam & EMail Security, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting attacks. 1) Input passed via the "selectedUser" parameter to mgmtuser_delegate.html when assigning a delegate is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. 2) Input passed to the "hostname" parameter in reports_mta_queue_status.html and "direction" parameter in msg_viewer_user_mail.html is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerabilities are reported in versions v7.3.1 and 7.3.4.5725. Other versions may also be affected. SOLUTION: Filter malicious characters and character sequences using a proxy. PROVIDED AND/OR DISCOVERED BY: Benjamin Kunz Mejri (Rem0ve) via Vulnerability Research Laboratory. ORIGINAL ADVISORY: http://www.vulnerability-lab.com/get_content.php?id=58 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 17 14:29:36 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 17 Jan 2012 23:29:36 +0100 Subject: [SEC] [SA47599] BoltWire URL Cross-Site Scripting Vulnerability Message-ID: <201201172229.q0HMTatR022092@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: BoltWire URL Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA47599 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47599/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47599 RELEASE DATE: 2012-01-17 DISCUSS ADVISORY: http://secunia.com/advisories/47599/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47599/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47599 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Stefan Schurtz has discovered a vulnerability in BoltWire, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the URL to index.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 3.4.16. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Stefan Schurtz ORIGINAL ADVISORY: SSCHADV2012-001: http://www.darksecurity.de/advisories/2012/SSCHADV2012-001.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 17 14:45:34 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 17 Jan 2012 23:45:34 +0100 Subject: [SEC] [SA47559] Moodle Multiple Security Bypass Vulnerabilities Message-ID: <201201172245.q0HMjYWp011800@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Moodle Multiple Security Bypass Vulnerabilities SECUNIA ADVISORY ID: SA47559 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47559/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47559 RELEASE DATE: 2012-01-17 DISCUSS ADVISORY: http://secunia.com/advisories/47559/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47559/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47559 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Moodle, which can be exploited by malicious users and malicious people to bypass certain security restrictions. 1) Input passed to unspecified parameters is not properly sanitised before being used to construct an email message. This can be exploited to inject arbitrary email headers. This vulnerability is reported in versions 2.2, 2.1 through 2.1.3+, and 2.0 through 2.0.6+. 2) An error in the application does not invalidate a deleted user's session and can be exploited to bypass the authentication mechanism by providing a token. This vulnerability is reported in versions 2.2, 2.1 through 2.1.3+, and 2.0 through 2.0.6+. 3) An error in the course self-enrolment feature can be exploited to enroll as manager. Successful exploitation of this vulnerability requires a teacher account. This vulnerability is reported in versions 2.2 and 2.1 through 2.1.3+. SOLUTION: Update to version 2.2.1 or later, 2.1.4 or later, or 2.0.7 or later. PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1) Simon Coggins. 2) Eloy Lafuente. 3) Ibrahim Awad. ORIGINAL ADVISORY: Moodle (MSA-12-0007, MSA-12-0008, MSA-12-0009): http://moodle.org/mod/forum/discuss.php?d=194015 http://moodle.org/mod/forum/discuss.php?d=194016 http://moodle.org/mod/forum/discuss.php?d=194017 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 17 15:12:45 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 18 Jan 2012 00:12:45 +0100 Subject: [SEC] [SA47554] Apache Tomcat Request Object Recycle Security Bypass Message-ID: <201201172312.q0HNCjSj001596@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Apache Tomcat Request Object Recycle Security Bypass SECUNIA ADVISORY ID: SA47554 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47554/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47554 RELEASE DATE: 2012-01-17 DISCUSS ADVISORY: http://secunia.com/advisories/47554/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47554/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47554 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in Apache Tomcat, which can be exploited by malicious people to bypass certain security restrictions. The security issue is caused due to the request object not being recycled before processing the next request when logging certain actions. This can lead to e.g. the remote IP address and HTTP headers being carried forward to the next request and certain policies being bypassed. The security issue is reported in versions 6.0.30 through 6.0.33. SOLUTION: Update to version 6.0.35 or later. PROVIDED AND/OR DISCOVERED BY: charlie in a bug report. ORIGINAL ADVISORY: https://issues.apache.org/bugzilla/show_bug.cgi?id=51872 http://mail-archives.apache.org/mod_mbox/tomcat-announce/201201.mbox/%3C4F155CDC.8050804%40apache.org%3E OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 17 17:03:46 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 18 Jan 2012 02:03:46 +0100 Subject: [SEC] [SA47596] phpVideoPro Two Cross-Site Scripting Vulnerabilities Message-ID: <201201180103.q0I13k2s014303@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: phpVideoPro Two Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA47596 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47596/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47596 RELEASE DATE: 2012-01-17 DISCUSS ADVISORY: http://secunia.com/advisories/47596/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47596/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47596 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Stefan Schurtz has discovered two vulnerabilities in phpVideoPro, which can be exploited by malicious people to conduct cross-site scripting attacks. 1) Input passed via the URL after e.g. login.php, configure.php, medialist.php, setfilter.php, search.php, listgen.php, or label.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Input passed via the "topic" parameter to help/index.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerabilities are confirmed in version 0.9.7. Other versions may also be affected SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Stefan Schurtz ORIGINAL ADVISORY: SSCHADV2011-041: http://www.darksecurity.de/advisories/SSCHADV2011-041.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 17 17:04:02 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 18 Jan 2012 02:04:02 +0100 Subject: [SEC] [SA47594] WordPress myEASYbackup Plugin "dwn_file" File Disclosure Vulnerability Message-ID: <201201180104.q0I142aJ014419@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: WordPress myEASYbackup Plugin "dwn_file" File Disclosure Vulnerability SECUNIA ADVISORY ID: SA47594 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47594/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47594 RELEASE DATE: 2012-01-17 DISCUSS ADVISORY: http://secunia.com/advisories/47594/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47594/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47594 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in the myEASYbackup plugin for WordPress, which can be exploited by malicious people to disclose sensitive information. Input passed to the "dwn_file" POST parameter in wp-content/plugins/myeasybackup/meb_download.php is not properly verified before being used to display files. This can be exploited to disclose the contents of arbitrary files via directory traversal sequences. The vulnerability is confirmed in version 1.0.8.1. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly verified. PROVIDED AND/OR DISCOVERED BY: antiphastrophus ORIGINAL ADVISORY: http://packetstormsecurity.org/files/108711/wpmyeasybackup-traversal.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 17 17:34:44 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 18 Jan 2012 02:34:44 +0100 Subject: [SEC] [SA47565] IBM SPSS Data Collection ActiveX Controls Two Vulnerabilities Message-ID: <201201180134.q0I1Yii7004703@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: IBM SPSS Data Collection ActiveX Controls Two Vulnerabilities SECUNIA ADVISORY ID: SA47565 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47565/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47565 RELEASE DATE: 2012-01-17 DISCUSS ADVISORY: http://secunia.com/advisories/47565/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47565/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47565 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in IBM SPSS Data Collection, which can be exploited by malicious people to compromise a user's system. 1) An unspecified error exists in the mraboutb ActiveX Control (mraboutb.dll) when handling the "SetLicenseInfoEx()" method. No further information is currently available. 2) An unspecified error exists in the ExportHTML ActiveX Control (ExportHTML.ocx) when handling the "Render()" method. No further information is currently available. Successful exploitation of the vulnerabilities may allow execution of arbitrary code. The vulnerabilities are reported in versions 5.6, 6.0, and 6.0.1. SOLUTION: Apply interim fix. See the vendor's advisory for details. PROVIDED AND/OR DISCOVERED BY: The vendor credits Andrea Micalizza aka rgod via ZDI. ORIGINAL ADVISORY: IBM: http://www.ibm.com/support/docview.wss?uid=swg24031804 http://www.ibm.com/support/docview.wss?uid=swg21577956 ISS X-Force: http://xforce.iss.net/xforce/xfdb/72118 http://xforce.iss.net/xforce/xfdb/72121 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 17 18:07:52 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 18 Jan 2012 03:07:52 +0100 Subject: [SEC] [SA47560] Rockwell Automation FactoryTalk Diagnostics Receiver Service Denial of Service Vulnerabilities Message-ID: <201201180207.q0I27qMQ027048@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Rockwell Automation FactoryTalk Diagnostics Receiver Service Denial of Service Vulnerabilities SECUNIA ADVISORY ID: SA47560 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47560/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47560 RELEASE DATE: 2012-01-17 DISCUSS ADVISORY: http://secunia.com/advisories/47560/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47560/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47560 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Luigi Auriemma has discovered two vulnerabilities in Rockwell Automation products, which can be exploited by malicious people to cause a DoS (Denial of Service). 1) An error in the FactoryTalk Diagnostics Receiver service (RNADiagReceiver.exe) when processing datagrams can be exploited to prevent processing subsequent connections via a datagram containing more than 2000 bytes sent to UDP port 4445. 2) An input validation error in the FactoryTalk Diagnostics Receiver service (RNADiagReceiver.exe) when processing certain datagrams can be exploited to cause a crash via a specially crafted datagram sent to UDP port 4445. The vulnerabilities are confirmed in RNADiagReceiver.exe version 2.10.1.16. Other versions may also be affected. SOLUTION: Restrict access to trusted hosts only. PROVIDED AND/OR DISCOVERED BY: Luigi Auriemma ORIGINAL ADVISORY: http://aluigi.altervista.org/adv/rnadiagreceiver_1-adv.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 17 18:29:38 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 18 Jan 2012 03:29:38 +0100 Subject: [SEC] [SA47595] Beehive Forum URL Cross-Site Scripting Vulnerability Message-ID: <201201180229.q0I2TcG2016832@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Beehive Forum URL Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA47595 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47595/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47595 RELEASE DATE: 2012-01-17 DISCUSS ADVISORY: http://secunia.com/advisories/47595/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47595/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47595 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Stefan Schurtz has discovered a vulnerability in Beehive Forum, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the URL after e.g. forum/register.php or forum/logon.php is not properly sanitised in the "get_request_uri()" function (forum/include/format.inc.php) before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 1.0.1. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Stefan Schurtz ORIGINAL ADVISORY: SSCHADV2011-042: http://www.darksecurity.de/advisories/SSCHADV2011-042.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 17 18:49:56 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 18 Jan 2012 03:49:56 +0100 Subject: [SEC] [SA47597] ATutor Multiple Cross-Site Scripting Vulnerabilities Message-ID: <201201180249.q0I2nu3q006598@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: ATutor Multiple Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA47597 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47597/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47597 RELEASE DATE: 2012-01-17 DISCUSS ADVISORY: http://secunia.com/advisories/47597/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47597/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47597 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Stefan Schurtz has discovered some vulnerabilities in ATutor, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the URL after login.php, search.php, password_reminder.php, browse.php, registration.php, or about.php and via the URL after themes/default/tile_search/index.tmpl.php and themes/default/social/basic_profile.tmpl.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerabilities are confirmed in version 2.0.3. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Stefan Schurtz ORIGINAL ADVISORY: SSCHADV2012-002: http://www.darksecurity.de/advisories/2012/SSCHADV2012-002.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 17 19:47:01 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 18 Jan 2012 04:47:01 +0100 Subject: [SEC] [SA47607] SUSE update for OpenSSL Message-ID: <201201180347.q0I3l1us029801@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: SUSE update for OpenSSL SECUNIA ADVISORY ID: SA47607 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47607/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47607 RELEASE DATE: 2012-01-17 DISCUSS ADVISORY: http://secunia.com/advisories/47607/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47607/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47607 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for OpenSSL. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, cause a DoS (Denial of Service), and potentially compromise an application using the library. For more information: SA47426 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: SUSE-SU-2012:0084-1: http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00018.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 17 20:16:36 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 18 Jan 2012 05:16:36 +0100 Subject: [SEC] [SA47557] IBM WebSphere Application Server Hash Collision Denial of Service Vulnerability Message-ID: <201201180416.q0I4GaFf019708@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: IBM WebSphere Application Server Hash Collision Denial of Service Vulnerability SECUNIA ADVISORY ID: SA47557 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47557/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47557 RELEASE DATE: 2012-01-17 DISCUSS ADVISORY: http://secunia.com/advisories/47557/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47557/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47557 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in IBM WebSphere Application Server, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error within a hash generation function when hashing form posts and updating a hash table. This can be exploited to cause a hash collision resulting in high CPU consumption via a specially crafted form sent in a HTTP POST request. The vulnerability is reported in versions 6.1.0.41 and prior, 7.0.0.21 and prior, and 8.0.0.2 and prior. SOLUTION: Apply APAR PM53930. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.ibm.com/support/docview.wss?uid=swg24031821 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 17 20:46:27 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 18 Jan 2012 05:46:27 +0100 Subject: [SEC] [SA47601] SUSE update for openssl Message-ID: <201201180446.q0I4kRYx009619@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: SUSE update for openssl SECUNIA ADVISORY ID: SA47601 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47601/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47601 RELEASE DATE: 2012-01-17 DISCUSS ADVISORY: http://secunia.com/advisories/47601/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47601/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47601 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for openssl. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information and cause a DoS (Denial of Service). For more information: SA47426 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2012:0083-1: http://lists.opensuse.org/opensuse-updates/2012-01/msg00029.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 17 21:10:34 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 18 Jan 2012 06:10:34 +0100 Subject: [SEC] [SA47548] spamdyke Buffer Overflow Vulnerabilities Message-ID: <201201180510.q0I5AYVw031825@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: spamdyke Buffer Overflow Vulnerabilities SECUNIA ADVISORY ID: SA47548 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47548/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47548 RELEASE DATE: 2012-01-17 DISCUSS ADVISORY: http://secunia.com/advisories/47548/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47548/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47548 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in spamdyke, which potentially can be exploited by malicious people to compromise a vulnerable system. The vulnerabilities are caused due to boundary errors related to the incorrect use of the "snprintf()" and "vsnprintf()" functions, which can be exploited to cause buffer overflows. The vulnerabilities are reported in versions prior to 4.3.0. SOLUTION: Update to version 4.3.0. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.spamdyke.org/documentation/Changelog.txt http://www.mail-archive.com/spamdyke-release at spamdyke.org/msg00014.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 17 21:25:11 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 18 Jan 2012 06:25:11 +0100 Subject: [SEC] [SA47606] IBM HTTP Server Multiple Vulnerabilities Message-ID: <201201180525.q0I5PB2h021506@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: IBM HTTP Server Multiple Vulnerabilities SECUNIA ADVISORY ID: SA47606 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47606/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47606 RELEASE DATE: 2012-01-17 DISCUSS ADVISORY: http://secunia.com/advisories/47606/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47606/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47606 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: IBM has acknowledged two weaknesses and two vulnerabilities in IBM HTTP Server, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to bypass certain security restrictions and cause a DoS (Denial of Service). For more information: SA45793 SA46013 SA46288 SA46987 The weaknesses and vulnerabilities are reported in versions prior to 7.0.0 Fix Pack 21. SOLUTION: Update to version 7.0.0.21. ORIGINAL ADVISORY: IBM (PM47852, PM48384, PM50426): http://www.ibm.com/support/docview.wss?uid=swg27014506 http://www.ibm.com/support/docview.wss?uid=swg1PM47852 http://www.ibm.com/support/docview.wss?uid=swg1PM48384 http://www.ibm.com/support/docview.wss?uid=swg1PM50426 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 17 21:45:22 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 18 Jan 2012 06:45:22 +0100 Subject: [SEC] [SA47558] 7-Technologies Interactive Graphical SCADA System Insecure Library Loading Vulnerability Message-ID: <201201180545.q0I5jMjp011269@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: 7-Technologies Interactive Graphical SCADA System Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA47558 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47558/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47558 RELEASE DATE: 2012-01-17 DISCUSS ADVISORY: http://secunia.com/advisories/47558/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47558/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47558 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in 7-Technologies Interactive Graphical SCADA System, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application loading certain libraries in an insecure manner, which can be exploited to load arbitrary libraries by tricking a user into opening certain files located on a remote WebDAV or SMB share. Successful exploitation may allow execution of arbitrary code. The vulnerability is reported in versions prior to 9.0.0.11291. SOLUTION: Update to version 9.0.0.11291. PROVIDED AND/OR DISCOVERED BY: ICS-CERT credits Kuang-Chun Hung, Information and Communication Security Technology Center. ORIGINAL ADVISORY: ICS-CERT (ICSA-11-353-01): http://www.us-cert.gov/control_systems/pdf/ICSA-11-353-01.pdf OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 17 22:10:39 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 18 Jan 2012 07:10:39 +0100 Subject: [SEC] [SA47519] Jenkins Winstone Web Form Hash Collision Denial of Service Vulnerability Message-ID: <201201180610.q0I6AdpB001036@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Jenkins Winstone Web Form Hash Collision Denial of Service Vulnerability SECUNIA ADVISORY ID: SA47519 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47519/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47519 RELEASE DATE: 2012-01-17 DISCUSS ADVISORY: http://secunia.com/advisories/47519/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47519/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47519 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Jenkins, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error within a hash generation function in the Winstone servlet container when hashing form posts and updating a hash table. This can be exploited to cause a hash collision resulting in high CPU consumption via a specially crafted form sent in a HTTP POST request. The vulnerability is reported in versions 1.446 and prior and versions 1.424.1 and prior. SOLUTION: Update to version 1.447 or 1.424.2 (please see the vendor's advisory for more information). PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2012-01-10.cb OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 18 12:08:59 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 18 Jan 2012 21:08:59 +0100 Subject: [SEC] [SA47509] AccessData FTK Lotus 123 v4 Parser Unspecified Vulnerability Message-ID: <201201182008.q0IK8xxc003256@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: AccessData FTK Lotus 123 v4 Parser Unspecified Vulnerability SECUNIA ADVISORY ID: SA47509 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47509/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47509 RELEASE DATE: 2012-01-18 DISCUSS ADVISORY: http://secunia.com/advisories/47509/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47509/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47509 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in AccessData Forensic Toolkit, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the software bundling a vulnerable Outside In library. For more information see vulnerability #3: SA47617 The vulnerability is reported in versions 3.2, 3.3, and 3.4. Other versions may also be affected. SOLUTION: Restrict access to the bundled Outside In Lotus 123 v4 parser. PROVIDED AND/OR DISCOVERED BY: Will Dormann, CERT/CC. ORIGINAL ADVISORY: http://www.kb.cert.org/vuls/id/MAPG-8QKL9H OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 18 12:43:33 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 18 Jan 2012 21:43:33 +0100 Subject: [SEC] [SA47530] pGB "id" SQL Injection Vulnerability Message-ID: <201201182043.q0IKhXJe025643@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: pGB "id" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA47530 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47530/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47530 RELEASE DATE: 2012-01-18 DISCUSS ADVISORY: http://secunia.com/advisories/47530/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47530/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47530 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in pGB, which can be exploited by malicious people to conduct SQL injection attacks. Input passed to the "id" parameter in kommentar.php is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is confirmed in version 2.14. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: 3spi0n ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/18383/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 18 16:18:10 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 19 Jan 2012 01:18:10 +0100 Subject: [SEC] [SA47563] deV!L'z Clanportal Gamebase Addon "gameid" SQL Injection Vulnerability Message-ID: <201201190018.q0J0IAcp018199@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: deV!L'z Clanportal Gamebase Addon "gameid" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA47563 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47563/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47563 RELEASE DATE: 2012-01-18 DISCUSS ADVISORY: http://secunia.com/advisories/47563/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47563/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47563 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the Gamebase addon for deV!L'z Clanportal, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "gameid" parameter to index.php (when "action" is set to "detail") is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. SOLUTION: Filter malicious characters and character sequences using a proxy. PROVIDED AND/OR DISCOVERED BY: Easy Laster. OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 18 17:51:40 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 19 Jan 2012 02:51:40 +0100 Subject: [SEC] [SA47586] Oracle MySQL Server Multiple Vulnerabilities Message-ID: <201201190151.q0J1pea7009093@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Oracle MySQL Server Multiple Vulnerabilities SECUNIA ADVISORY ID: SA47586 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47586/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47586 RELEASE DATE: 2012-01-18 DISCUSS ADVISORY: http://secunia.com/advisories/47586/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47586/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47586 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Oracle MySQL Server, which can be exploited by malicious, local users to gain knowledge of sensitive information, manipulate certain data, or cause a DoS (Denial of Service), by malicious users to gain knowledge of sensitive information, manipulate certain data, or cause a DoS, or by malicious people to cause a DoS. 1) An unspecified error can be exploited by authenticated users to disclose certain application data and cause the server to stop responding or crash. 2) An unspecified error can be exploited by unauthenticated people to cause the server to stop responding or crash. 3) An unspecified error can be exploited by authenticated users to disclose or manipulate certain application data. 4) An unspecified error can be exploited by authenticated users to read certain application data and cause the server to stop responding or crash. 5) An unspecified error can be exploited by authenticated users to read, update, insert, or delete certain application data. 6) An unspecified error can be exploited by authenticated users to cause the server to stop responding or crash. 7) An unspecified error can be exploited by authenticated users to cause the server to stop responding or crash. 8) An unspecified error can be exploited by authenticated users to cause the server to stop responding or crash. 9) An unspecified error can be exploited by authenticated users to cause the server to stop responding. 10) An unspecified error can be exploited by authenticated users to cause the server to stop responding or crash. 11) An unspecified error can be exploited by authenticated users to cause the server to stop responding or crash. 12) An unspecified error can be exploited by authenticated users to disclose certain application data. 13) An unspecified error can be exploited by authenticated users to cause the server to stop responding or crash. 14) An unspecified error can be exploited by authenticated users to cause the server to stop responding or crash. 15) An unspecified error can be exploited by authenticated users to cause the server to stop responding or crash. 16) An unspecified error can be exploited by authenticated users to cause the server to stop responding or crash. 17) An unspecified error can be exploited by authenticated users to cause the server to stop responding or crash. 18) An unspecified error can be exploited by authenticated users to cause the server to stop responding or crash. 19) An unspecified error can be exploited by authenticated users to cause the server to stop responding or crash. 20) An unspecified error can be exploited by authenticated users to cause the server to stop responding or crash. 21) An unspecified error can be exploited by authenticated users to cause the server to stop responding or crash. 22) An unspecified error can be exploited by authenticated users to cause the server to stop responding or crash. 23) An unspecified error can be exploited by local users to gain escalated privileges. 24) An unspecified error can be exploited by authenticated users to cause the server to stop responding or crash. 25) An unspecified error can be exploited by authenticated users to cause the server to stop responding or crash. 26) An unspecified error can be exploited by authenticated users to update, insert, or delete certain application data. 27) An unspecified error can be exploited by local users to cause the server to stop responding or crash. The vulnerabilities are reported in versions 5.0.x, 5.1.x, and 5.5.x. SOLUTION: Apply updates (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: It is currently unclear who reported the vulnerabilities as the Oracle Critical Patch Update for January 2012 only provides a bundled list of credits. This section will be updated when/if the original reporters provide more information. ORIGINAL ADVISORY: Oracle: http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html#AppendixMSQL OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 18 21:06:59 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 19 Jan 2012 06:06:59 +0100 Subject: [SEC] [SA47584] McAfee GroupShield Lotus 123 v4 Parser Unspecified Vulnerability Message-ID: <201201190506.q0J56xJI003253@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: McAfee GroupShield Lotus 123 v4 Parser Unspecified Vulnerability SECUNIA ADVISORY ID: SA47584 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47584/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47584 RELEASE DATE: 2012-01-18 DISCUSS ADVISORY: http://secunia.com/advisories/47584/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47584/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47584 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in McAfee GroupShield, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to the software bundling a vulnerable Outside In library. For more information see vulnerability #3: SA47617 The vulnerability is reported in version 7.0.716.101. Other versions may also be affected. SOLUTION: Disable the Lotus 123 v4 parser. PROVIDED AND/OR DISCOVERED BY: Will Dormann, CERT/CC. ORIGINAL ADVISORY: http://www.kb.cert.org/vuls/id/MAPG-8QKLAG OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 18 22:19:33 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 19 Jan 2012 07:19:33 +0100 Subject: [SEC] [SA47600] XnView PSD Record Type Parsing Integer Overflow Vulnerabilities Message-ID: <201201190619.q0J6JXMa026231@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: XnView PSD Record Type Parsing Integer Overflow Vulnerabilities SECUNIA ADVISORY ID: SA47600 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47600/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47600 RELEASE DATE: 2012-01-18 DISCUSS ADVISORY: http://secunia.com/advisories/47600/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47600/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47600 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in XnView, which can be exploited by malicious people to compromise a user's system. The vulnerabilities are caused due to integer overflow errors within the parsing of PSD record types and can be exploited to cause buffer overflows via a specially crafted PSD image. The vulnerabilities are reported in versions 1.98.2 and prior. SOLUTION: Update to version 1.98.5. PROVIDED AND/OR DISCOVERED BY: Justin Kim and Jeong Wook Oh, Microsoft Malware Protection Center (MMPC). ORIGINAL ADVISORY: Microsoft: http://technet.microsoft.com/en-us/security/msvr/msvr12-001 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 19 10:51:44 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 19 Jan 2012 19:51:44 +0100 Subject: [SEC] [SA47644] Spacewalk XMLRPC Call Failure Credentials Disclosure Weakness Message-ID: <201201191851.q0JIpiV4027060@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Spacewalk XMLRPC Call Failure Credentials Disclosure Weakness SECUNIA ADVISORY ID: SA47644 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47644/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47644 RELEASE DATE: 2012-01-19 DISCUSS ADVISORY: http://secunia.com/advisories/47644/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47644/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47644 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A weakness has been reported in Spacewalk, which can be exploited by malicious users to disclose certain sensitive information. The weakness is caused due to registration function logging user credentials in clear text when an XMLRPC call fails. The weakness is reported in version 1.6. Other versions may also be affected. SOLUTION: Fixed in the GIT repository. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Christopher J Suleski in a bug report. ORIGINAL ADVISORY: https://bugzilla.redhat.com/show_bug.cgi?id=749890 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 19 11:31:51 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 19 Jan 2012 20:31:51 +0100 Subject: [SEC] [SA47582] Batavi "boxToReload" SQL Injection Vulnerability Message-ID: <201201191931.q0JJVppk017139@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Batavi "boxToReload" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA47582 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47582/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47582 RELEASE DATE: 2012-01-19 DISCUSS ADVISORY: http://secunia.com/advisories/47582/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47582/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47582 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Batavi, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "boxToReload" parameter to ajax.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is reported in version 1.2. Prior versions may also be affected. SOLUTION: Update to version 1.2.1. PROVIDED AND/OR DISCOVERED BY: The vendor credits Canberk BOLAT, Mavituna Security. ORIGINAL ADVISORY: Batavi: http://sourceforge.net/projects/batavi/files/README.txt/download OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 19 12:33:23 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 19 Jan 2012 21:33:23 +0100 Subject: [SEC] [SA47545] usbmuxd "receive_packet()" Buffer Overflow Vulnerability Message-ID: <201201192033.q0JKXNLs007545@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: usbmuxd "receive_packet()" Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA47545 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47545/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47545 RELEASE DATE: 2012-01-19 DISCUSS ADVISORY: http://secunia.com/advisories/47545/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47545/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47545 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: rigan has reported a vulnerability in usbmuxd, which potentially can be exploited by malicious people with physical access to compromise a vulnerable system. The vulnerability is caused due to a boundary error within the "receive_packet()" function (libusbmuxd/libusbmuxd.c) when processing a property list containing an overly long "SerialNumber" field, which can be exploited to cause a heap-based buffer overflow. Successful exploitation may allow the execution of arbitrary code, but requires that the attacker is able to connect a malicious USB device. SOLUTION: Fixed in the GIT repository. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: rigan ORIGINAL ADVISORY: http://git.marcansoft.com/?p=usbmuxd.git;a=commitdiff;h=f794991993af56a74795891b4ff9da506bc893e6 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 19 13:34:46 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 19 Jan 2012 22:34:46 +0100 Subject: [SEC] [SA47588] WordPress NextGEN Gallery Plugin "paged" Input Sanitisation Vulnerabilities Message-ID: <201201192134.q0JLYkXF030325@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: WordPress NextGEN Gallery Plugin "paged" Input Sanitisation Vulnerabilities SECUNIA ADVISORY ID: SA47588 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47588/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47588 RELEASE DATE: 2012-01-19 DISCUSS ADVISORY: http://secunia.com/advisories/47588/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47588/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47588 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities with unknown impact have been reported in the NextGEN Gallery plugin for WordPress. The vulnerabilities are caused due to improper input sanitisation of the "paged" parameter values via admin/manage-galleries.php, admin/manage-images.php, and admin/manage.php and the "post_paged" POST parameter via admin/manage.php. The vulnerabilities are reported in versions prior to 1.9.1. SOLUTION: Update to version 1.9.1. PROVIDED AND/OR DISCOVERED BY: The vendor credits Jon Cave. ORIGINAL ADVISORY: http://wordpress.org/extend/plugins/nextgen-gallery/changelog/ http://code.google.com/p/nextgen-gallery/source/detail?r=1048 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 19 14:59:53 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 19 Jan 2012 23:59:53 +0100 Subject: [SEC] [SA47566] X.Org Grab-Breaking Keybinding Security Bypass Weakness Message-ID: <201201192259.q0JMxrbc021074@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: X.Org Grab-Breaking Keybinding Security Bypass Weakness SECUNIA ADVISORY ID: SA47566 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47566/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47566 RELEASE DATE: 2012-01-19 DISCUSS ADVISORY: http://secunia.com/advisories/47566/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47566/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47566 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gu1 has discovered a weakness in X.Org, which can be exploited by malicious people with physical access to bypass certain security restrictions. The weakness is caused due to xserver providing a grab-breaking hotkey functionality, which is bound by default in xkeyboard-config. This can be exploited to e.g. bypass the lock mechanism provided by certain screen savers by pressing a certain key combination. SOLUTION: Do not rely on the screen locking mechanism provided by screen savers. PROVIDED AND/OR DISCOVERED BY: Gu1 ORIGINAL ADVISORY: http://gu1.aeroxteam.fr/2012/01/19/bypass-screensaver-locker-program-xorg-111-and-up/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 19 15:25:37 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 20 Jan 2012 00:25:37 +0100 Subject: [SEC] [SA47653] Drupal Quick Tabs Module Script Insertion Vulnerability Message-ID: <201201192325.q0JNPbc1010943@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Drupal Quick Tabs Module Script Insertion Vulnerability SECUNIA ADVISORY ID: SA47653 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47653/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47653 RELEASE DATE: 2012-01-19 DISCUSS ADVISORY: http://secunia.com/advisories/47653/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47653/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47653 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the Quick Tabs module for Drupal, which can be exploited by malicious users to conduct script insertion attacks. Certain unspecified input when creating or editing blocks of tabbed content is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. Successful exploitation requires "administer quicktabs" privileges. The vulnerability is reported in versions 6.x-2.x prior to 6.x-2.1, 6.x-3.x prior to 6.x-3.1, and 7.x-3.x prior to 7.x-3.3. SOLUTION: Update to a fixed version. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Owen Barton, Drupal Security Team. The vendor also credits Michael Smith. ORIGINAL ADVISORY: SA-CONTRIB-2012-012: http://drupal.org/node/1409476 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 19 15:54:07 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 20 Jan 2012 00:54:07 +0100 Subject: [SEC] [SA47649] Drupal Panels Module Customised Layout Script Insertion Vulnerability Message-ID: <201201192354.q0JNs7sO000761@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Drupal Panels Module Customised Layout Script Insertion Vulnerability SECUNIA ADVISORY ID: SA47649 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47649/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47649 RELEASE DATE: 2012-01-19 DISCUSS ADVISORY: http://secunia.com/advisories/47649/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47649/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47649 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the Panels module for Drupal, which can be exploited by malicious users to conduct script insertion attacks. Certain unspecified input when creating customised layouts is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. Successful exploitation requires "administer panel layouts" privileges. The vulnerability is reported in versions prior to 6.x-3.10. SOLUTION: Update to version 6.x-3.10. PROVIDED AND/OR DISCOVERED BY: The vendor credits Justin Klein Keane ORIGINAL ADVISORY: SA-CONTRIB-2012-011: http://drupal.org/node/1409436 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 19 17:28:01 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 20 Jan 2012 02:28:01 +0100 Subject: [SEC] [SA47648] HP Business Availability Center / Business Service Management Multiple Security Issues Message-ID: <201201200128.q0K1S13Q024138@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: HP Business Availability Center / Business Service Management Multiple Security Issues SECUNIA ADVISORY ID: SA47648 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47648/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47648 RELEASE DATE: 2012-01-19 DISCUSS ADVISORY: http://secunia.com/advisories/47648/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47648/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47648 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: HP has acknowledged multiple security issues in HP Business Availability Center and HP Business Service Management, which can be exploited by malicious people to bypass certain security restrictions. For more information: SA39563 The security issues are reported in the following products: * Business Availability Center (BAC) versions 8.07 and prior on Windows and Solaris. * Business Service Management (BSM) versions 9.12 and prior on Windows. SOLUTION: Apply the workaround (please see the vendor's advisory for more information). ORIGINAL ADVISORY: HPSBMU02736 SSRT100699: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03127140 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 19 18:13:39 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 20 Jan 2012 03:13:39 +0100 Subject: [SEC] [SA47591] Cisco TelePresence System Default Root Account Security Issue Message-ID: <201201200213.q0K2DdWH014407@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Cisco TelePresence System Default Root Account Security Issue SECUNIA ADVISORY ID: SA47591 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47591/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47591 RELEASE DATE: 2012-01-19 DISCUSS ADVISORY: http://secunia.com/advisories/47591/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47591/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47591 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in Cisco TelePresence System, which can be exploited by malicious people to compromise a vulnerable system. The security issue is caused due to the devices containing an enabled root user account with a default password, which can not be disabled. This can be exploited to gain administrative access to the device. The security issue is reported in version TE 4.1.0 running on Cisco IP Video Phone E20. SOLUTION: Update to version TE 4.1.1. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120118-te OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 19 18:51:22 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 20 Jan 2012 03:51:22 +0100 Subject: [SEC] [SA47634] Red Hat update for php Message-ID: <201201200251.q0K2pM6w004452@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Red Hat update for php SECUNIA ADVISORY ID: SA47634 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47634/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47634 RELEASE DATE: 2012-01-19 DISCUSS ADVISORY: http://secunia.com/advisories/47634/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47634/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47634 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for php. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, bypass certain security restrictions, cause a DoS (Denial of Service), and potentially compromise a vulnerable system. For more information: SA43328 SA44874 SA46107 SA47404 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2012:0033-01: https://rhn.redhat.com/errata/RHSA-2012-0033.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 19 19:27:00 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 20 Jan 2012 04:27:00 +0100 Subject: [SEC] [SA47631] OpenSSL DTLS Denial of Service Vulnerability Message-ID: <201201200327.q0K3R0JY027323@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: OpenSSL DTLS Denial of Service Vulnerability SECUNIA ADVISORY ID: SA47631 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47631/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47631 RELEASE DATE: 2012-01-19 DISCUSS ADVISORY: http://secunia.com/advisories/47631/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47631/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47631 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in OpenSSL, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error in a fix for vulnerability #1: SA47426 The vulnerability is reported in versions 1.0.0f and 0.9.8s. SOLUTION: Update to version 1.0.0g or 0.9.8t. PROVIDED AND/OR DISCOVERED BY: The vendor credits Antonio Martin, Enterprise Secure Access Research and Development Cisco Systems, Inc. ORIGINAL ADVISORY: http://www.openssl.org/news/secadv_20120118.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 19 19:48:26 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 20 Jan 2012 04:48:26 +0100 Subject: [SEC] [SA47636] Oracle Solaris Thunderbird Multiple Vulnerabilities Message-ID: <201201200348.q0K3mQJ5017119@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Oracle Solaris Thunderbird Multiple Vulnerabilities SECUNIA ADVISORY ID: SA47636 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47636/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47636 RELEASE DATE: 2012-01-19 DISCUSS ADVISORY: http://secunia.com/advisories/47636/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47636/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47636 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Oracle has acknowledged multiple vulnerabilities in Thunderbird included in Solaris, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system. For more information: SA44982 SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_thunderbird1 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 19 20:12:52 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 20 Jan 2012 05:12:52 +0100 Subject: [SEC] [SA47645] SUSE update for libqt4 Message-ID: <201201200412.q0K4Cqx9006971@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: SUSE update for libqt4 SECUNIA ADVISORY ID: SA47645 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47645/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47645 RELEASE DATE: 2012-01-19 DISCUSS ADVISORY: http://secunia.com/advisories/47645/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47645/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47645 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for libqt4. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system. For more information: SA47449 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: SUSE-SU-2012:0097-1: http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00022.html openSUSE-SU-2012:0091-1: http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00021.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 19 21:10:17 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 20 Jan 2012 06:10:17 +0100 Subject: [SEC] [SA47640] Oracle Solaris Wireshark Denial of Service and Buffer Overflow Vulnerabilities Message-ID: <201201200510.q0K5AHtG029695@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Oracle Solaris Wireshark Denial of Service and Buffer Overflow Vulnerabilities SECUNIA ADVISORY ID: SA47640 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47640/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47640 RELEASE DATE: 2012-01-19 DISCUSS ADVISORY: http://secunia.com/advisories/47640/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47640/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47640 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Oracle has acknowledged multiple vulnerabilities in Wireshark included in Solaris, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. For more information: SA42767 SA44172 (#1) SA45086 (#2) SOLUTION: Apply the 7012174, 7038523, and 7068994 patches. ORIGINAL ADVISORY: Oracle: http://blogs.oracle.com/sunsecurity/entry/multiple_denial_of_service_vulnerabilities1 http://blogs.oracle.com/sunsecurity/entry/cve_2011_2698_denial_of http://blogs.oracle.com/sunsecurity/entry/cve_2011_1590_denial_of OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 19 21:52:44 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 20 Jan 2012 06:52:44 +0100 Subject: [SEC] [SA47629] Oracle Solaris Squid Gopher Response Processing Buffer Overflow Vulnerability Message-ID: <201201200552.q0K5qipc019817@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Oracle Solaris Squid Gopher Response Processing Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA47629 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47629/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47629 RELEASE DATE: 2012-01-19 DISCUSS ADVISORY: http://secunia.com/advisories/47629/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47629/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47629 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Oracle has acknowledged a vulnerability in Squid included in Solaris, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system. For more information: SA45805 SOLUTION: Apply 11/11 SRU 03. ORIGINAL ADVISORY: http://blogs.oracle.com/sunsecurity/entry/cve_2011_3205_buffer_overflow OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 19 22:18:22 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 20 Jan 2012 07:18:22 +0100 Subject: [SEC] [SA47651] Cisco Digital Media Manager Administrative Resources Access Security Bypass Vulnerability Message-ID: <201201200618.q0K6IMVD009669@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Cisco Digital Media Manager Administrative Resources Access Security Bypass Vulnerability SECUNIA ADVISORY ID: SA47651 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47651/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47651 RELEASE DATE: 2012-01-19 DISCUSS ADVISORY: http://secunia.com/advisories/47651/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47651/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47651 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Cisco Digital Media Manager, which can be exploited by malicious users to bypass certain security restrictions. The vulnerability is caused due to an error within the handling of access controls of certain administrative resources, which can be exploited to gain access to otherwise restricted resources by accessing certain unreferenced URLs. Please see the vendor's advisory for the list of affected versions. SOLUTION: Update to a fixed version. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Anthony Towry. ORIGINAL ADVISORY: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120118-dmm OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 20 10:32:42 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 20 Jan 2012 19:32:42 +0100 Subject: [SEC] [SA47662] SUSE update for NetworkManager-gnome Message-ID: <201201201832.q0KIWg6v006138@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: SUSE update for NetworkManager-gnome SECUNIA ADVISORY ID: SA47662 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47662/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47662 RELEASE DATE: 2012-01-20 DISCUSS ADVISORY: http://secunia.com/advisories/47662/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47662/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47662 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for NetworkManager-gnome. This fixes a weakness, which can be exploited by malicious people to conduct spoofing attacks. For more information: SA46938 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2012:0101-1: http://lists.opensuse.org/opensuse-updates/2012-01/msg00036.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 20 11:33:26 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 20 Jan 2012 20:33:26 +0100 Subject: [SEC] [SA47647] SUSE update for libxml2 Message-ID: <201201201933.q0KJXQsY028914@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: SUSE update for libxml2 SECUNIA ADVISORY ID: SA47647 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47647/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47647 RELEASE DATE: 2012-01-20 DISCUSS ADVISORY: http://secunia.com/advisories/47647/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47647/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47647 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for libxml2. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library. For more information see vulnerability #4 in: SA46632 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2012:0107-1: http://lists.opensuse.org/opensuse-updates/2012-01/msg00040.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 20 12:32:06 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 20 Jan 2012 21:32:06 +0100 Subject: [SEC] [SA47660] ICTimeAttendance "passw" SQL Injection Vulnerability Message-ID: <201201202032.q0KKW6pd019271@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: ICTimeAttendance "passw" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA47660 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47660/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47660 RELEASE DATE: 2012-01-20 DISCUSS ADVISORY: http://secunia.com/advisories/47660/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47660/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47660 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in ICTimeAttendance, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "passw" parameter to checklogin.aspx is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is reported in version 1.0. Other versions may also be affected. SOLUTION: Filter malicious characters and character sequences using a proxy. PROVIDED AND/OR DISCOVERED BY: v3n0m ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/18394/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 20 13:31:55 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 20 Jan 2012 22:31:55 +0100 Subject: [SEC] [SA47672] SUSE update for squid Message-ID: <201201202131.q0KLVta7009645@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: SUSE update for squid SECUNIA ADVISORY ID: SA47672 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47672/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47672 RELEASE DATE: 2012-01-20 DISCUSS ADVISORY: http://secunia.com/advisories/47672/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47672/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47672 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for squid. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA38570 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2012:0102-1: http://lists.opensuse.org/opensuse-updates/2012-01/msg00037.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 20 14:29:29 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 20 Jan 2012 23:29:29 +0100 Subject: [SEC] [SA47674] SUSE update for icu Message-ID: <201201202229.q0KMTTUD032369@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: SUSE update for icu SECUNIA ADVISORY ID: SA47674 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47674/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47674 RELEASE DATE: 2012-01-20 DISCUSS ADVISORY: http://secunia.com/advisories/47674/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47674/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47674 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for icu. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library. For more information: SA41724 SA47146 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2012:0100-1: http://lists.opensuse.org/opensuse-updates/2012-01/msg00035.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 20 14:46:53 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 20 Jan 2012 23:46:53 +0100 Subject: [SEC] [SA47663] Gitorious Command Injection Vulnerability Message-ID: <201201202246.q0KMkr8q022100@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Gitorious Command Injection Vulnerability SECUNIA ADVISORY ID: SA47663 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47663/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47663 RELEASE DATE: 2012-01-20 DISCUSS ADVISORY: http://secunia.com/advisories/47663/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47663/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47663 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Gitorious, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an input sanitisation error, which can be exploited to inject and execute arbitrary shell commands by sending specially crafted requests. SOLUTION: Fixed in the GIT repository. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: joernchen ORIGINAL ADVISORY: http://gitorious.org/gitorious/mainline/commit/647aed91a4dc72e88a27476948dfbacd5d0bf7ce OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 20 15:12:30 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 21 Jan 2012 00:12:30 +0100 Subject: [SEC] [SA47678] Smokeping "displaymode" Cross-Site Scripting Vulnerability Message-ID: <201201202312.q0KNCUME011962@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Smokeping "displaymode" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA47678 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47678/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47678 RELEASE DATE: 2012-01-20 DISCUSS ADVISORY: http://secunia.com/advisories/47678/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47678/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47678 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Russ McRee has reported a vulnerability in Smokeping, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "displaymode" parameter to smokeping_cgi is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is reported in version 2.6.6. Prior versions may also be affected. SOLUTION: Update to version 2.6.7. PROVIDED AND/OR DISCOVERED BY: Russ McRee ORIGINAL ADVISORY: Smokeping: http://oss.oetiker.ch/smokeping/pub/CHANGES Russ McRee: http://holisticinfosec.org/content/view/188/45/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 20 16:33:10 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 21 Jan 2012 01:33:10 +0100 Subject: [SEC] [SA47544] Cloupia FlexPod "dir" File Disclosure Vulnerability Message-ID: <201201210033.q0L0XAsO002618@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Cloupia FlexPod "dir" File Disclosure Vulnerability SECUNIA ADVISORY ID: SA47544 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47544/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47544 RELEASE DATE: 2012-01-20 DISCUSS ADVISORY: http://secunia.com/advisories/47544/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47544/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47544 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Cloupia FlexPod, which can be exploited by malicious people to disclose sensitive information. Input passed via the "dir" parameter to an unspecified script is not properly verified before being used to download files. This can be exploited to download arbitrary files from local resources via directory traversal sequences. SOLUTION: Reportedly a patch has been released. Contact the vendor for further information. PROVIDED AND/OR DISCOVERED BY: Chris Rock, Kustodian. OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 20 17:06:18 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 21 Jan 2012 02:06:18 +0100 Subject: [SEC] [SA47612] Hitachi COBOL2002 Products Unspecified Vulnerability Message-ID: <201201210106.q0L16IZN025124@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Hitachi COBOL2002 Products Unspecified Vulnerability SECUNIA ADVISORY ID: SA47612 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47612/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47612 RELEASE DATE: 2012-01-20 DISCUSS ADVISORY: http://secunia.com/advisories/47612/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47612/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47612 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Hitachi has reported a vulnerability in some COBOL2002 products, which can be exploited by malicious users to compromise a vulnerable system. The vulnerability is caused due to an unspecified error. No further information is currently available. The vulnerability is reported in versions 02-00 through 02-00-/D and 02-01 through 02-01-/C. SOLUTION: Update to version 02-01-/D. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-002/index.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 20 17:29:52 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 21 Jan 2012 02:29:52 +0100 Subject: [SEC] [SA47643] Hitachi COBOL2002 Products Unspecified Vulnerability Message-ID: <201201210129.q0L1Tqqr014943@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Hitachi COBOL2002 Products Unspecified Vulnerability SECUNIA ADVISORY ID: SA47643 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47643/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47643 RELEASE DATE: 2012-01-20 DISCUSS ADVISORY: http://secunia.com/advisories/47643/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47643/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47643 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Hitachi has reported a vulnerability in some COBOL2002 products, which can be exploited by malicious users to compromise a vulnerable system. For more information: SA47612 The vulnerability is reported in versions 01-00, 01-01 through 01-01-/D, 01-02 through 01-02-/F, and 01-03 through 01-03-/F. SOLUTION: Upgrade to version 02-01-/D. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-002/index.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 20 17:51:40 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 21 Jan 2012 02:51:40 +0100 Subject: [SEC] [SA47245] IBM Lotus Symphony Image Processing Integer Overflow Vulnerability Message-ID: <201201210151.q0L1peWW004749@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: IBM Lotus Symphony Image Processing Integer Overflow Vulnerability SECUNIA ADVISORY ID: SA47245 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47245/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47245 RELEASE DATE: 2012-01-20 DISCUSS ADVISORY: http://secunia.com/advisories/47245/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47245/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47245 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Tielei Wang has discovered a vulnerability in IBM Lotus Symphony, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an integer overflow error when processing embedded image objects. This can be exploited to cause a heap-based buffer overflow via a specially crafted e.g. JPEG object within a DOC file. Successful exploitation may allow execution of arbitrary code, but requires tricking a user into opening a malicious file. The vulnerability is confirmed in version 3.0.0 FP3 revision 20110707.1500. Other versions may also be affected. SOLUTION: Update to version 3.0.1. PROVIDED AND/OR DISCOVERED BY: Tielei Wang via Secunia. ORIGINAL ADVISORY: http://www.ibm.com/support/docview.wss?uid=swg21578684 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 20 18:15:30 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 21 Jan 2012 03:15:30 +0100 Subject: [SEC] [SA47630] Asterisk SRTP Video Stream Negotiation Denial of Service Vulnerability Message-ID: <201201210215.q0L2FUcG026962@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Asterisk SRTP Video Stream Negotiation Denial of Service Vulnerability SECUNIA ADVISORY ID: SA47630 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47630/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47630 RELEASE DATE: 2012-01-20 DISCUSS ADVISORY: http://secunia.com/advisories/47630/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47630/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47630 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Asterisk, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error within the handling of encrypted streams when negotiating a SRTP video stream and can be exploited to cause a crash. Successful exploitation requires that video support is not been enabled and the res_srtp module is loaded. The vulnerability is reported in versions prior to 10.0.1 and 1.8.8.2 SOLUTION: Update to version 10.0.1 or 1.8.8.2. PROVIDED AND/OR DISCOVERED BY: The vendor credits Catalin Sanda. ORIGINAL ADVISORY: http://downloads.asterisk.org/pub/security/AST-2012-001.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 20 18:51:03 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 21 Jan 2012 03:51:03 +0100 Subject: [SEC] [SA47635] SUSE update for tomcat6 Message-ID: <201201210251.q0L2p3X2016969@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: SUSE update for tomcat6 SECUNIA ADVISORY ID: SA47635 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47635/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47635 RELEASE DATE: 2012-01-20 DISCUSS ADVISORY: http://secunia.com/advisories/47635/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47635/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47635 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for tomcat6. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA47411 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2012:0103-1: http://lists.opensuse.org/opensuse-updates/2012-01/msg00038.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 20 19:28:11 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 21 Jan 2012 04:28:11 +0100 Subject: [SEC] [SA47604] Hitachi Cosminexus Products Hash Collision Denial of Service Vulnerability Message-ID: <201201210328.q0L3SBkJ007475@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Hitachi Cosminexus Products Hash Collision Denial of Service Vulnerability SECUNIA ADVISORY ID: SA47604 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47604/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47604 RELEASE DATE: 2012-01-20 DISCUSS ADVISORY: http://secunia.com/advisories/47604/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47604/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47604 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Hitachi has acknowledged a vulnerability in multiple Hitachi Cosminexus products, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information see vulnerability #1 in: SA47411 Please see the vendor's advisory for a list of affected products. SOLUTION: Contact Hitachi support for a workaround. ORIGINAL ADVISORY: http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-003/index.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 20 19:47:52 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 21 Jan 2012 04:47:52 +0100 Subject: [SEC] [SA47656] WordPress uCan Post Plugin Two Script Insertion Vulnerabilities Message-ID: <201201210347.q0L3lqFx029626@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: WordPress uCan Post Plugin Two Script Insertion Vulnerabilities SECUNIA ADVISORY ID: SA47656 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47656/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47656 RELEASE DATE: 2012-01-20 DISCUSS ADVISORY: http://secunia.com/advisories/47656/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47656/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47656 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been discovered in the uCan Post plugin for WordPress, which can be exploited by malicious users and malicious people to conduct script insertion attacks. 1) Input passed via the "ucan_submission_title" parameter to index.php when creating a post is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. 2) Input passed via the "ucan_submission_guest_name" parameter to index.php when creating a post is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. Successful exploitation of this vulnerability requires that "User Level required to create posts" is set to "Guest" and that the attacker is not logged in. The vulnerabilities are confirmed in version 1.0.09. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Gianluca Brindisi ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/18390/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 20 20:13:41 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 21 Jan 2012 05:13:41 +0100 Subject: [SEC] [SA47592] Horde Groupware Webmail Edition Multiple Vulnerabilities Message-ID: <201201210413.q0L4Dfru019493@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Horde Groupware Webmail Edition Multiple Vulnerabilities SECUNIA ADVISORY ID: SA47592 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47592/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47592 RELEASE DATE: 2012-01-20 DISCUSS ADVISORY: http://secunia.com/advisories/47592/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47592/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47592 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Horde Groupware Webmail Edition, which can be exploited by malicious people to conduct cross-site scripting and script insertion attacks. For more information: SA47580 1) Certain Input passed to Horde_Form related to email verification is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerabilities are reported in versions prior to 4.0.6. SOLUTION: Update to version 4.0.6. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor ORIGINAL ADVISORY: http://www.horde.org/apps/webmail/docs/RELEASE_NOTES http://www.horde.org/apps/webmail/docs/CHANGES OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 20 20:48:30 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 21 Jan 2012 05:48:30 +0100 Subject: [SEC] [SA47641] KingSCADA Credentials Disclosure Security Issue Message-ID: <201201210448.q0L4mUa1009485@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: KingSCADA Credentials Disclosure Security Issue SECUNIA ADVISORY ID: SA47641 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47641/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47641 RELEASE DATE: 2012-01-20 DISCUSS ADVISORY: http://secunia.com/advisories/47641/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47641/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47641 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Digital Security Research Group has reported a security issue in KingSCADA, which can be exploited by malicious, local users to disclose sensitive information. The security issue is caused due to user credentials being insecurely stored in a Base64 encoded database file (user.db) and can be exploited to decode and disclose the passwords. The security issue is reported in version 3.0. Other versions may also be affected. SOLUTION: Restrict access to trusted users only. PROVIDED AND/OR DISCOVERED BY: Alexandr Polyakov and Alexey Sintsov, Digital Security Research Group. ORIGINAL ADVISORY: Digital Security Research Group (DSECRG-12-005): http://dsecrg.com/pages/vul/show.php?id=405 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 20 21:18:44 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 21 Jan 2012 06:18:44 +0100 Subject: [SEC] [SA47580] Horde IMP Multiple Vulnerabilities Message-ID: <201201210518.q0L5Iibj031800@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Horde IMP Multiple Vulnerabilities SECUNIA ADVISORY ID: SA47580 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47580/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47580 RELEASE DATE: 2012-01-20 DISCUSS ADVISORY: http://secunia.com/advisories/47580/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47580/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47580 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Horde IMP, which can be exploited by malicious people to conduct cross-site scripting and script insertion attacks. 1) Input passed via the 'composeCache', 'rtemode', and 'filename_*' parameters to the compose page and the 'formname' parameter to the contacts popup window is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Certain input via IMAP mailbox names is not properly sanitised before being used. This can be exploited to insert HTML and script code, which will be executed in a user's browser session in context of an affected site if malicious data is viewed. The vulnerabilities are reported in versions prior to 5.0.18. SOLUTION: Update to version 5.0.18. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.horde.org/apps/imp/docs/RELEASE_NOTES http://www.horde.org/apps/imp/docs/CHANGES OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 20 22:23:19 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 21 Jan 2012 07:23:19 +0100 Subject: [SEC] [SA47665] Ev10 "docId" SQL Injection Vulnerability Message-ID: <201201210623.q0L6NJVd022251@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Ev10 "docId" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA47665 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47665/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47665 RELEASE DATE: 2012-01-20 DISCUSS ADVISORY: http://secunia.com/advisories/47665/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47665/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47665 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Ev10, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "docId" parameter to default.aspx is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. SOLUTION: Filter malicious characters and character sequences using a proxy. PROVIDED AND/OR DISCOVERED BY: Red Security TEAM. OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Jan 21 10:33:09 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 21 Jan 2012 19:33:09 +0100 Subject: [SEC] [SA47675] Red Hat update for jbossweb Message-ID: <201201211833.q0LIX9oh022786@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Red Hat update for jbossweb SECUNIA ADVISORY ID: SA47675 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47675/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47675 RELEASE DATE: 2012-01-20 DISCUSS ADVISORY: http://secunia.com/advisories/47675/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47675/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47675 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for jbossweb. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions or cause a DoS (Denial of Service) and by malicious people to bypass certain security restrictions and cause a DoS. For more information: SA44981 SA45232 SA47411 SOLUTION: Updated packages are available via the Red Hat Customer Portal. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2012:0041-1: https://rhn.redhat.com/errata/RHSA-2012-0041.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Jan 21 11:34:31 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 21 Jan 2012 20:34:31 +0100 Subject: [SEC] [SA47632] GE Energy D20/D200 Substation Controller TFTP Service Two Vulnerabilities Message-ID: <201201211934.q0LJYV3W013179@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: GE Energy D20/D200 Substation Controller TFTP Service Two Vulnerabilities SECUNIA ADVISORY ID: SA47632 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47632/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47632 RELEASE DATE: 2012-01-20 DISCUSS ADVISORY: http://secunia.com/advisories/47632/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47632/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47632 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in GE Energy D20/D200 Substation Controller, which can be exploited by malicious people to disclose sensitive information and compromise a vulnerable device. 1) An unspecified error within the TFTP service can be exploited to disclose certain authentication credentials. 2) An unspecified error within the TFTP service can be exploited to potentially execute arbitrary code. SOLUTION: Restrict access to trusted hosts only. PROVIDED AND/OR DISCOVERED BY: ICS-CERT credits Reid Wightman via Digital Bond?s SCADA Security Scientific Symposium (S4). ORIGINAL ADVISORY: ICS-CERT (ICS-ALERT-12-019-01): http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-12-019-01.pdf OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Jan 21 12:32:28 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 21 Jan 2012 21:32:28 +0100 Subject: [SEC] [SA47637] Ubuntu update for libxml2 Message-ID: <201201212032.q0LKWScR003521@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Ubuntu update for libxml2 SECUNIA ADVISORY ID: SA47637 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47637/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47637 RELEASE DATE: 2012-01-20 DISCUSS ADVISORY: http://secunia.com/advisories/47637/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47637/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47637 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for libxml2. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library. For more information: SA45325 SA46632 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1334-1: http://www.ubuntu.com/usn/usn-1334-1/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Jan 21 13:34:18 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 21 Jan 2012 22:34:18 +0100 Subject: [SEC] [SA47639] Ubuntu update for t1lib Message-ID: <201201212134.q0LLYIQd026308@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Ubuntu update for t1lib SECUNIA ADVISORY ID: SA47639 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47639/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47639 RELEASE DATE: 2012-01-20 DISCUSS ADVISORY: http://secunia.com/advisories/47639/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47639/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47639 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for t1lib. This fixes some vulnerabilities, which can be exploited by malicious people to compromise an application using the library. For more information: SA43491 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1335-1: http://www.ubuntu.com/usn/usn-1335-1 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Jan 21 14:34:27 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 21 Jan 2012 23:34:27 +0100 Subject: [SEC] [SA47673] HP-UX update for OpenSSL Message-ID: <201201212234.q0LMYRIu016684@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: HP-UX update for OpenSSL SECUNIA ADVISORY ID: SA47673 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47673/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47673 RELEASE DATE: 2012-01-20 DISCUSS ADVISORY: http://secunia.com/advisories/47673/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47673/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47673 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: HP has issued an update for OpenSSL in HP-UX. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, cause a DoS (Denial of Service), and potentially compromise an application using the library. For more information: SA45914 SA47426 The vulnerabilities are reported in HP-UX versions B.11.11, B.11.23, and B.11.31 running OpenSSL versions prior to vA.00.09.08s. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: HPSBUX02734 SSRT100729: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03141193 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Jan 21 15:02:02 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 22 Jan 2012 00:02:02 +0100 Subject: [SEC] [SA47655] SUSE update for ecryptfs-utils Message-ID: <201201212302.q0LN22re006579@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: SUSE update for ecryptfs-utils SECUNIA ADVISORY ID: SA47655 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47655/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47655 RELEASE DATE: 2012-01-20 DISCUSS ADVISORY: http://secunia.com/advisories/47655/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47655/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47655 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for ecryptfs-utils. This fixes a security issue, which can be exploited by malicious, local users to perform certain actions with escalated privileges. For more information: SA45747 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2012:0106-1: http://lists.opensuse.org/opensuse-updates/2012-01/msg00039.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Jan 21 15:37:03 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 22 Jan 2012 00:37:03 +0100 Subject: [SEC] [SA47314] RenRen Talk Image Parsing Two Vulnerabilities Message-ID: <201201212337.q0LNb3Ei028947@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: RenRen Talk Image Parsing Two Vulnerabilities SECUNIA ADVISORY ID: SA47314 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47314/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47314 RELEASE DATE: 2012-01-20 DISCUSS ADVISORY: http://secunia.com/advisories/47314/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47314/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47314 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Tielei Wang has discovered two vulnerabilities in RenRen Talk, which can be exploited by malicious people to compromise a user's system. 1) A signedness error when validating image dimensions of skin files can be exploited to cause a heap-based buffer overflow via e.g. a specially crafted BMP file. Successful exploitation of this vulnerability may allow execution of arbitrary code, but requires tricking a user into configuring a new skin using a malicious image file. 2) An error when processing images within a chat can be exploited to cause a heap-based buffer overflow by sending e.g. a specially crafted PNG file. Successful exploitation of this vulnerability may allow execution of arbitrary code, but requires a victim to be an accepted contact on a buddy list. The vulnerabilities are confirmed in version 2.9. Other versions may also be affected. SOLUTION: Do not use images from untrusted sources as skin files. Do not chat with untrusted contacts. PROVIDED AND/OR DISCOVERED BY: Tielei Wang via Secunia. OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Jan 21 16:47:22 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 22 Jan 2012 01:47:22 +0100 Subject: [SEC] [SA47633] Red Hat update for java-1.6.0-ibm Message-ID: <201201220047.q0M0lMM5019590@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Red Hat update for java-1.6.0-ibm SECUNIA ADVISORY ID: SA47633 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47633/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47633 RELEASE DATE: 2012-01-19 DISCUSS ADVISORY: http://secunia.com/advisories/47633/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47633/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47633 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for java-1.6.0-ibm. This fixes multiple vulnerabilities, which can be exploited by malicious users to disclose certain information and by malicious people to disclose potentially sensitive information, hijack a user's session, conduct DNS cache poisoning attacks, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system. For more information: SA47464 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2012:0034-1: https://rhn.redhat.com/errata/RHSA-2012-0034.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Jan 21 17:21:51 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 22 Jan 2012 02:21:51 +0100 Subject: [SEC] [SA47598] deV!L'z Clanportal Moviebase Addon "id" SQL Injection Vulnerability Message-ID: <201201220121.q0M1LpnI009584@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: deV!L'z Clanportal Moviebase Addon "id" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA47598 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47598/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47598 RELEASE DATE: 2012-01-19 DISCUSS ADVISORY: http://secunia.com/advisories/47598/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47598/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47598 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the Moviebase addon for deV!L'z Clanportal, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "id" parameter to movies/index.php (when "action" is set to "showkat") is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. SOLUTION: Filter malicious characters and character sequences using a proxy. PROVIDED AND/OR DISCOVERED BY: Easy Laster. OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Jan 21 17:54:51 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 22 Jan 2012 02:54:51 +0100 Subject: [SEC] [SA47638] atvise Unspecified Denial of Service Vulnerability Message-ID: <201201220154.q0M1spUj031926@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: atvise Unspecified Denial of Service Vulnerability SECUNIA ADVISORY ID: SA47638 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47638/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47638 RELEASE DATE: 2012-01-19 DISCUSS ADVISORY: http://secunia.com/advisories/47638/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47638/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47638 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Luigi Auriemma has reported a vulnerability in atvise, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an unspecified error and can be exploited to cause a crash via specially crafted requests sent to TCP port 4840. The vulnerability is reported in versions prior to 2.1. SOLUTION: Update to version 2.1. PROVIDED AND/OR DISCOVERED BY: Luigi Auriemma ORIGINAL ADVISORY: Luigi Auriemma: http://aluigi.altervista.org/adv/atvise_1-adv.txt ICS-CERT: http://www.us-cert.gov/control_systems/pdf/ICSA-12-018-02.pdf OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Jan 21 18:17:55 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 22 Jan 2012 03:17:55 +0100 Subject: [SEC] [SA47623] Oracle Solaris libexif Two Vulnerabilities Message-ID: <201201220217.q0M2HtEe021748@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Oracle Solaris libexif Two Vulnerabilities SECUNIA ADVISORY ID: SA47623 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47623/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47623 RELEASE DATE: 2012-01-19 DISCUSS ADVISORY: http://secunia.com/advisories/47623/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47623/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47623 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Oracle has acknowledged two vulnerabilities in libexif included in Solaris, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library. For more information: SA25642 SA37378 SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_libexif OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Jan 21 18:53:53 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 22 Jan 2012 03:53:53 +0100 Subject: [SEC] [SA47650] Drupal stickynote Module Cross-Site Request Forgery and Script Insertion Vulnerabilities Message-ID: <201201220253.q0M2rrYF011756@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Drupal stickynote Module Cross-Site Request Forgery and Script Insertion Vulnerabilities SECUNIA ADVISORY ID: SA47650 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47650/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47650 RELEASE DATE: 2012-01-19 DISCUSS ADVISORY: http://secunia.com/advisories/47650/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47650/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47650 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in the stickynote module for Drupal, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site request forgery attacks. 1) Certain unspecified input when editing a note is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. Successful exploitation of this vulnerability requires "edit stickynotes" privileges. 2) The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. delete a note by tricking a logged in user with the "delete stickynotes" privilege into visiting a malicious web site. The vulnerabilities are reported in versions prior to 7.x-1.1. SOLUTION: Update to version 7.x-1.1. PROVIDED AND/OR DISCOVERED BY: Greg Knaddison, Drupal Security Team. ORIGINAL ADVISORY: SA-CONTRIB-2012-010: http://drupal.org/node/1409422 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Jan 21 19:32:25 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 22 Jan 2012 04:32:25 +0100 Subject: [SEC] [SA47583] MarkLogic Server Lotus 123 v4 Unspecified Vulnerability Message-ID: <201201220332.q0M3WPpr000514@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: MarkLogic Server Lotus 123 v4 Unspecified Vulnerability SECUNIA ADVISORY ID: SA47583 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47583/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47583 RELEASE DATE: 2012-01-18 DISCUSS ADVISORY: http://secunia.com/advisories/47583/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47583/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47583 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in MarkLogic Server, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to the software bundling a vulnerable Outside In library. For more information see vulnerability #3: SA47617 The vulnerability is reported in versions 4.0, 4.1, and 4.2. Other versions may also be affected. SOLUTION: Restrict access to the Oracle Outside In libraries or upgrade to version 5.0, which does not bundle them. PROVIDED AND/OR DISCOVERED BY: Will Dormann, CERT/CC. ORIGINAL ADVISORY: http://www.kb.cert.org/vuls/id/MAPG-8QKLAE OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Jan 21 19:57:17 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 22 Jan 2012 04:57:17 +0100 Subject: [SEC] [SA47575] EnCase Forensic Lotus 123 v4 Parser Unspecified Vulnerability Message-ID: <201201220357.q0M3vHhS022811@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: EnCase Forensic Lotus 123 v4 Parser Unspecified Vulnerability SECUNIA ADVISORY ID: SA47575 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47575/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47575 RELEASE DATE: 2012-01-18 DISCUSS ADVISORY: http://secunia.com/advisories/47575/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47575/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47575 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in EnCase Forensic, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the software bundling a vulnerable Outside In library. For more information see vulnerability #3: SA47617 The vulnerability is reported in versions 6.19.2 and 7.02.02. Other versions may also be affected. SOLUTION: Remove vswk4.dll from the installation directory. PROVIDED AND/OR DISCOVERED BY: Will Dormann, CERT/CC. ORIGINAL ADVISORY: http://www.kb.cert.org/vuls/id/MAPG-8QKL9R OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Jan 21 20:31:21 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 22 Jan 2012 05:31:21 +0100 Subject: [SEC] [SA47603] Oracle GlassFish Enterprise Server Multiple Vulnerabilities Message-ID: <201201220431.q0M4VL89012796@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Oracle GlassFish Enterprise Server Multiple Vulnerabilities SECUNIA ADVISORY ID: SA47603 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47603/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47603 RELEASE DATE: 2012-01-18 DISCUSS ADVISORY: http://secunia.com/advisories/47603/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47603/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47603 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in GlassFish Enterprise Server, which can be exploited by malicious, local users to disclose potentially sensitive information and gain escalated privileges and by malicious people to cause a DoS (Denial of Service). 1) An unspecified error in the Web Container component can be exploited to cause a crash. 2) An unspecified error in the Web Container component can be exploited to cause a DoS. 3) An unspecified error in the Administration component can be exploited by local users to gain escalated privileges. 4) An unspecified error in the Administration component can be exploited by local users to disclose certain application data. The vulnerabilities are reported in versions 2.1.1, 3.0.1, and 3.1.1. SOLUTION: Apply updates (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: It is currently unclear who reported the vulnerabilities as the Oracle Critical Patch Update for January 2012 only provides a bundled list of credits. This section will be updated when/if the original reporters provide more information. ORIGINAL ADVISORY: Oracle: http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html#AppendixSUNS OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Jan 21 20:48:56 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 22 Jan 2012 05:48:56 +0100 Subject: [SEC] [SA47508] Kayako SupportSuite Weakness and Multiple Vulnerabilities Message-ID: <201201220448.q0M4muQZ002462@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Kayako SupportSuite Weakness and Multiple Vulnerabilities SECUNIA ADVISORY ID: SA47508 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47508/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47508 RELEASE DATE: 2012-01-18 DISCUSS ADVISORY: http://secunia.com/advisories/47508/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47508/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47508 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A weakness and multiple vulnerabilities have been reported in Kayako SupportSuite, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to disclose sensitive information, conduct cross-site scripting attacks, and conduct script insertion attacks. 1) The weakness is caused due to the application displaying the full installation path when the "_m" and "_a" parameters to staff/index.php are set to empty values. 2) Input passed via the "resultdata" parameter to staff/index.php (when "_m" is set to "news", "_a" is set to "managesubscribers", and "importsub" is set to "1") is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 3) Input passed via various parameters to multiple scripts is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. Examples: http://[host]/staff/index.php?_m=news&_a=insertnews&subject=[script] http://[host]/staff/index.php?_m=troubleshooter&_a=insertcategory&description=[script] http://[host]/staff/index.php?_m=downloads&_a=insertfile&title=[script] http://[host]/staff/index.php?_m=teamwork&_a=insertcontact&fullname=[script]&jobtitle=[script]&email1address=[script]&email2address=[script]&email3address=[script]&customerid=[script]&mobiletelephonenumber=[script] http://[host]/staff/index.php?_m=livesupport&_a=insertcampaign&redirecturl=[script] http://[host]/staff/index.php?_m=livesupport&_a=insertcannedresponse&title=[script] http://[host]/staff/index.php?_m=tickets&_a=insertalert&title=[script] http://[host]/staff/index.php?_m=tickets&_a=insertfilter&title=[script] Successful exploitation of these vulnerabilities requires a staff account. 4) Input passed via the "Subject" parameter to an unspecified script in the LiveSupport module, the "Full Name" and "Subject" parameters to an unspecified script in the Tickets module, and the "Full Name" parameter to unspecified scripts in the News and Knowledgebase modules is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. The vulnerabilities are reported in version 3.70.02. Other versions may also be affected. SOLUTION: Apply patches (please contact the vendor for more information). PROVIDED AND/OR DISCOVERED BY: 1-3) Alexander Zaitsev, Positive Research Center. 4) Yuri Goltsev, Positive Research Center. ORIGINAL ADVISORY: http://en.securitylab.ru/lab/PT-2011-01 http://en.securitylab.ru/lab/PT-2011-03 http://en.securitylab.ru/lab/PT-2011-04 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Jan 21 21:14:08 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 22 Jan 2012 06:14:08 +0100 Subject: [SEC] [SA46646] Oracle OpenSSO Administration Component Data Manipulation Vulnerability Message-ID: <201201220514.q0M5E8Sn024759@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Oracle OpenSSO Administration Component Data Manipulation Vulnerability SECUNIA ADVISORY ID: SA46646 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46646/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46646 RELEASE DATE: 2012-01-18 DISCUSS ADVISORY: http://secunia.com/advisories/46646/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46646/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46646 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Oracle OpenSSO, which can be exploited by malicious people to manipulate certain data. The vulnerability is caused due to an unspecified error in the Administration component and can be exploited to update, insert, or delete certain Oracle OpenSSO accessible data. The vulnerability is reported in versions 7.1 and 8.0. SOLUTION: Apply updates (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: It is currently unclear who reported the vulnerability as the Oracle Critical Patch Update for January 2012 only provides a bundled list of credits. This section will be updated when/if the original reporters provide more information. ORIGINAL ADVISORY: Oracle: http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html#AppendixSUNS OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Jan 21 21:49:55 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 22 Jan 2012 06:49:55 +0100 Subject: [SEC] [SA47581] Lucion FileCenter Lotus 123 v4 Parser Unspecified Vulnerability Message-ID: <201201220549.q0M5nttv014760@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Lucion FileCenter Lotus 123 v4 Parser Unspecified Vulnerability SECUNIA ADVISORY ID: SA47581 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47581/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47581 RELEASE DATE: 2012-01-18 DISCUSS ADVISORY: http://secunia.com/advisories/47581/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47581/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47581 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Lucion FileCenter, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the software bundling a vulnerable Outside In library. For more information see vulnerability #3: SA47617 The vulnerability is reported in version 7.1.0.35. Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: Will Dormann, CERT/CC. ORIGINAL ADVISORY: http://www.kb.cert.org/vuls/id/MAPG-8QKLAB OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Jan 21 22:13:31 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 22 Jan 2012 07:13:31 +0100 Subject: [SEC] [SA47552] Oracle GlassFish Communications Server / Sun Java System Application Server Denial of Service Message-ID: <201201220613.q0M6DVol004590@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Oracle GlassFish Communications Server / Sun Java System Application Server Denial of Service SECUNIA ADVISORY ID: SA47552 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47552/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47552 RELEASE DATE: 2012-01-18 DISCUSS ADVISORY: http://secunia.com/advisories/47552/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47552/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47552 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in GlassFish Communications Server and Sun Java System Application Server, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an unspecified error within the Web Container component. For more information see vulnerability #1 in: SA47611 The vulnerability is reported in GlassFish Communications Server version 2.0 and Java System Application Server versions 8.1 and 8.2. SOLUTION: Apply updates (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: It is currently unclear who reported the vulnerabilities as the Oracle Critical Patch Update for January 2012 only provides a bundled list of credits. This section will be updated when/if the original reporters provide more information. ORIGINAL ADVISORY: Oracle: http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Jan 22 10:33:33 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 22 Jan 2012 19:33:33 +0100 Subject: [SEC] [SA47579] WordPress My Calendar Plugin Two Cross-Site Scripting Vulnerabilities Message-ID: <201201221833.q0MIXX26005258@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: WordPress My Calendar Plugin Two Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA47579 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47579/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47579 RELEASE DATE: 2012-01-18 DISCUSS ADVISORY: http://secunia.com/advisories/47579/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47579/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47579 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been discovered in the My Calendar plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the URL is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Successful exploitation requires that the "Display a jumpbox for changing month and year quickly?" option is enabled. The vulnerabilities are confirmed in version 1.10.1. Prior versions may also be affected. SOLUTION: Update to version 1.10.5. PROVIDED AND/OR DISCOVERED BY: The vendor credits Dean Batha. ORIGINAL ADVISORY: My Calendar Plugin: http://wordpress.org/extend/plugins/my-calendar/changelog/ http://plugins.trac.wordpress.org/changeset/490070/my-calendar#file2 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Jan 22 11:33:35 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 22 Jan 2012 20:33:35 +0100 Subject: [SEC] [SA47610] Oracle Fusion Middleware Multiple Vulnerabilities Message-ID: <201201221933.q0MJXZnS028020@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Oracle Fusion Middleware Multiple Vulnerabilities SECUNIA ADVISORY ID: SA47610 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47610/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47610 RELEASE DATE: 2012-01-18 DISCUSS ADVISORY: http://secunia.com/advisories/47610/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47610/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47610 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Oracle Fusion Middleware, which can be exploited by malicious users to disclose sensitive information and manipulate certain data and by malicious people to conduct SQL injection and cross-site scripting attacks, disclose sensitive information, and cause a DoS (Denial of Service). 1) Input passed via the "SortField", "SortOrder", and "QueryText" parameters to idc/idcplg (when "IdcService" is set to "GET_SEARCH_RESULTS") is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. 2) An unspecified error within the Web Services Security subcomponent of the Oracle Web Services Manager component can be exploited by authenticated users to disclose and manipulate certain data. 3) Another unspecified error within the Web Services Security subcomponent of the Oracle Web Services Manager component can be exploited to cause a crash. 4) Another unspecified error within the Web Services Security subcomponent of the Oracle Web Services Manager component can be exploited to disclose certain sensitive information. 5) Input passed via e.g. the "sltPageTitle" and "redirectTitle" parameters to idc/idcplg is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerabilities are reported in versions 11.1.1.3.0, 11.1.1.4.0, and 11.1.1.5.0. SOLUTION: Apply updates (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: 1, 5) Rohan Stelling, stratsec. It is currently unclear who reported the remaining vulnerabilities as the Oracle Critical Patch Update for January 2012 only provides a bundled list of credits. This section will be updated when/if the original reporter provides more information. ORIGINAL ADVISORY: Oracle: http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html#AppendixFMW stratsec: http://www.stratsec.net/Research/Advisories/Oracle-Fusion-Middleware-%28Oracle-WebCenter-Content OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Jan 22 12:30:53 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 22 Jan 2012 21:30:53 +0100 Subject: [SEC] [SA47616] Oracle Application Server Cross-Site Scripting and SQL Injection Vulnerabilities Message-ID: <201201222030.q0MKUrSi018350@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Oracle Application Server Cross-Site Scripting and SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA47616 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47616/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47616 RELEASE DATE: 2012-01-18 DISCUSS ADVISORY: http://secunia.com/advisories/47616/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47616/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47616 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Oracle Application Server, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks. 1) Input passed to idc/idcplg can be exploited to conduct SQL injection attacks. For more information see vulnerability #1 in: SA47610 2) Input appended to the URL after e.g. idc/help/user_help/wwhelp/wwhimpl/common/html/frameset.htm is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 3) Input passed to idc/idcplg can be exploited to conduct cross-site scripting attacks. For more information see vulnerability #5 in: SA47610 SOLUTION: Apply updates (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: Rohan Stelling, stratsec. ORIGINAL ADVISORY: Oracle: http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html#AppendixFMW stratsec: http://www.stratsec.net/Research/Advisories/Oracle-Fusion-Middleware-%28Oracle-WebCenter-Content OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Jan 22 13:32:30 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 22 Jan 2012 22:32:30 +0100 Subject: [SEC] [SA47625] Oracle JD Edwards EnterpriseOne Tools Multiple Vulnerabilities Message-ID: <201201222132.q0MLWUs3008753@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Oracle JD Edwards EnterpriseOne Tools Multiple Vulnerabilities SECUNIA ADVISORY ID: SA47625 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47625/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47625 RELEASE DATE: 2012-01-18 DISCUSS ADVISORY: http://secunia.com/advisories/47625/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47625/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47625 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Oracle JD Edwards EnterpriseOne Tools, which can be exploited by malicious people to disclose potentially sensitive information and manipulate certain data and by malicious people to cause a DoS (Denial of Service). 1) An unspecified error in the Enterprise Infrastructure SEC (JDENET) component can be exploited to cause a DoS. 2) An unspecified error in the Enterprise Infrastructure SEC (JDENET) component can be exploited by authenticated users to read certain JD Edwards EnterpriseOne Tools accessible data. 3) An unspecified error in the Enterprise Infrastructure SEC (JDENET) component can be exploited by authenticated users to read certain JD Edwards EnterpriseOne Tools accessible data. 4) An unspecified error in the Enterprise Infrastructure SEC (JDENET) component can be exploited by authenticated users to read certain JD Edwards EnterpriseOne Tools accessible data. 5) An unspecified error in the Enterprise Infrastructure SEC (JDENET) component can be exploited by authenticated users to read certain JD Edwards EnterpriseOne Tools accessible data. 6) An unspecified error in the Enterprise Infrastructure SEC (JDENET) component can be exploited by authenticated users to update, insert or delete certain JD Edwards EnterpriseOne Tools accessible data. 7) An unspecified error in the Enterprise Infrastructure SEC (JDENET) component can be exploited by authenticated users to read certain JD Edwards EnterpriseOne Tools accessible data. 8) An unspecified error in the Enterprise Infrastructure SEC (JDENET) component can be exploited by authenticated users to update, insert or delete certain JD Edwards EnterpriseOne Tools accessible data. The vulnerabilities are reported in version 8.98. SOLUTION: Apply updates (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: It is currently unclear who reported the vulnerabilities as the Oracle Critical Patch Update for January 2012 only provides a bundled list of credits. This section will be updated when/if the original reporters provide more information. ORIGINAL ADVISORY: Oracle: http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html#AppendixJDE OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Jan 22 14:30:49 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 22 Jan 2012 23:30:49 +0100 Subject: [SEC] [SA47578] Oracle Communications Unified Calendar Server Multiple Vulnerabilities Message-ID: <201201222230.q0MMUn6T031479@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Oracle Communications Unified Calendar Server Multiple Vulnerabilities SECUNIA ADVISORY ID: SA47578 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47578/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47578 RELEASE DATE: 2012-01-18 DISCUSS ADVISORY: http://secunia.com/advisories/47578/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47578/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47578 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Oracle Communications Unified, which can be exploited by malicious, local users to disclose potentially sensitive information, manipulate certain data, and cause a DoS (Denial of Service) and by malicious users to cause a DoS (Denial of Service). 1) An unspecified error in the Calendar Server component can be exploited by local users to disclose or manipulate certain application data and cause a partial DoS. 2) An unspecified error in the Calendar Server component can be exploited by authenticated users to cause a partial DoS. 3) An unspecified error in the Calendar Server component can be exploited by local users to disclose or manipulate certain application data. 4) An unspecified error in the Calendar Server component can be exploited by local users to disclose certain application data. The vulnerabilities are reported in version 7.0. SOLUTION: Apply updates (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: It is currently unclear who reported these vulnerabilities as the Oracle Critical Patch Update for January 2012 only provides a bundled list of credits. This section will be updated when/if the original reporter provides more information. ORIGINAL ADVISORY: Oracle: http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html#AppendixSUNS OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Jan 22 14:48:07 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 22 Jan 2012 23:48:07 +0100 Subject: [SEC] [SA47553] Oracle Virtual Desktop Infrastructure Information Disclosure and Data Manipulation Message-ID: <201201222248.q0MMm7j6021214@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Oracle Virtual Desktop Infrastructure Information Disclosure and Data Manipulation SECUNIA ADVISORY ID: SA47553 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47553/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47553 RELEASE DATE: 2012-01-18 DISCUSS ADVISORY: http://secunia.com/advisories/47553/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47553/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47553 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Oracle Virtual Desktop Infrastructure, which can be exploited by malicious users to disclose potentially sensitive information and manipulate certain data. The vulnerability is caused due to an unspecified error in the Session component and can be exploited to read, update, insert, or delete certain Virtual Desktop Infrastructure (VDI) accessible data. The vulnerability is reported in version 3.2. SOLUTION: Apply fix (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: It is currently unclear who reported the vulnerability as the Oracle Critical Patch Update for January 2012 only provides a bundled list of credits. This section will be updated when/if the original reporters provide more information. ORIGINAL ADVISORY: Oracle: http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html#AppendixOVIR OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Jan 22 15:16:35 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 23 Jan 2012 00:16:35 +0100 Subject: [SEC] [SA47523] F5 FirePass PHP File Upload Denial of Service Vulnerability Message-ID: <201201222316.q0MNGZUT011113@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: F5 FirePass PHP File Upload Denial of Service Vulnerability SECUNIA ADVISORY ID: SA47523 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47523/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47523 RELEASE DATE: 2012-01-18 DISCUSS ADVISORY: http://secunia.com/advisories/47523/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47523/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47523 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: F5 has acknowledged a vulnerability in FirePass, which can be exploited by malicious users to cause a DoS (Denial of Service). The vulnerability affects certain HTTP functions such as Portal Access, Application Access, Logon and the Admin interface due to a vulnerable version of PHP. For more information see vulnerability #4: SA37412 The vulnerability is reported in versions 6.0.0 through 6.1.0 and 7.0.0. SOLUTION: Restrict access to trusted users only. ORIGINAL ADVISORY: http://support.f5.com/kb/en-us/solutions/public/13000/200/sol13279.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Jan 22 16:31:37 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 23 Jan 2012 01:31:37 +0100 Subject: [SEC] [SA47611] Oracle Solaris Multiple Vulnerabilities Message-ID: <201201230031.q0N0VbkJ001653@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Oracle Solaris Multiple Vulnerabilities SECUNIA ADVISORY ID: SA47611 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47611/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47611 RELEASE DATE: 2012-01-18 DISCUSS ADVISORY: http://secunia.com/advisories/47611/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47611/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47611 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Oracle Solaris, which can be exploited by malicious, local users to disclose system information, gain escalated privileges, and cause a DoS (Denial of Service) and by malicious people to cause a DoS (Denial of Service). 1) An unspecified error in the TCP/IP component can be exploited to cause a crash. 2) An unspecified error in the Kerberos component can be exploited by local users to gain escalated privileges. 3) An unspecified error in the Network component can be exploited to cause a DoS. 4) An unspecified error in the Kernel component can be exploited by local users to cause a DoS. 5) An unspecified error in the TCP/IP component can be exploited by local users to disclose certain system data and cause a DoS. 6) An unspecified error in the SSH component can be exploited to cause a DoS. 7) An unspecified error in the ksh93 Shell component can be exploited by local users to disclose certain system data. 8) An unspecified error in the Kernel component can be exploited by local users to cause a DoS. The vulnerabilities are reported in versions 8, 9, 10, and 11 Express. SOLUTION: Apply updates (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: It is currently unclear who reported the vulnerabilities as the Oracle Critical Patch Update for January 2012 only provides a bundled list of credits. This section will be updated when/if the original reporters provide more information. ORIGINAL ADVISORY: Oracle: http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html#AppendixSUNS OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Jan 22 17:03:20 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 23 Jan 2012 02:03:20 +0100 Subject: [SEC] [SA47619] Oracle E-Business Suite Two Data Manipulation Vulnerabilities Message-ID: <201201230103.q0N13Kbx024164@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Oracle E-Business Suite Two Data Manipulation Vulnerabilities SECUNIA ADVISORY ID: SA47619 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47619/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47619 RELEASE DATE: 2012-01-18 DISCUSS ADVISORY: http://secunia.com/advisories/47619/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47619/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47619 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in Oracle E-Business Suite, which can be exploited by malicious users and malicious people to manipulate certain data. 1) An unspecified error in the Oracle Forms component can be exploited to update, insert, or delete certain Oracle Forms accessible data. 2) An unspecified error within the Attachments / File Upload feature of the Oracle Application Object Library component can be exploited by authenticated users to update, insert, or delete certain Oracle Application Object Library accessible data. The vulnerabilities are reported in version 11.5.10.2. SOLUTION: Apply updates (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: It is currently unclear who reported these vulnerabilities as the Oracle Critical Patch Update for January 2012 only provides a bundled list of credits. This section will be updated when/if the original reporter provides more information. ORIGINAL ADVISORY: Oracle: http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html#AppendixEBS OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Jan 22 17:30:33 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 23 Jan 2012 02:30:33 +0100 Subject: [SEC] [SA47618] Oracle WebLogic Server Cross-Site Scripting and Denial of Service Vulnerabilities Message-ID: <201201230130.q0N1UXNK014035@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Oracle WebLogic Server Cross-Site Scripting and Denial of Service Vulnerabilities SECUNIA ADVISORY ID: SA47618 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47618/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47618 RELEASE DATE: 2012-01-18 DISCUSS ADVISORY: http://secunia.com/advisories/47618/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47618/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47618 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in Oracle WebLogic Server, which can be exploited by malicious people to conduct cross-site scripting attacks and cause a DoS (Denial of Service). 1) An unspecified error in the Web Container component can be exploited to cause a crash. 2) Certain unspecified input passed to the WLS-Console management interface is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerabilities are reported in versions 9.2.4, 10.0.2, 10.3.3, 10.3.4, and 10.3.5. SOLUTION: Apply updates (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: 2) JVN credits Minetoshi Takizawa. It is currently unclear who reported the other vulnerability as the Oracle Critical Patch Update for January 2012 only provides a bundled list of credits. This section will be updated when/if the original reporters provide more information. ORIGINAL ADVISORY: Oracle: http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html#AppendixAS JVN: http://jvn.jp/en/jp/JVN54779201/index.html http://jvndb.jvn.jp/en/contents/2012/JVNDB-2012-000007.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Jan 22 17:49:56 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 23 Jan 2012 02:49:56 +0100 Subject: [SEC] [SA47602] Ubuntu update for libav Message-ID: <201201230149.q0N1nu5j003791@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Ubuntu update for libav SECUNIA ADVISORY ID: SA47602 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47602/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47602 RELEASE DATE: 2012-01-18 DISCUSS ADVISORY: http://secunia.com/advisories/47602/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47602/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47602 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for libav. This fixes multiple vulnerabilities, which can be exploited by malicious people to DoS (Denial of Service) and potentially compromise a user's system. For more information: SA45532 SA46245 SA46888 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1333-1: http://www.ubuntu.com/usn/usn-1333-1/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Jan 22 18:14:38 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 23 Jan 2012 03:14:38 +0100 Subject: [SEC] [SA47614] SUSE update for acroread Message-ID: <201201230214.q0N2Ecda026018@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: SUSE update for acroread SECUNIA ADVISORY ID: SA47614 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47614/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47614 RELEASE DATE: 2012-01-18 DISCUSS ADVISORY: http://secunia.com/advisories/47614/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47614/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47614 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for acroread. This fixes two vulnerabilities, which can be exploited by malicious people to compromise a user's system. For more information: SA47133 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2012:0087-1: http://lists.opensuse.org/opensuse-updates/2012-01/msg00030.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Jan 22 18:50:23 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 23 Jan 2012 03:50:23 +0100 Subject: [SEC] [SA47622] Oracle PeopleSoft Human Capital Management Four Vulnerabilities Message-ID: <201201230250.q0N2oN5F016027@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Oracle PeopleSoft Human Capital Management Four Vulnerabilities SECUNIA ADVISORY ID: SA47622 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47622/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47622 RELEASE DATE: 2012-01-18 DISCUSS ADVISORY: http://secunia.com/advisories/47622/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47622/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47622 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Four vulnerabilities have been reported in Oracle PeopleSoft Human Capital Management, which can be exploited by malicious users to disclose or manipulate certain data. 1) An unspecified error in the Talent Acquisition Management component can be exploited to disclose or manipulate certain application data. The vulnerability is reported in version 9.1. 2) An unspecified error in the Benefits Administration component can be exploited to disclose certain application data. The vulnerability is reported in versions 8.9, 9.0, and 9.1. 3) An unspecified error in the ePerformance component can be exploited to disclose certain application data. The vulnerability is reported in versions 9.0 and 9.1 4) An unspecified error in the ePerformance component can be exploited to disclose certain application data. The vulnerability is reported in version 9.1. SOLUTION: Apply updates (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: It is currently unclear who reported the vulnerabilities as the Oracle Critical Patch Update for January 2012 only provides a bundled list of credits. This section will be updated when/if the original reporter provides more information. ORIGINAL ADVISORY: Oracle: http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html#AppendixPS OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Jan 22 19:53:10 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 23 Jan 2012 04:53:10 +0100 Subject: [SEC] [SA47620] Oracle Transportation Manager Apache HTTP Server ByteRange Filter Denial of Service Message-ID: <201201230353.q0N3rAdd006935@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Oracle Transportation Manager Apache HTTP Server ByteRange Filter Denial of Service SECUNIA ADVISORY ID: SA47620 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47620/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47620 RELEASE DATE: 2012-01-18 DISCUSS ADVISORY: http://secunia.com/advisories/47620/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47620/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47620 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Oracle has acknowledged a vulnerability in Oracle Transportation Manager, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA45606 The vulnerability is reported in version 5.5.06, 6.0, 6.1, and 6.2. SOLUTION: Apply updates (please see the vendor's advisory for details). ORIGINAL ADVISORY: Oracle: http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html#AppendixSCP OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Jan 22 20:17:26 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 23 Jan 2012 05:17:26 +0100 Subject: [SEC] [SA47628] Oracle E-Business Suite REST Services Information Disclosure Vulnerability Message-ID: <201201230417.q0N4HQcf029151@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Oracle E-Business Suite REST Services Information Disclosure Vulnerability SECUNIA ADVISORY ID: SA47628 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47628/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47628 RELEASE DATE: 2012-01-18 DISCUSS ADVISORY: http://secunia.com/advisories/47628/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47628/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47628 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Oracle E-Business Suite, which can be exploited by malicious users to disclose potentially sensitive information. The vulnerability is caused due to an unspecified error within the REST Services (Menu, LOV) feature of the Oracle Application Object Library component and can be exploited by authenticated users to disclose certain data. The vulnerability is reported in version 12.1.2 and 12.1.3. SOLUTION: Apply updates (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: It is currently unclear who reported this vulnerability as the Oracle Critical Patch Update for January 2012 only provides a bundled list of credits. This section will be updated when/if the original reporter provides more information. ORIGINAL ADVISORY: Oracle: http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html#AppendixEBS OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Jan 22 20:48:09 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 23 Jan 2012 05:48:09 +0100 Subject: [SEC] [SA47626] Oracle VM VirtualBox Two Vulnerabilities Message-ID: <201201230448.q0N4m9d4019084@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Oracle VM VirtualBox Two Vulnerabilities SECUNIA ADVISORY ID: SA47626 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47626/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47626 RELEASE DATE: 2012-01-18 DISCUSS ADVISORY: http://secunia.com/advisories/47626/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47626/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47626 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in Oracle VM VirtualBox, which can be exploited by malicious, local users to disclose potentially sensitive information, manipulate certain data, and cause a DoS (Denial of Service). 1) An unspecified error in the Windows Guest Additions component can be exploited by local users to read, update, insert, or delete certain Oracle VM VirtualBox accessible data and cause a DoS. 2) An unspecified error in the Shared Folders component can be exploited by local users to read, update, insert, or delete certain Oracle VM VirtualBox accessible data. The vulnerabilities are reported in version 4.1. SOLUTION: Apply updates (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: It is currently unclear who reported the vulnerabilities as the Oracle Critical Patch Update for January 2012 only provides a bundled list of credits. This section will be updated when/if the original reporters provide more information. ORIGINAL ADVISORY: Oracle: http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html#AppendixOVIR OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Jan 22 21:14:19 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 23 Jan 2012 06:14:19 +0100 Subject: [SEC] [SA47624] Oracle PeopleSoft Enterprise PeopleTools Unspecified Vulnerability Message-ID: <201201230514.q0N5EJhr008949@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Oracle PeopleSoft Enterprise PeopleTools Unspecified Vulnerability SECUNIA ADVISORY ID: SA47624 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47624/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47624 RELEASE DATE: 2012-01-18 DISCUSS ADVISORY: http://secunia.com/advisories/47624/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47624/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47624 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Oracle PeopleSoft Enterprise PeopleTools, which can be exploited by malicious users to manipulate certain data or cause a DoS (Denial of Service). The vulnerability is caused due to an unspecified error in the Upgrade Change Assistance feature and can be exploited to update, insert, or delete PeopleSoft Enterprise PeopleTools accessible data or cause the application to stop responding or crash. The vulnerability is reported in version 8.52.05. SOLUTION: Apply updates (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: It is currently unclear who reported the vulnerability as the Oracle Critical Patch Update for January 2012 only provides a bundled list of credits. This section will be updated when/if the original reporters provide more information. ORIGINAL ADVISORY: Oracle: http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html#AppendixPS OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Jan 22 21:46:54 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 23 Jan 2012 06:46:54 +0100 Subject: [SEC] [SA47621] Oracle PeopleSoft Enterprise CRM Unspecified Vulnerability Message-ID: <201201230546.q0N5ksBA031292@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Oracle PeopleSoft Enterprise CRM Unspecified Vulnerability SECUNIA ADVISORY ID: SA47621 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47621/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47621 RELEASE DATE: 2012-01-18 DISCUSS ADVISORY: http://secunia.com/advisories/47621/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47621/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47621 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Oracle PeopleSoft Enterprise CRM, which can be exploited by malicious users to manipulate certain data. The vulnerability is caused due to an unspecified error in the Sales component and can be exploited to update, insert, or delete certain PeopleSoft Enterprise CRM accessible data. The vulnerability is reported in version 8.9. SOLUTION: Apply updates (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: It is currently unclear who reported the vulnerability as the Oracle Critical Patch Update for January 2012 only provides a bundled list of credits. This section will be updated when/if the original reporters provide more information. ORIGINAL ADVISORY: Oracle: http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html#AppendixPS OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Jan 22 22:14:36 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 23 Jan 2012 07:14:36 +0100 Subject: [SEC] [SA47613] EMC SourceOne Email Management Credentials Disclosure Weakness Message-ID: <201201230614.q0N6EaUw021171@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: EMC SourceOne Email Management Credentials Disclosure Weakness SECUNIA ADVISORY ID: SA47613 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47613/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47613 RELEASE DATE: 2012-01-18 DISCUSS ADVISORY: http://secunia.com/advisories/47613/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47613/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47613 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A weakness has been reported in EMC SourceOne Email Management, which can be exploited by malicious, local users to disclose certain sensitive information. The weakness is caused due to the EMC SourceOne Web Search component logging user credential information in clear text in the web server log. The weakness is reported in the following versions: * EMC SourceOne Email Management versions 6.5 (6.5.2.3668) (SP2 HF3) and prior * EMC SourceOne Email Management versions 6.6 (6.6.1.2108) (SP1 HF1) and prior * EMC SourceOne Email Management versions 6.7 (6.7.2.0017) (SP2) and prior SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: EMC (ESA-2012-003): http://archives.neohapsis.com/archives/bugtraq/2012-01/att-0114/ESA-2012-003.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 23 10:35:28 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 23 Jan 2012 19:35:28 +0100 Subject: [SEC] [SA47668] Gentoo update for iscsitarget Message-ID: <201201231835.q0NIZSar021870@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Gentoo update for iscsitarget SECUNIA ADVISORY ID: SA47668 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47668/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47668 RELEASE DATE: 2012-01-23 DISCUSS ADVISORY: http://secunia.com/advisories/47668/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47668/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47668 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gentoo has issued an update for iscsitarget. This fixes some vulnerabilities, which can be exploited by malicious users to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. For more information: SA39142 SOLUTION: Update to "sys-block/iscsitarget-1.4.19" or later. ORIGINAL ADVISORY: GLSA 201201-06: http://www.gentoo.org/security/en/glsa/glsa-201201-06.xml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 23 11:31:44 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 23 Jan 2012 20:31:44 +0100 Subject: [SEC] [SA47667] Gentoo update for nxserver-freeedition Message-ID: <201201231931.q0NJVihu012188@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Gentoo update for nxserver-freeedition SECUNIA ADVISORY ID: SA47667 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47667/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47667 RELEASE DATE: 2012-01-23 DISCUSS ADVISORY: http://secunia.com/advisories/47667/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47667/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47667 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gentoo has issued an update for nxserver-freeedition. This fixes a vulnerability, which can be exploited by malicious, local users to perform certain actions with escalated privileges. For more information: SA46130 SOLUTION: Update to "net-misc/nxserver-freeedition-3.5.0.5" or later. ORIGINAL ADVISORY: GLSA 201201-07: http://www.gentoo.org/security/en/glsa/glsa-201201-07.xml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 23 12:31:42 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 23 Jan 2012 21:31:42 +0100 Subject: [SEC] [SA47627] WordPress WP e-Commerce Unspecified SQL Injection Vulnerability Message-ID: <201201232031.q0NKVgci002506@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: WordPress WP e-Commerce Unspecified SQL Injection Vulnerability SECUNIA ADVISORY ID: SA47627 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47627/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47627 RELEASE DATE: 2012-01-23 DISCUSS ADVISORY: http://secunia.com/advisories/47627/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47627/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47627 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the WP e-Commerce plugin for WordPress, which can be exploited by malicious people to conduct SQL injection attacks. Certain unspecified input is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is reported in versions prior to 3.8.7.6. SOLUTION: Update to version 3.8.7.6. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://wordpress.org/extend/plugins/wp-e-commerce/changelog/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 23 13:33:10 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 23 Jan 2012 22:33:10 +0100 Subject: [SEC] [SA47705] Acidcat CMS URL Cross-Site Scripting Vulnerabilities Message-ID: <201201232133.q0NLXAkl025339@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Acidcat CMS URL Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA47705 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47705/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47705 RELEASE DATE: 2012-01-23 DISCUSS ADVISORY: http://secunia.com/advisories/47705/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47705/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47705 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in Acidcat CMS, which can be exploited by malicious people to conduct cross-site scripting attacks. Certain input appended to the URL after admin/admin_colors.asp, admin/admin_config.asp, and admin/admin_cat_add.asp is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Successful exploitation requires that the victim uses a browser that does not URL-encode the request (e.g. Internet Explorer 6). The vulnerabilities are confirmed in version 3.5.6. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Avram Marius Gabriel (d3v1l) ORIGINAL ADVISORY: http://packetstorm.foofus.com/1201-exploits/acidcat-xss.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 23 14:34:50 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 23 Jan 2012 23:34:50 +0100 Subject: [SEC] [SA47702] Lead Capture Page System "message" Cross-Site Scripting Vulnerability Message-ID: <201201232234.q0NMYopT015737@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Lead Capture Page System "message" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA47702 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47702/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47702 RELEASE DATE: 2012-01-23 DISCUSS ADVISORY: http://secunia.com/advisories/47702/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47702/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47702 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Lead Capture Page System, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to the "message" parameter in admin/login.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. SOLUTION: Filter malicious characters and character sequences via a proxy. PROVIDED AND/OR DISCOVERED BY: HashoR ORIGINAL ADVISORY: http://packetstormsecurity.org/files/108887/leadcapturepagesystem-xss.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 23 15:04:36 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 24 Jan 2012 00:04:36 +0100 Subject: [SEC] [SA47722] WordPress Theme Tuner Plugin "tt-abspath" File Inclusion Vulnerability Message-ID: <201201232304.q0NN4ahF005655@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: WordPress Theme Tuner Plugin "tt-abspath" File Inclusion Vulnerability SECUNIA ADVISORY ID: SA47722 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47722/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47722 RELEASE DATE: 2012-01-23 DISCUSS ADVISORY: http://secunia.com/advisories/47722/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47722/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47722 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ben Schmidt has discovered a vulnerability in the Theme Tuner plugin for WordPress, which can be exploited by malicious people to compromise a vulnerable system. Input passed to the "tt-abspath" POST parameter in wp-content/plugins/theme-tuner/ajax/savetag.php is not properly verified before being used to include files. This can be exploited to include arbitrary files from local or external resources. The vulnerability is confirmed in version 0.7. Prior versions may also be affected. SOLUTION: Update to version 0.8. PROVIDED AND/OR DISCOVERED BY: Ben Schmidt ORIGINAL ADVISORY: Theme Tuner Plugin: http://wordpress.org/extend/plugins/theme-tuner/changelog/ http://plugins.trac.wordpress.org/changeset/492167/theme-tuner#file2 Ben Schmidt: http://spareclockcycles.org/2011/09/18/exploitring-the-wordpress-extension-repos/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 23 15:42:28 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 24 Jan 2012 00:42:28 +0100 Subject: [SEC] [SA47737] Rockwell Automation ControlLogix Multiple Vulnerabilities Message-ID: <201201232342.q0NNgSuU028078@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Rockwell Automation ControlLogix Multiple Vulnerabilities SECUNIA ADVISORY ID: SA47737 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47737/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47737 RELEASE DATE: 2012-01-23 DISCUSS ADVISORY: http://secunia.com/advisories/47737/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47737/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47737 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Rockwell Automation ControlLogix, which can be exploited by malicious people to disclose system information, cause a DoS (Denial of Service), and compromise a vulnerable device. 1) An input validation error when processing certain commands can be exploited to cause a device to stop responding. 2) An input validation error when processing certain packets can be exploited to cause a device to stop responding. 3) An error when processing interface control commands can be exploited to cause a device to stop responding. 4) An error when processing the stop command can be exploited to cause a device to stop responding. 5) An error when processing the dump command can be exploited to disclose the device's boot code, which may contain sensitive information. 6) An error when processing the reset command can be exploited to cause a device to stop responding. 7) An error within the upgrade functionality can be exploited to upload malicious firmware. SOLUTION: Restrict access to trusted hosts only. PROVIDED AND/OR DISCOVERED BY: ICS-CERT credits Ruben Santamarta via Digital Bond?s SCADA Security Scientific Symposium (S4). ORIGINAL ADVISORY: ICS-CERT: http://www.us-cert.gov/control_systems/pdf/ICS-Alert-12-020-02.pdf OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 23 16:49:53 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 24 Jan 2012 01:49:53 +0100 Subject: [SEC] [SA47739] SEL-2032 Communications Processor Denial of Service Vulnerability Message-ID: <201201240049.q0O0nrnQ018566@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: SEL-2032 Communications Processor Denial of Service Vulnerability SECUNIA ADVISORY ID: SA47739 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47739/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47739 RELEASE DATE: 2012-01-23 DISCUSS ADVISORY: http://secunia.com/advisories/47739/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47739/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47739 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in SEL-2032 Communications Processor, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an unspecified error when processing certain packets and can be exploited to crash the device. SOLUTION: Restrict access to trusted hosts only. PROVIDED AND/OR DISCOVERED BY: ICS-CERT credits Dillon Beresford via Digital Bond?s SCADA Security Scientific Symposium (S4). ORIGINAL ADVISORY: ICS-CERT: http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-12-020-04.pdf OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 23 17:18:49 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 24 Jan 2012 02:18:49 +0100 Subject: [SEC] [SA47652] Gentoo update for fontforge Message-ID: <201201240118.q0O1InVx008576@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Gentoo update for fontforge SECUNIA ADVISORY ID: SA47652 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47652/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47652 RELEASE DATE: 2012-01-23 DISCUSS ADVISORY: http://secunia.com/advisories/47652/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47652/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47652 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gentoo has issued an update for fontforge. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system. For more information: SA42577 SOLUTION: Update to "media-gfx/fontforge-20110222-r1" or later. ORIGINAL ADVISORY: GLSA 201201-08: http://www.gentoo.org/security/en/glsa/glsa-201201-08.xml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 23 17:50:14 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 24 Jan 2012 02:50:14 +0100 Subject: [SEC] [SA47735] Koyo ECOM100 Ethernet Module Cross-Site Scripting and Denial of Service Vulnerabilities Message-ID: <201201240150.q0O1oEDL030896@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Koyo ECOM100 Ethernet Module Cross-Site Scripting and Denial of Service Vulnerabilities SECUNIA ADVISORY ID: SA47735 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47735/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47735 RELEASE DATE: 2012-01-23 DISCUSS ADVISORY: http://secunia.com/advisories/47735/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47735/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47735 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Koyo ECOM100 Ethernet Module, which can be exploited by malicious people to conduct cross-site scripting attacks and cause a DoS (Denial of Service). 1) Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) An unspecified error within the web server can be exploited to cause a buffer overflow and crash the device. 3) An unspecified error within the web server can be exploited to exhaust system resources and crash the device. SOLUTION: Filter malicious characters and character sequences in a proxy. Restrict access to trusted hosts only. PROVIDED AND/OR DISCOVERED BY: ICS-CERT credits Reid Wightman via Digital Bond?s SCADA Security Scientific Symposium (S4). ORIGINAL ADVISORY: ICS-CERT: http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-12-020-05.pdf OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 23 18:17:36 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 24 Jan 2012 03:17:36 +0100 Subject: [SEC] [SA47723] Schneider Electric Modicon Quantum Cross-Site Scripting and Buffer Overflow Vulnerabilities Message-ID: <201201240217.q0O2HaP0020778@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Schneider Electric Modicon Quantum Cross-Site Scripting and Buffer Overflow Vulnerabilities SECUNIA ADVISORY ID: SA47723 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47723/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47723 RELEASE DATE: 2012-01-23 DISCUSS ADVISORY: http://secunia.com/advisories/47723/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47723/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47723 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Schneider Electric Modicon Quantum Series Modules, which can be exploited by malicious people to conduct cross-site scripting attacks and cause a DoS (Denial of Service). 1) Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) An unspecified error within the HTTP server can be exploited to cause a buffer overflow and crash the device. 3) An unspecified error within the FTP server can be exploited to cause a buffer overflow and crash the device. SOLUTION: Filter malicious characters and character sequences in a proxy. Restrict access to trusted hosts only. PROVIDED AND/OR DISCOVERED BY: ICS-CERT credits Ruben Santamarta via Digital Bond?s SCADA Security Scientific Symposium (S4). ORIGINAL ADVISORY: ICS-CERT: http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-12-020-03.pdf OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 23 18:50:57 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 24 Jan 2012 03:50:57 +0100 Subject: [SEC] [SA47711] Apache Struts "ParameterInterceptor" Security Bypass Vulnerability Message-ID: <201201240250.q0O2ovJu010741@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Apache Struts "ParameterInterceptor" Security Bypass Vulnerability SECUNIA ADVISORY ID: SA47711 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47711/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47711 RELEASE DATE: 2012-01-23 DISCUSS ADVISORY: http://secunia.com/advisories/47711/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47711/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47711 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Meder Kydyraliev has reported a vulnerability in Apache Struts, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused due to an error in the "ParameterInterceptor" class, which can be exploited to modify server-side objects and e.g. execute arbitrary commands via specially crafted OGNL (Object-Graph Navigation Language) expressions. This is related to vulnerability #1 in: SA32497 The vulnerability is reported in versions prior to 2.3.1.2. SOLUTION: Update to version 2.3.1.2. PROVIDED AND/OR DISCOVERED BY: Meder Kydyraliev, Google Security Team. ORIGINAL ADVISORY: Apache: http://struts.apache.org/2.x/docs/s2-009.html Meder Kydyraliev: http://blog.o0o.nu/2012/01/cve-2011-3923-yet-another-struts2.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 23 20:04:34 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 24 Jan 2012 05:04:34 +0100 Subject: [SEC] [SA47646] OpenNMS Username Script Insertion Vulnerability Message-ID: <201201240404.q0O44Ynf001756@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: OpenNMS Username Script Insertion Vulnerability SECUNIA ADVISORY ID: SA47646 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47646/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47646 RELEASE DATE: 2012-01-23 DISCUSS ADVISORY: http://secunia.com/advisories/47646/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47646/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47646 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in OpenNMS, which can be exploited by malicious people to conduct script insertion attacks. Certain input passed via the username when logging in to the application is not properly sanitised in web/springframework/security/SecurityAuthenticationEventOnmsEventBuilder.java before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. The vulnerability is reported in versions 1.8.16 and 1.9.93. Other versions may also be affected. SOLUTION: Update to version 1.8.17 or 1.10.0. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: OpenNMS: http://issues.opennms.org/browse/NMS-5128?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel#issue-tabs http://fisheye.opennms.org/browse/opennms/features/springframework-security/src/main/java/org/opennms/web/springframework/security/SecurityAuthenticationEventOnmsEventBuilder.java?r2=d2ce15470cb6c87c115c918eb86ef147486a9166&r1=80b80e110e4bce568fc2c6c0a15ad99d4617f560 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 23 20:28:23 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 24 Jan 2012 05:28:23 +0100 Subject: [SEC] [SA47712] Gentoo update for mDNSResponder Message-ID: <201201240428.q0O4SNe6024031@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Gentoo update for mDNSResponder SECUNIA ADVISORY ID: SA47712 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47712/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47712 RELEASE DATE: 2012-01-23 DISCUSS ADVISORY: http://secunia.com/advisories/47712/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47712/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47712 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gentoo has issued an update for mDNSResponder. This fixes multiple vulnerabilities, which can be exploited by malicious, local user to cause a DoS (Denial of Service) or potentially gain escalated privileges and by malicious people to conduct spoofing attacks, cause a DoS, and potentially compromise a vulnerable system. For more information: SA25745 SA26235 SA29420 SA31822 SOLUTION: Update to "net-misc/mDNSResponder-212.1" or later. ORIGINAL ADVISORY: GLSA 201201-05: http://www.gentoo.org/security/en/glsa/glsa-201201-05.xml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 23 20:45:52 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 24 Jan 2012 05:45:52 +0100 Subject: [SEC] [SA47725] Gentoo update for logsurfer Message-ID: <201201240445.q0O4jqs2013757@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Gentoo update for logsurfer SECUNIA ADVISORY ID: SA47725 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47725/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47725 RELEASE DATE: 2012-01-23 DISCUSS ADVISORY: http://secunia.com/advisories/47725/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47725/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47725 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gentoo has issued an update for logsurfer. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system. For more information: SA46389 SOLUTION: Update to version "app-admin/logsurfer+-1.8" or later. ORIGINAL ADVISORY: GLSA 201201-04: http://www.gentoo.org/security/en/glsa/glsa-201201-04.xml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 23 21:11:01 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 24 Jan 2012 06:11:01 +0100 Subject: [SEC] [SA47707] Debian update for phpmyadmin Message-ID: <201201240511.q0O5B1uG003610@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Debian update for phpmyadmin SECUNIA ADVISORY ID: SA47707 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47707/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47707 RELEASE DATE: 2012-01-23 DISCUSS ADVISORY: http://secunia.com/advisories/47707/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47707/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47707 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for phpmyadmin. This fixes multiple vulnerabilities, which can be exploited by malicious users to disclose potentially sensitive information and conduct script insertion attacks. For more information: SA44641 SA45709 SA46447 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2391-1: http://www.debian.org/security/2012/dsa-2391 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 23 21:46:36 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 24 Jan 2012 06:46:36 +0100 Subject: [SEC] [SA47378] Linux Kernel "/proc//mem" Privilege Escalation Vulnerability Message-ID: <201201240546.q0O5katF026001@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Linux Kernel "/proc//mem" Privilege Escalation Vulnerability SECUNIA ADVISORY ID: SA47378 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47378/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47378 RELEASE DATE: 2012-01-23 DISCUSS ADVISORY: http://secunia.com/advisories/47378/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47378/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47378 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in the Linux Kernel, which can be exploited by malicious, local users to gain escalated privileges. The vulnerability is caused due to the kernel not properly restricting access to "/proc//mem" file, which can be exploited to gain escalated privileges by e.g. writing into the memory of a privileged process. SOLUTION: Fixed in the GIT repository. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: The vendor credits J?ri Aedla. ORIGINAL ADVISORY: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=e268337dfe26dfc7efd422a804dbb27977a3cccc OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 23 22:12:20 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 24 Jan 2012 07:12:20 +0100 Subject: [SEC] [SA47659] WordPress AllWebMenus Plugin Arbitrary File Upload Vulnerability Message-ID: <201201240612.q0O6CKq8015846@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: WordPress AllWebMenus Plugin Arbitrary File Upload Vulnerability SECUNIA ADVISORY ID: SA47659 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47659/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47659 RELEASE DATE: 2012-01-23 DISCUSS ADVISORY: http://secunia.com/advisories/47659/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47659/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47659 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in the AllWebMenus plugin for WordPress, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to the wp-content/plugins/allwebmenus-wordpress-menu-plugin/actions.php script not verifying requests to upload files. This can be exploited to execute arbitrary PHP code by uploading a ZIP file containing a malicious PHP script. The vulnerability is confirmed in version 1.1.8. Prior versions may also be affected. SOLUTION: Update to version 1.1.9. PROVIDED AND/OR DISCOVERED BY: 6Scan ORIGINAL ADVISORY: AllWebMenus Plugin: http://www.likno.com/addins/wordpress-menu.html 6scan: http://www.exploit-db.com/exploits/18407/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 24 10:34:22 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 24 Jan 2012 19:34:22 +0100 Subject: [SEC] [SA47556] Parallels H-Sphere Cross-Site Request Forgery Vulnerability Message-ID: <201201241834.q0OIYL62016545@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Parallels H-Sphere Cross-Site Request Forgery Vulnerability SECUNIA ADVISORY ID: SA47556 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47556/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47556 RELEASE DATE: 2012-01-24 DISCUSS ADVISORY: http://secunia.com/advisories/47556/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47556/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47556 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Vulnerability Lab has reported a vulnerability in Parallels H-Sphere, which can be exploited by malicious people to conduct cross-site request forgery attacks. The application's web interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. add extra packages and group plans and conduct script insertion attacks by tricking a logged in user into visiting a malicious web site. The vulnerability is reported in version 3.3 Patch 1. Other versions may also be affected. SOLUTION: Do not browse untrusted websites or follow untrusted links while logged in to the application. PROVIDED AND/OR DISCOVERED BY: Vulnerability Lab. ORIGINAL ADVISORY: http://www.vulnerability-lab.com/get_content.php?id=392 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 24 11:32:27 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 24 Jan 2012 20:32:27 +0100 Subject: [SEC] [SA47713] Bigware Shop "lastname" SQL Injection Vulnerability Message-ID: <201201241932.q0OJWRnq006890@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Bigware Shop "lastname" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA47713 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47713/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47713 RELEASE DATE: 2012-01-24 DISCUSS ADVISORY: http://secunia.com/advisories/47713/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47713/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47713 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: dw IT-Security has discovered a vulnerability in Bigware Shop, which can be exploited by malicious users to conduct SQL injection attacks. Input passed to the "lastname" parameter in main_bigware_43.php (when "action" is set to "process") is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is confirmed in version 2.1.5. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: dw IT-Security ORIGINAL ADVISORY: http://www.dw-itsecurity.de/index.php/unser-service/websicherheit/bigware OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 24 12:36:31 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 24 Jan 2012 21:36:31 +0100 Subject: [SEC] [SA47718] Ubuntu update for linux-lts-backport-oneiric Message-ID: <201201242036.q0OKaVwl029696@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Ubuntu update for linux-lts-backport-oneiric SECUNIA ADVISORY ID: SA47718 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47718/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47718 RELEASE DATE: 2012-01-24 DISCUSS ADVISORY: http://secunia.com/advisories/47718/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47718/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47718 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for linux-lts-backport-oneiric. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges. For more information: SA46591 SA46802 SA46803 SA47486 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1340-1: https://lists.ubuntu.com/archives/ubuntu-security-announce/2012-January/001560.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 24 13:31:28 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 24 Jan 2012 22:31:28 +0100 Subject: [SEC] [SA47741] KVM qemu-kvm "process_tx_desc()" Buffer Overflow Vulnerability Message-ID: <201201242131.q0OLVSPv019992@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: KVM qemu-kvm "process_tx_desc()" Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA47741 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47741/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47741 RELEASE DATE: 2012-01-24 DISCUSS ADVISORY: http://secunia.com/advisories/47741/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47741/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47741 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in KVM qemu-kvm, which can be exploited by malicious, local users in a guest virtual machine to potentially gain escalated privileges. For more information: SA47740 SOLUTION: Restrict access to trusted users only. ORIGINAL ADVISORY: https://bugzilla.redhat.com/show_bug.cgi?id=772075 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 24 14:37:02 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 24 Jan 2012 23:37:02 +0100 Subject: [SEC] [SA47676] Gentoo update for freetype Message-ID: <201201242237.q0OMb2Qm010455@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Gentoo update for freetype SECUNIA ADVISORY ID: SA47676 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47676/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47676 RELEASE DATE: 2012-01-24 DISCUSS ADVISORY: http://secunia.com/advisories/47676/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47676/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47676 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gentoo has issued an update for freetype. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise an application using the library. For more information: SA34723 SA40586 SA40816 SA41738 SA45167 SA46575 SA46839 SOLUTION: Update to version "media-libs/freetype-2.4.8" or later. ORIGINAL ADVISORY: GLSA 201201-09: http://security.gentoo.org/glsa/glsa-201201-09.xml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 24 14:59:20 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 24 Jan 2012 23:59:20 +0100 Subject: [SEC] [SA47677] Debian update for openssl Message-ID: <201201242259.q0OMxK3e032629@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Debian update for openssl SECUNIA ADVISORY ID: SA47677 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47677/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47677 RELEASE DATE: 2012-01-24 DISCUSS ADVISORY: http://secunia.com/advisories/47677/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47677/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47677 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for openssl. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA47631 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2392-1: http://www.debian.org/security/2012/dsa-2392 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 24 15:32:38 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 25 Jan 2012 00:32:38 +0100 Subject: [SEC] [SA47679] Bip Buffer Overflow Vulnerability Message-ID: <201201242332.q0ONWcpX022599@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Bip Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA47679 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47679/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47679 RELEASE DATE: 2012-01-24 DISCUSS ADVISORY: http://secunia.com/advisories/47679/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47679/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47679 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Bip, which potentially can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error when handling file descriptors, which can be exploited to cause a stack-based buffer overflow. The vulnerability is confirmed in version 0.8.8. Other versions may also be affected. SOLUTION: Fixed in the source code repository. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Julien Tinnes. ORIGINAL ADVISORY: https://projects.duckcorp.org/projects/bip/repository/revisions/222a33cb84a2e52ad55a88900b7895bf9dd0262c https://projects.duckcorp.org/issues/269 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 24 16:47:52 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 25 Jan 2012 01:47:52 +0100 Subject: [SEC] [SA47706] Red Hat update for qemu-kvm Message-ID: <201201250047.q0P0lqKU013213@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Red Hat update for qemu-kvm SECUNIA ADVISORY ID: SA47706 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47706/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47706 RELEASE DATE: 2012-01-24 DISCUSS ADVISORY: http://secunia.com/advisories/47706/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47706/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47706 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for qemu-kvm. This fixes a vulnerability, which can be exploited by malicious, local users in a guest virtual machine to potentially gain escalated privileges. For more information: SA47741 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2012:0050-1: https://rhn.redhat.com/errata/RHSA-2012-0050.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 24 17:20:11 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 25 Jan 2012 02:20:11 +0100 Subject: [SEC] [SA47692] Ubuntu update for qemu-kvm Message-ID: <201201250120.q0P1KBko003247@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Ubuntu update for qemu-kvm SECUNIA ADVISORY ID: SA47692 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47692/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47692 RELEASE DATE: 2012-01-24 DISCUSS ADVISORY: http://secunia.com/advisories/47692/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47692/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47692 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for qemu-kvm. This fixes a vulnerability, which can be exploited by malicious, local users in a guest virtual machine to potentially gain escalated privileges. For more information: SA47741 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1339-1: http://www.ubuntu.com/usn/usn-1339-1/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 24 17:49:39 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 25 Jan 2012 02:49:39 +0100 Subject: [SEC] [SA47716] Ubuntu update for linux-lts-backport-natty Message-ID: <201201250149.q0P1ndoP025553@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Ubuntu update for linux-lts-backport-natty SECUNIA ADVISORY ID: SA47716 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47716/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47716 RELEASE DATE: 2012-01-24 DISCUSS ADVISORY: http://secunia.com/advisories/47716/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47716/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47716 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for linux-lts-backport-natty. This fixes a weakness and a vulnerability, which can be exploited by malicious, local users to disclose potentially sensitive information and cause a DoS (Denial of Service). For more information: SA43576 SA46803 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1337-1: https://lists.ubuntu.com/archives/ubuntu-security-announce/2012-January/001558.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 24 18:13:23 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 25 Jan 2012 03:13:23 +0100 Subject: [SEC] [SA47698] Ubuntu update for rsyslog Message-ID: <201201250213.q0P2DNc3015384@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Ubuntu update for rsyslog SECUNIA ADVISORY ID: SA47698 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47698/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47698 RELEASE DATE: 2012-01-24 DISCUSS ADVISORY: http://secunia.com/advisories/47698/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47698/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47698 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for rsyslog. This fixes a vulnerability, which can be exploited by malicious, local users and malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. For more information see vulnerability #2 in: SA45848 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1338-1: https://lists.ubuntu.com/archives/ubuntu-security-announce/2012-January/001559.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 24 18:49:16 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 25 Jan 2012 03:49:16 +0100 Subject: [SEC] [SA47708] Red Hat update for kernel Message-ID: <201201250249.q0P2nGDs005385@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Red Hat update for kernel SECUNIA ADVISORY ID: SA47708 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47708/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47708 RELEASE DATE: 2012-01-24 DISCUSS ADVISORY: http://secunia.com/advisories/47708/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47708/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47708 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for the kernel. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges. For more information: SA47378 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2012:0052-1: http://rhn.redhat.com/errata/RHSA-2012-0052.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 24 19:49:00 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 25 Jan 2012 04:49:00 +0100 Subject: [SEC] [SA47688] WordPress Kish Guest Posting Plugin Arbitrary File Upload Vulnerability Message-ID: <201201250349.q0P3n0qk028619@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: WordPress Kish Guest Posting Plugin Arbitrary File Upload Vulnerability SECUNIA ADVISORY ID: SA47688 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47688/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47688 RELEASE DATE: 2012-01-24 DISCUSS ADVISORY: http://secunia.com/advisories/47688/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47688/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47688 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the Kish Guest Posting plugin for WordPress, which can be exploited by malicious people to compromise a vulnerable system. The application improperly validates uploaded files, which can be exploited to execute arbitrary PHP code by uploading a PHP file with e.g. an appended ".gif" file extension. Successful exploitation requires that Apache is not configured to handle the mime-type for media files with e.g. a ".jpg" or ".gif" extension. The vulnerability is reported in version 1.2. Other versions may also be affected. SOLUTION: Restrict access to wp-content/plugins/kish-guest-posting/uploadify/scripts/uploadify.php (e.g. via .htaccess). PROVIDED AND/OR DISCOVERED BY: EgiX. OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 24 20:11:50 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 25 Jan 2012 05:11:50 +0100 Subject: [SEC] [SA47664] Gentoo update for tor Message-ID: <201201250411.q0P4BoSE018431@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Gentoo update for tor SECUNIA ADVISORY ID: SA47664 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47664/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47664 RELEASE DATE: 2012-01-24 DISCUSS ADVISORY: http://secunia.com/advisories/47664/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47664/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47664 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gentoo has issued an update for tor. This fixes a security issue and a vulnerability, which can be exploited by malicious people to disclose potentially sensitive information and compromise a user's system. For more information: SA46634 SA47276 SOLUTION: Update to version "net-misc/tor-0.2.2.35" or later. ORIGINAL ADVISORY: GLSA 201201-12: http://security.gentoo.org/glsa/glsa-201201-12.xml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 24 20:47:15 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 25 Jan 2012 05:47:15 +0100 Subject: [SEC] [SA47709] HP-UX update for Java Message-ID: <201201250447.q0P4lFh9008427@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: HP-UX update for Java SECUNIA ADVISORY ID: SA47709 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47709/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47709 RELEASE DATE: 2012-01-24 DISCUSS ADVISORY: http://secunia.com/advisories/47709/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47709/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47709 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: HP has issued an update for Java in HP-UX. This fixes multiple vulnerabilities, which can be exploited by malicious users to disclose certain information and by malicious people to disclose potentially sensitive information, hijack a user's session, conduct DNS cache poisoning attacks, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system. For more information: SA46512 The vulnerabilities are reported in versions B.11.11, B.11.23, and B.11.31 running HP JDK and JRE 6.0.12 and prior. SOLUTION: Update to HP JDK and JRE v6.0.13. ORIGINAL ADVISORY: HPSBUX02730 SSRT100710: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03122753 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 24 21:11:57 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 25 Jan 2012 06:11:57 +0100 Subject: [SEC] [SA47699] vBSEO "proc_deutf()" Code Execution Vulnerability Message-ID: <201201250511.q0P5BvJB030644@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: vBSEO "proc_deutf()" Code Execution Vulnerability SECUNIA ADVISORY ID: SA47699 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47699/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47699 RELEASE DATE: 2012-01-24 DISCUSS ADVISORY: http://secunia.com/advisories/47699/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47699/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47699 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability with has been reported in vBSEO, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an error in the "proc_deutf()" function in includes/functions_vbseocp_abstract.php. No further information is currently available. The vulnerability is reported in versions 3.5.0, 3.5.1, 3.5.2, and 3.6.0. SOLUTION: Apply patch (please see the vendor's advisory for more information). PROVIDED AND/OR DISCOVERED BY: Reported as a 0-day. ORIGINAL ADVISORY: http://www.vbseo.com/f5/vbseo-security-bulletin-all-supported-versions-patch-release-52783/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 24 21:49:07 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 25 Jan 2012 06:49:07 +0100 Subject: [SEC] [SA47683] IBM DB2 Accessories Suite Outside In Technology Multiple Vulnerabilities Message-ID: <201201250549.q0P5n7wb020665@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: IBM DB2 Accessories Suite Outside In Technology Multiple Vulnerabilities SECUNIA ADVISORY ID: SA47683 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47683/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47683 RELEASE DATE: 2012-01-24 DISCUSS ADVISORY: http://secunia.com/advisories/47683/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47683/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47683 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: IBM has acknowledged some vulnerabilities in IBM DB2 Accessories Suite, which can be exploited by malicious people to compromise a vulnerable system. For more information: SA44295 SA45297 The vulnerabilities are reported in versions prior to 9.7 Fix pack 4 V2.0.0. SOLUTION: Update to version 9.7 Fix pack 4 V2.0.0. ORIGINAL ADVISORY: IBM: http://www.ibm.com/support/docview.wss?uid=swg21578978 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 24 22:13:19 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 25 Jan 2012 07:13:19 +0100 Subject: [SEC] [SA47695] Ubuntu update for linux Message-ID: <201201250613.q0P6DJUT010495@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Ubuntu update for linux SECUNIA ADVISORY ID: SA47695 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47695/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47695 RELEASE DATE: 2012-01-24 DISCUSS ADVISORY: http://secunia.com/advisories/47695/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47695/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47695 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for linux. This fixes a weakness and a vulnerability, which can be exploited by malicious, local users to disclose potentially sensitive information and to cause a DoS (Denial of Service). For more information: SA43576 SA46803 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1341-1: https://lists.ubuntu.com/archives/ubuntu-security-announce/2012-January/001561.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 25 10:32:46 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 25 Jan 2012 19:32:46 +0100 Subject: [SEC] [SA47697] OSClass Cross-Site Scripting and SQL Injection Vulnerabilities Message-ID: <201201251832.q0PIWkhV011175@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: OSClass Cross-Site Scripting and SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA47697 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47697/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47697 RELEASE DATE: 2012-01-25 DISCUSS ADVISORY: http://secunia.com/advisories/47697/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47697/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47697 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been discovered in OSClass, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks. 1) Input passed via the "sCity", "sPattern", "sPriceMax", and "sPriceMin" parameters to index.php (when "page" is set to "search") is not properly sanitised in the "getParam()" function in oc-includes/osclass/core/Params.php before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Input passed via the "sCategory" parameter to index.php (when "page" is set to "search") is not properly sanitised in the "osc_search_category_id()" function in oc-includes/osclass/helpers/hSearch.php and the "findBySlug()" function in oc-includes/osclass/model/Category.php before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerabilities are confirmed in version 2.3.4.1. Prior versions may also be affected. SOLUTION: Update to version 2.3.5. PROVIDED AND/OR DISCOVERED BY: High-Tech Bridge SA. The vendor also credits Filippo Cavallarin. ORIGINAL ADVISORY: High-Tech Bridge SA: https://www.htbridge.ch/advisory/multiple_vulnerabilities_in_osclass.html OSClass: http://osclass.org/2012/01/16/osclass-2-3-5/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 25 11:32:17 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 25 Jan 2012 20:32:17 +0100 Subject: [SEC] [SA47500] Vopium Plaintext Credentials Disclosure Security Issue Message-ID: <201201251932.q0PJWHho001463@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Vopium Plaintext Credentials Disclosure Security Issue SECUNIA ADVISORY ID: SA47500 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47500/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47500 RELEASE DATE: 2012-01-25 DISCUSS ADVISORY: http://secunia.com/advisories/47500/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47500/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47500 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Henry Paduwa has reported a security issue in Vopium, which can be exploited by malicious people to disclose potentially sensitive information. The security issue is caused due to the application transmitting credentials in plaintext. This can be exploited to intercept the credentials by e.g sniffing network traffic or via a Man-in-the-Middle (MitM) attack. SOLUTION: The vendor is currently working on a fix. PROVIDED AND/OR DISCOVERED BY: Henry Paduwa ORIGINAL ADVISORY: Henry Paduwa: http://archives.neohapsis.com/archives/fulldisclosure/2012-01/0366.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 25 12:29:49 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 25 Jan 2012 21:29:49 +0100 Subject: [SEC] [SA47690] cURL SSL/TLS IV Selection Weakness and URL Sanitisation Vulnerability Message-ID: <201201252029.q0PKTnQt024250@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: cURL SSL/TLS IV Selection Weakness and URL Sanitisation Vulnerability SECUNIA ADVISORY ID: SA47690 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47690/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47690 RELEASE DATE: 2012-01-25 DISCUSS ADVISORY: http://secunia.com/advisories/47690/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47690/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47690 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A weakness and a vulnerability have been reported in cURL, which can be exploited by malicious people to disclose potentially sensitive information, hijack a user's session, and manipulate certain data. 1) A weakness within the SSL and TLS Initialization Vector (IV) selection exists when compiled to use OpenSSL and the SSL_OP_ALL bitmask is used. For more information: SA46168 This vulnerability is reported in versions 7.10.6 through 7.23.1. 2) Input passed via the file path section of URLs related to the IMAP, POP3, and SMTP protocols is not properly sanitised before being used in protocol-specific code and can be exploited to e.g. inject control characters and cause a mail server to send or delete messages. This vulnerability is reported in versions 7.20.0 through 7.23.1. SOLUTION: Update to version 7.24.0. PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1) product-security, Apple 2) Dan Fandrich ORIGINAL ADVISORY: http://curl.haxx.se/docs/adv_20120124B.html http://curl.haxx.se/docs/adv_20120124.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 25 13:55:55 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 25 Jan 2012 22:55:55 +0100 Subject: [SEC] [SA47759] Trend Micro DataArmor / DriveArmor Privilege Escalation Vulnerability Message-ID: <201201252155.q0PLttS7015015@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Trend Micro DataArmor / DriveArmor Privilege Escalation Vulnerability SECUNIA ADVISORY ID: SA47759 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47759/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47759 RELEASE DATE: 2012-01-25 DISCUSS ADVISORY: http://secunia.com/advisories/47759/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47759/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47759 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Stuart Passe has reported a vulnerability in Trend Micro DataArmor and Trend Micro DriveArmor, which can be exploited by malicious, local users with physical access to gain escalated privileges. The vulnerability is caused due to an unspecified error within the application's pre boot operating system and can be exploited to gain access to the recovery console. The vulnerability is reported in the following versions: * DataArmor versions 3.0.10 and later and prior to 3.0.12.861 * DriveArmor versions prior to 3.0.0.439 SOLUTION: Update to a fixed version. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Stuart Passe, NGS Secure Research ORIGINAL ADVISORY: Trend Micro: http://esupport.trendmicro.com/solution/en-us/1060043.aspx NGS Secure Research: http://archives.neohapsis.com/archives/bugtraq/2012-01/0148.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 25 14:52:21 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 25 Jan 2012 23:52:21 +0100 Subject: [SEC] [SA47754] Ubuntu update for kernel Message-ID: <201201252252.q0PMqLTE005337@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Ubuntu update for kernel SECUNIA ADVISORY ID: SA47754 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47754/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47754 RELEASE DATE: 2012-01-25 DISCUSS ADVISORY: http://secunia.com/advisories/47754/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47754/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47754 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for the kernel. This fixes a vulnerability, which can be exploited by malicious, local users to cause a DoS (Denial of Service). For more information: SA46803 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1344-1: http://www.ubuntu.com/usn/usn-1344-1/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 25 16:05:02 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 26 Jan 2012 01:05:02 +0100 Subject: [SEC] [SA47757] Ubuntu update for kernel Message-ID: <201201260005.q0Q052NZ017284@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Ubuntu update for kernel SECUNIA ADVISORY ID: SA47757 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47757/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47757 RELEASE DATE: 2012-01-25 DISCUSS ADVISORY: http://secunia.com/advisories/47757/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47757/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47757 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for the kernel. This fixes a weakness and a vulnerability, which can be exploited by malicious, local users to disclose potentially sensitive information and cause a DoS (Denial of Service). For more information: SA43576 SA46803 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1345-1: http://www.ubuntu.com/usn/usn-1345-1/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 25 16:05:21 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 26 Jan 2012 01:05:21 +0100 Subject: [SEC] [SA47747] Red Hat update for t1lib Message-ID: <201201260005.q0Q05Kmu017424@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Red Hat update for t1lib SECUNIA ADVISORY ID: SA47747 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47747/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47747 RELEASE DATE: 2012-01-25 DISCUSS ADVISORY: http://secunia.com/advisories/47747/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47747/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47747 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for t1lib. This fixes multiple vulnerabilities, which can be exploited by malicious people to compromise an application using the library. For more information: SA43491 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2012:0062-01: https://rhn.redhat.com/errata/RHSA-2012-0062.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 25 16:58:51 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 26 Jan 2012 01:58:51 +0100 Subject: [SEC] [SA47689] PHP Suhosin Extension Transparent Cookie Encryption Buffer Overflow Vulnerability Message-ID: <201201260058.q0Q0wplT008142@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: PHP Suhosin Extension Transparent Cookie Encryption Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA47689 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47689/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47689 RELEASE DATE: 2012-01-25 DISCUSS ADVISORY: http://secunia.com/advisories/47689/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47689/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47689 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the Suhosin extension for PHP, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error within the transparent cookie encryption. If cookie encryption is enabled (disabled by default), this can be exploited to cause a stack-based buffer overflow by e.g. sending specially crafted input to an affected script. Successful exploitation may allow execution of arbitrary code, but e.g. requires an application to pass untrusted input to the "header()" function when setting a cookie and a weak Suhosin configuration (e.g. multiheader option enabled and NULL-byte protection disabled, both not default). The vulnerability is reported in versions prior to 0.9.33. SOLUTION: Update to version 0.9.33. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://archives.neohapsis.com/archives/fulldisclosure/2012-01/0296.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 25 17:29:11 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 26 Jan 2012 02:29:11 +0100 Subject: [SEC] [SA47753] Joomla! Multiple Vulnerabilities Message-ID: <201201260129.q0Q1TBdc030461@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Joomla! Multiple Vulnerabilities SECUNIA ADVISORY ID: SA47753 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47753/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47753 RELEASE DATE: 2012-01-25 DISCUSS ADVISORY: http://secunia.com/advisories/47753/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47753/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47753 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Joomla!, which can be exploited by malicious people to conduct cross-site scripting attacks and disclose sensitive information. 1) Certain unspecified input is not properly verified before being used. This can be exploited to disclose sensitive information. 2) Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 3) Certain unspecified input is not properly verified before being used. This can be exploited to disclose sensitive information. 4) Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerabilities are reported in versions 1.7.3 and prior. SOLUTION: Update to version 1.7.4 or upgrade to version 2.5.0. PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1) Cyrille Barthelemy. 2) Ankita Kapadia. 3) Jean-Marie Simonet. 4) David Jardin. ORIGINAL ADVISORY: Joomla 1.7.4: http://www.joomla.org/announcements/release-news/5405-joomla-174-released.html Joomla 2.5.0: http://www.joomla.org/announcements/release-news/5403-joomla-250-released.html Vulnerabilities: http://developer.joomla.org/security/news/382-20120101-core-information-disclosure http://developer.joomla.org/security/news/383-20120102-core-xss-vulnerability http://developer.joomla.org/security/news/384-20120103-core-information-disclosure http://developer.joomla.org/security/news/385-20120104-core-xss-vulnerability OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 25 17:49:06 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 26 Jan 2012 02:49:06 +0100 Subject: [SEC] [SA47748] Red Hat update for openssl Message-ID: <201201260149.q0Q1n682020227@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Red Hat update for openssl SECUNIA ADVISORY ID: SA47748 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47748/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47748 RELEASE DATE: 2012-01-25 DISCUSS ADVISORY: http://secunia.com/advisories/47748/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47748/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47748 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for openssl. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information and cause a DoS (Denial of Service). For more information: SA47426 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2012:0059-01: https://rhn.redhat.com/errata/RHSA-2012-0059.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 25 18:24:22 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 26 Jan 2012 03:24:22 +0100 Subject: [SEC] [SA47752] Red Hat update for openssl Message-ID: <201201260224.q0Q2OM1d010230@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Red Hat update for openssl SECUNIA ADVISORY ID: SA47752 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47752/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47752 RELEASE DATE: 2012-01-25 DISCUSS ADVISORY: http://secunia.com/advisories/47752/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47752/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47752 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for openssl. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, cause a DoS (Denial of Service), and potentially compromise an application using the library. For more information: SA47426 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2012:0060-01: https://rhn.redhat.com/errata/RHSA-2012-0060.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 25 19:36:35 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 26 Jan 2012 04:36:35 +0100 Subject: [SEC] [SA47642] WAGO I/O System 750 / 758 Cross-Site Request Forgery Vulnerability Message-ID: <201201260336.q0Q3aZpx001231@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: WAGO I/O System 750 / 758 Cross-Site Request Forgery Vulnerability SECUNIA ADVISORY ID: SA47642 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47642/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47642 RELEASE DATE: 2012-01-25 DISCUSS ADVISORY: http://secunia.com/advisories/47642/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47642/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47642 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Digital Security Research Group has reported a vulnerability in WAGO I/O System 750 and 758, which can be exploited by malicious people to conduct cross-site request forgery attacks. The device's web interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. change the administrative password by tricking a logged in user into visiting a malicious web site. The vulnerability is reported in versions 750-841 and 758-874. Other versions may also be affected. SOLUTION: Do not browse untrusted websites or follow untrusted links while logged in to the web interface. PROVIDED AND/OR DISCOVERED BY: Alexandr Minozhenko, DSecRG. ORIGINAL ADVISORY: Digital Security Research Group (DSECRG-00246): http://dsecrg.com/pages/vul/show.php?id=404 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 25 20:17:28 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 26 Jan 2012 05:17:28 +0100 Subject: [SEC] [SA47760] WinCDEmu Drive Unmount Denial of Service Security Issue Message-ID: <201201260417.q0Q4HSIq023778@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: WinCDEmu Drive Unmount Denial of Service Security Issue SECUNIA ADVISORY ID: SA47760 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47760/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47760 RELEASE DATE: 2012-01-25 DISCUSS ADVISORY: http://secunia.com/advisories/47760/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47760/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47760 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been discovered in WinCDEmu, which can be exploited by malicious, local users to cause a DoS (Denial of Service). The security issue is caused due to the virtual bus driver (BazisVirtualCDBus.sys) incorrectly unmounting drives and can be exploited to cause a system crash via the "/unmountall" command supplied to the "batchmnt.exe" utility. The security issue is confirmed in version 3.6. Other versions may also be affected. SOLUTION: Restrict access to trusted users only. PROVIDED AND/OR DISCOVERED BY: Reported by Floris (flockster) via a bug report. ORIGINAL ADVISORY: http://forum.sysprogs.org/viewtopic.php?f=3&t=1418 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 25 21:13:20 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 26 Jan 2012 06:13:20 +0100 Subject: [SEC] [SA47703] Stoneware webNetwork 6 Multiple Vulnerabilities Message-ID: <201201260513.q0Q5DKMw014090@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Stoneware webNetwork 6 Multiple Vulnerabilities SECUNIA ADVISORY ID: SA47703 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47703/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47703 RELEASE DATE: 2012-01-25 DISCUSS ADVISORY: http://secunia.com/advisories/47703/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47703/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47703 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported on Stoneware webNetwork 6, which can be exploited by malicious users to conduct script-insertion attacks and by malicious people to conduct cross-site request forgery and SQL injection attacks. 1) The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the request. This can be exploited to perform actions with the privileges of a target user, who is tricked into visiting a malicious website. 2) Certain input passed to the "My Blog", "TeamPages", and "News Articles" pages is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. 3) Certain unspecified input is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. SOLUTION: Update to version 6.0.8.0 (6.0 SP 8). PROVIDED AND/OR DISCOVERED BY: 1, 2) Jacob Holcomb, Leland Public Schools 3) Reported by the vendor. ORIGINAL ADVISORY: http://www.stone-ware.com/support/kbdump/d1960.html http://packetstormsecurity.org/files/109045/stoneware-xssxsrf.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 25 21:52:53 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 26 Jan 2012 06:52:53 +0100 Subject: [SEC] [SA47749] Red Hat update for glibc Message-ID: <201201260552.q0Q5qr7l004157@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Red Hat update for glibc SECUNIA ADVISORY ID: SA47749 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47749/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47749 RELEASE DATE: 2012-01-25 DISCUSS ADVISORY: http://secunia.com/advisories/47749/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47749/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47749 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for glibc. This fixes two vulnerabilities, which can be exploited by malicious users to potentially compromise a vulnerable system and by malicious people to cause a DoS (Denial of Service). For more information: SA47064 SA47567 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2012:0058-1: http://rhn.redhat.com/errata/RHSA-2012-0058.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 25 22:36:12 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 26 Jan 2012 07:36:12 +0100 Subject: [SEC] [SA47761] Ubuntu update for thunderbird Message-ID: <201201260636.q0Q6aC96026658@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Ubuntu update for thunderbird SECUNIA ADVISORY ID: SA47761 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47761/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47761 RELEASE DATE: 2012-01-25 DISCUSS ADVISORY: http://secunia.com/advisories/47761/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47761/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47761 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for thunderbird. This fixes multiple vulnerabilities, where one has an unknown impact and others can be exploited by malicious people to disclose sensitive information and compromise a user's system. For more information: SA47302 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1343-1: http://www.ubuntu.com/usn/usn-1343-1 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 26 10:30:36 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 26 Jan 2012 19:30:36 +0100 Subject: [SEC] [SA46091] Caminova DjVu Browser Plug-in "Sjbz" Chunk Parsing Buffer Overflow Vulnerability Message-ID: <201201261830.q0QIUabS026953@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Caminova DjVu Browser Plug-in "Sjbz" Chunk Parsing Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA46091 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46091/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46091 RELEASE DATE: 2012-01-26 DISCUSS ADVISORY: http://secunia.com/advisories/46091/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46091/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46091 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Parvez Anwar has discovered a vulnerability in Caminova DjVu Browser Plug-in, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an error in the npdjvu.dll module when processing certain data within the "Sjbz" chunk. This can be exploited to cause a heap-based buffer overflow via a specially crafted ".djvu" file. Successful exploitation may allow execution of arbitrary code. The vulnerability is confirmed in version 6.1.4 Build 27351. Other versions may also be affected. SOLUTION: Update to version 6.1.4 Build 27999. PROVIDED AND/OR DISCOVERED BY: Parvez Anwar via Secunia. ORIGINAL ADVISORY: Caminova: https://www.caminova.net/ja/downloads/download.aspx?id=1 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 26 11:29:55 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 26 Jan 2012 20:29:55 +0100 Subject: [SEC] [SA47728] Joomla! JE Story Submit Component Unspecified Vulnerability Message-ID: <201201261929.q0QJTtEg017305@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Joomla! JE Story Submit Component Unspecified Vulnerability SECUNIA ADVISORY ID: SA47728 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47728/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47728 RELEASE DATE: 2012-01-26 DISCUSS ADVISORY: http://secunia.com/advisories/47728/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47728/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47728 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability with unknown impact has been reported in the JE Story Submit component for Joomla!. The vulnerability is caused due to an unspecified error. No further information is currently available. The vulnerability is reported in versions prior to 1.9. SOLUTION: Update to version 1.9. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://joomlaextensions.co.in/product/JE-Story-Submit OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 26 12:29:57 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 26 Jan 2012 21:29:57 +0100 Subject: [SEC] [SA47685] NX Web Companion Update Handling Vulnerability Message-ID: <201201262029.q0QKTvnw007673@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: NX Web Companion Update Handling Vulnerability SECUNIA ADVISORY ID: SA47685 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47685/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47685 RELEASE DATE: 2012-01-26 DISCUSS ADVISORY: http://secunia.com/advisories/47685/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47685/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47685 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in NX Web Companion, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the applet insecurely handling updates, which leads to insufficient authenticity validation of downloaded update files. This can be exploited to download and execute arbitrary files by tricking a user into visiting a malicious web site. Successful exploitation requires that the user approves an update on an untrusted website. The vulnerability is reported in version 3.5.0-3. Other versions may also be affected. SOLUTION: Do not update on an untrusted website. PROVIDED AND/OR DISCOVERED BY: otr ORIGINAL ADVISORY: http://archives.neohapsis.com/archives/fulldisclosure/2012-01/0466.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 26 13:30:16 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 26 Jan 2012 22:30:16 +0100 Subject: [SEC] [SA47730] Drupal Drupal Commerce Module Product Titles and SKUs Two Script Insertion Vulnerabilities Message-ID: <201201262130.q0QLUGOg030425@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Drupal Drupal Commerce Module Product Titles and SKUs Two Script Insertion Vulnerabilities SECUNIA ADVISORY ID: SA47730 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47730/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47730 RELEASE DATE: 2012-01-26 DISCUSS ADVISORY: http://secunia.com/advisories/47730/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47730/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47730 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in the Drupal Commerce module for Drupal, which can be exploited by malicious users to conduct script insertion attacks. Certain input related to product titles and SKUs is not properly sanitised by the theme functions before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. Successful exploitation requires product creation privileges and that extra fields in product display nodes are shown (hidden by default). The vulnerabilities are reported in version 7.x-1.1. SOLUTION: Update to version 7.x-1.2. PROVIDED AND/OR DISCOVERED BY: Ivo Van Geertruyen, Drupal Security Team. ORIGINAL ADVISORY: SA-CONTRIB-2012-014: http://drupal.org/node/1416824 Drupal Drupal Commerce Module: http://drupalcode.org/project/commerce.git/blobdiff/45bc53875f1675750afe60e709a34c95e3008366..b74cdcd:/modules/product/commerce_product.module OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 26 14:24:23 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 26 Jan 2012 23:24:23 +0100 Subject: [SEC] [SA47732] Drupal Managesite Module Two Script Insertion Vulnerabilities Message-ID: <201201262224.q0QMONU4020708@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Drupal Managesite Module Two Script Insertion Vulnerabilities SECUNIA ADVISORY ID: SA47732 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47732/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47732 RELEASE DATE: 2012-01-26 DISCUSS ADVISORY: http://secunia.com/advisories/47732/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47732/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47732 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in the Managesite module for Drupal, which can be exploited by malicious users to conduct script insertion attacks. Input passed to the category title when adding or updating a category is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. Successful exploitation requires "administer managesite" privileges. The vulnerabilities are reported in versions prior to 6.x-1.1. SOLUTION: Update to version 6.x-1.1. PROVIDED AND/OR DISCOVERED BY: The vendor credits Justin Klein Keane. ORIGINAL ADVISORY: SA-CONTRIB-2012-015: http://drupal.org/node/1417000 Drupal Managesite Module: http://drupalcode.org/project/managesite.git/blobdiff/7dd99c47d891d482be1430d3c06a5bb0f6c74d85..7051b7e:/managesite.module OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 26 14:44:25 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 26 Jan 2012 23:44:25 +0100 Subject: [SEC] [SA47750] SUSE update for java-1_4_2-ibm Message-ID: <201201262244.q0QMiPsi010473@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: SUSE update for java-1_4_2-ibm SECUNIA ADVISORY ID: SA47750 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47750/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47750 RELEASE DATE: 2012-01-26 DISCUSS ADVISORY: http://secunia.com/advisories/47750/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47750/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47750 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for java-1_4_2-ibm. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, hijack a user's session, conduct DNS cache poisoning attacks, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system. For more information: SA47464 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: SUSE-SU-2012:0122-1: http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00051.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 26 15:11:31 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 27 Jan 2012 00:11:31 +0100 Subject: [SEC] [SA47710] Joomla! JE Story Submit Component File Upload Vulnerability Message-ID: <201201262311.q0QNBVE3032728@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Joomla! JE Story Submit Component File Upload Vulnerability SECUNIA ADVISORY ID: SA47710 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47710/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47710 RELEASE DATE: 2012-01-26 DISCUSS ADVISORY: http://secunia.com/advisories/47710/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47710/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47710 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in the JE Story Submit component for Joomla!, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to the "update()" function in the components/com_jesubmit/controllers/request_get.php script improperly validating the extension of an uploaded file. This can be exploited to e.g. upload and execute arbitrary PHP files by passing an allowed MIME media type in the HTTP headers. The vulnerability is confirmed in version 1.9.3. Other versions may also be affected. SOLUTION: Restrict access to the upload folder (e.g. via .htaccess). PROVIDED AND/OR DISCOVERED BY: Robert Cooper. OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 26 16:03:25 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 27 Jan 2012 01:03:25 +0100 Subject: [SEC] [SA47734] Ubuntu update for evince Message-ID: <201201270003.q0R03Pg2022973@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Ubuntu update for evince SECUNIA ADVISORY ID: SA47734 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47734/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47734 RELEASE DATE: 2012-01-26 DISCUSS ADVISORY: http://secunia.com/advisories/47734/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47734/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47734 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for evince. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system. For more information: SA42769 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1347-1: http://www.ubuntu.com/usn/usn-1347-1/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 26 16:42:02 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 27 Jan 2012 01:42:02 +0100 Subject: [SEC] [SA47745] Ubuntu update for curl Message-ID: <201201270042.q0R0g2tk013120@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Ubuntu update for curl SECUNIA ADVISORY ID: SA47745 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47745/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47745 RELEASE DATE: 2012-01-26 DISCUSS ADVISORY: http://secunia.com/advisories/47745/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47745/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47745 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for curl. This fixes a vulnerability, which can be exploited by malicious people to manipulate certain data. For more information see vulnerability #2 in: SA47690 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1346-1: http://www.ubuntu.com/usn/usn-1346-1 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 26 16:59:08 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 27 Jan 2012 01:59:08 +0100 Subject: [SEC] [SA47700] Debian update for bip Message-ID: <201201270059.q0R0x8iK002786@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Debian update for bip SECUNIA ADVISORY ID: SA47700 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47700/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47700 RELEASE DATE: 2012-01-26 DISCUSS ADVISORY: http://secunia.com/advisories/47700/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47700/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47700 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for bip. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system. For more information: SA47679 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2393-1: http://www.debian.org/security/2012/dsa-2393 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 26 17:26:16 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 27 Jan 2012 02:26:16 +0100 Subject: [SEC] [SA47755] HP-UX update for OpenSSL Message-ID: <201201270126.q0R1QGoU025092@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: HP-UX update for OpenSSL SECUNIA ADVISORY ID: SA47755 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47755/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47755 RELEASE DATE: 2012-01-26 DISCUSS ADVISORY: http://secunia.com/advisories/47755/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47755/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47755 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: HP has issued an update for OpenSSL in HP-UX. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA47631 The vulnerability is reported in HP-UX versions B.11.11, B.11.23, and B.11.31 running OpenSSL versions prior to vA.00.09.08t. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: HPSBUX02737 SSRT100747: http://h20565.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c03169289 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 26 17:48:07 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 27 Jan 2012 02:48:07 +0100 Subject: [SEC] [SA47744] Symantec pcAnywhere / IT Management Suite Buffer Overflow and Insecure Permission Message-ID: <201201270148.q0R1m7F2014879@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Symantec pcAnywhere / IT Management Suite Buffer Overflow and Insecure Permission SECUNIA ADVISORY ID: SA47744 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47744/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47744 RELEASE DATE: 2012-01-25 DISCUSS ADVISORY: http://secunia.com/advisories/47744/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47744/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47744 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue and a vulnerability have been reported in Symantec pcAnywhere and IT Management Suite, which can be exploited by malicious, local users to perform certain actions with escalated privileged and by malicious people to compromise a vulnerable system. 1) The security issue is caused due to insecure file permissions on certain files, which can be exploited to overwrite the files and gain escalated privileges. 2) A boundary error within the awhost32 component when handling authentication requests can be exploited to cause a stack-based buffer overflow via an overly long request sent to TCP port 5631. Successful exploitation of this vulnerability may allow execution of arbitrary code. The security issue and the vulnerability are reported in the following products: * Symantec pcAnywhere version 12.5.x * Symantec Altiris IT Management Suite version 7.0 * Symantec Altiris IT Management Suite version 7.1 SOLUTION: Apply hotfix TECH179526. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: 1) Edward Torkington, NGS Secure. 2) Edward Torkington, NGS Secure and Tal zeltzer via ZDI. ORIGINAL ADVISORY: Symantec: http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120124_00 ZDI: http://www.zerodayinitiative.com/advisories/ZDI-12-018/ NGS Secure: http://archives.neohapsis.com/archives/bugtraq/2012-01/0155.html http://archives.neohapsis.com/archives/bugtraq/2012-01/0156.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 26 18:12:13 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 27 Jan 2012 03:12:13 +0100 Subject: [SEC] [SA47742] Ocean Data Systems Dream Report Two Vulnerabilities Message-ID: <201201270212.q0R2CDfx004709@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Ocean Data Systems Dream Report Two Vulnerabilities SECUNIA ADVISORY ID: SA47742 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47742/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47742 RELEASE DATE: 2012-01-25 DISCUSS ADVISORY: http://secunia.com/advisories/47742/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47742/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47742 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in Ocean Data Systems Dream Report, which can be exploited by malicious people to conduct cross-site scripting attacks and compromise a user's system. 1) Certain unspecified is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) An unspecified error when loading certain files can be exploited to corrupt memory via a specially crafted file. Successful exploitation of this vulnerability may allow execution of arbitrary code, but requires tricking a user into loading a malicious file. The vulnerabilities are reported in versions prior to 4.0. SOLUTION: Upgrade to version 4.0. PROVIDED AND/OR DISCOVERED BY: ICS-CERT credits Billy Rios and Terry McCorkle. ORIGINAL ADVISORY: http://www.us-cert.gov/control_systems/pdf/ICSA-12-024-01.pdf OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 26 18:48:43 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 27 Jan 2012 03:48:43 +0100 Subject: [SEC] [SA47701] SAP NetWeaver Multiple Vulnerabilities Message-ID: <201201270248.q0R2mhrV027109@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: SAP NetWeaver Multiple Vulnerabilities SECUNIA ADVISORY ID: SA47701 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47701/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47701 RELEASE DATE: 2012-01-24 DISCUSS ADVISORY: http://secunia.com/advisories/47701/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47701/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47701 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Digital Security Research Group has reported multiple vulnerabilities in SAP NetWeaver, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to bypass certain security restrictions and conduct cross-site scripting attacks. 1) An error within the handling of access controls of certain resources can be exploited to gain access to otherwise restricted Runtime Workbench resources. 2) An error within the "PFL_CHECK_OS_FILE_EXISTENCE" function in the implementation of access restrictions can be exploited to enumerate files on a system. 3) Input passed via the "TXVDestination" parameter to TextContainerAdmin/administration_setup.jsp and the "ValueIndustry", "ValueRegion", and "ValueExtension" parameters to system_context_settings.jsp is not properly sanitised before being displayed to the user. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. Successful exploitation of this vulnerability may require administrative privileges. 4) Input passed e.g. via the "cc0Host", "cc0Id", "cc0Path", "cc0Port", and "cc0Protocol" parameters to bcbadmSettings.jsp is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. SOLUTION: Apply SAP security notes 1567389, 1591146, 1591749, and 1585652. PROVIDED AND/OR DISCOVERED BY: 1) Alexander Polyakov DSecRG 2) Alexey Tuyrin, DSecRG 3) Neyolov Evgeny, DSecRG 4) Dmitriy Evdokimov, DSecRG ORIGINAL ADVISORY: SAP: https://service.sap.com/sap/support/notes/1567389 https://service.sap.com/sap/support/notes/1591146 https://service.sap.com/sap/support/notes/1591749 https://service.sap.com/sap/support/notes/1585652 DSecRG (DSECRG-12-008, DSECRG-12-009, DSECRG-12-010, DSECRG-12-011): http://dsecrg.com/pages/vul/show.php?id=408 http://dsecrg.com/pages/vul/show.php?id=409 http://dsecrg.com/pages/vul/show.php?id=410 http://dsecrg.com/pages/vul/show.php?id=411 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 26 19:17:24 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 27 Jan 2012 04:17:24 +0100 Subject: [SEC] [SA47686] Opera Filename Disclosure Weakness and Security Bypass Vulnerability Message-ID: <201201270317.q0R3HOZv017483@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Opera Filename Disclosure Weakness and Security Bypass Vulnerability SECUNIA ADVISORY ID: SA47686 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47686/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47686 RELEASE DATE: 2012-01-24 DISCUSS ADVISORY: http://secunia.com/advisories/47686/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47686/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47686 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A weakness and a vulnerability have been reported in Opera, which can be exploited by malicious people to disclose potentially sensitive information and bypass certain security restrictions. 1) An error due to different JavaScript events being fired when certain HTML elements are containing references to local files can be exploited to disclose the presence of local files. 2) An error related to framed content can be exploited to bypass the same-origin policy. The weakness and vulnerability are reported in version 11.60. Prior versions may also be affected. SOLUTION: Update to version 11.61. PROVIDED AND/OR DISCOVERED BY: 1) Reported by the vendor 2) The vendor credits Michal Zalewski ORIGINAL ADVISORY: Opera: http://www.opera.com/docs/changelogs/windows/1161/ http://www.opera.com/support/kb/view/1007/ http://www.opera.com/support/kb/view/1008/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 26 19:43:25 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 27 Jan 2012 04:43:25 +0100 Subject: [SEC] [SA47740] Qemu "process_tx_desc()" Buffer Overflow Vulnerability Message-ID: <201201270343.q0R3hPpd007330@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Qemu "process_tx_desc()" Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA47740 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47740/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47740 RELEASE DATE: 2012-01-24 DISCUSS ADVISORY: http://secunia.com/advisories/47740/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47740/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47740 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Qemu, which can be exploited by malicious, local users in a guest virtual machine to potentially gain escalated privileges. The vulnerability is caused due to a boundary error within the "process_tx_desc()" function (hw/e1000.c) when handling legacy mode packets while reading DMA requests. This can be exploited to cause a heap-based buffer overflow via a specially crafted packet. SOLUTION: Fixed in the GIT repository. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Red Hat credits Nicolae Mogoreanu. ORIGINAL ADVISORY: https://bugzilla.redhat.com/show_bug.cgi?id=772075 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 26 19:55:32 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 27 Jan 2012 04:55:32 +0100 Subject: [SEC] [SA47671] Gentoo update for jasper Message-ID: <201201270355.q0R3tWMc029357@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Gentoo update for jasper SECUNIA ADVISORY ID: SA47671 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47671/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47671 RELEASE DATE: 2012-01-24 DISCUSS ADVISORY: http://secunia.com/advisories/47671/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47671/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47671 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gentoo has issued an update for jasper. This fixes two vulnerabilities, which can be exploited by malicious people to compromise an application using the library. For more information: SA47175 SOLUTION: Update to "media-libs/jasper-1.900.1-r4" or later. ORIGINAL ADVISORY: GLSA 201201-10: http://www.gentoo.org/security/en/glsa/glsa-201201-10.xml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 26 20:08:10 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 27 Jan 2012 05:08:10 +0100 Subject: [SEC] [SA47564] Gentoo update for mit-krb5-appl Message-ID: <201201270408.q0R48Ax2019007@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Gentoo update for mit-krb5-appl SECUNIA ADVISORY ID: SA47564 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47564/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47564 RELEASE DATE: 2012-01-24 DISCUSS ADVISORY: http://secunia.com/advisories/47564/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47564/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47564 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gentoo has issued an update for mit-krb5-appl. This fixes a security issue and a vulnerability, which can be exploited by malicious users to bypass certain security restrictions and by malicious people to compromise a vulnerable system. For more information: SA45145 SA47348 SOLUTION: Update to "app-crypt/mit-krb5-appl-1.0.2-r1" or later. ORIGINAL ADVISORY: GLSA 201201-14: http://www.gentoo.org/security/en/glsa/glsa-201201-14.xml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 26 20:22:20 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 27 Jan 2012 05:22:20 +0100 Subject: [SEC] [SA47658] Gentoo update for mit-krb5 Message-ID: <201201270422.q0R4MKWs008680@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Gentoo update for mit-krb5 SECUNIA ADVISORY ID: SA47658 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47658/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47658 RELEASE DATE: 2012-01-24 DISCUSS ADVISORY: http://secunia.com/advisories/47658/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47658/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47658 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gentoo has issued an update for mit-krb5. This fixes multiple vulnerabilities, which can be exploited by malicious users to conduct spoofing attacks, bypass certain security features, cause a DoS (Denial of Service), and potentially compromise a vulnerable system and by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. For more information: SA37977 SA38080 SA38598 SA39315 SA39420 SA39762 SA41684 SA42396 SA43260 SA43783 SA44125 SA46494 SA47124 SOLUTION: Update to "app-crypt/mit-krb5-1.9.2-r1" or later. ORIGINAL ADVISORY: GLSA 201201-13: http://www.gentoo.org/security/en/glsa/glsa-201201-13.xml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 26 20:43:05 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 27 Jan 2012 05:43:05 +0100 Subject: [SEC] [SA47669] Gentoo update for fwbuilder Message-ID: <201201270443.q0R4h5Lo030832@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Gentoo update for fwbuilder SECUNIA ADVISORY ID: SA47669 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47669/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47669 RELEASE DATE: 2012-01-24 DISCUSS ADVISORY: http://secunia.com/advisories/47669/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47669/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47669 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gentoo has issued an update for fwbuilder. This fixes two security issues, which can be exploited by malicious, local users to perform certain actions with escalated privileges. For more information: SA32570 SA36809 SOLUTION: Update to "net-firewall/fwbuilder-3.0.7" or later. ORIGINAL ADVISORY: GLSA 201201-11: http://security.gentoo.org/glsa/glsa-201201-11.xml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 26 20:55:29 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 27 Jan 2012 05:55:29 +0100 Subject: [SEC] [SA47694] Google Chrome Multiple Vulnerabilities Message-ID: <201201270455.q0R4tTo0020476@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Google Chrome Multiple Vulnerabilities SECUNIA ADVISORY ID: SA47694 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47694/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47694 RELEASE DATE: 2012-01-24 DISCUSS ADVISORY: http://secunia.com/advisories/47694/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47694/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47694 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in Google Chrome, which potentially can be exploited by malicious people to compromise a user's system. 1) A use-after-free error exists within the handling of DOM selections. 2) A use-after-free error exists within the DOM handling. 3) An uninitialised value exists within Skia. 4) An error within the tree builder can be exploited to cause a heap-based buffer overflow. SOLUTION: Update to version 16.0.912.77. PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1, 4) Arthur Gerkis 2) wushi of team509 via ZDI 3) miaubiz ORIGINAL ADVISORY: http://googlechromereleases.blogspot.com/2012/01/stable-channel-update_23.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 26 21:08:18 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 27 Jan 2012 06:08:18 +0100 Subject: [SEC] [SA47684] SUSE update for java-1_6_0-ibm Message-ID: <201201270508.q0R58INt010125@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: SUSE update for java-1_6_0-ibm SECUNIA ADVISORY ID: SA47684 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47684/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47684 RELEASE DATE: 2012-01-24 DISCUSS ADVISORY: http://secunia.com/advisories/47684/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47684/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47684 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for java-1_6_0-ibm. This fixes multiple vulnerabilities, which can be exploited by malicious users to disclose certain information and by malicious people to disclose potentially sensitive information, hijack a user's session, conduct DNS cache poisoning attacks, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system. For more information: SA47464 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: SUSE-SU-2012:0114-1: http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 26 21:21:49 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 27 Jan 2012 06:21:49 +0100 Subject: [SEC] [SA47704] Ubuntu update for linux Message-ID: <201201270521.q0R5LnNR032179@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Ubuntu update for linux SECUNIA ADVISORY ID: SA47704 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47704/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47704 RELEASE DATE: 2012-01-24 DISCUSS ADVISORY: http://secunia.com/advisories/47704/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47704/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47704 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for linux. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges. For more information: SA47378 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1336-1: http://www.ubuntu.com/usn/usn-1336-1 USN-1342-1: http://www.ubuntu.com/usn/usn-1342-1 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 26 21:43:21 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 27 Jan 2012 06:43:21 +0100 Subject: [SEC] [SA47654] IBM solidDB rownum Condition Denial of Service Vulnerability Message-ID: <201201270543.q0R5hLct021950@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: IBM solidDB rownum Condition Denial of Service Vulnerability SECUNIA ADVISORY ID: SA47654 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47654/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47654 RELEASE DATE: 2012-01-23 DISCUSS ADVISORY: http://secunia.com/advisories/47654/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47654/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47654 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in IBM solidDB, which can be exploited by malicious users to cause a DoS (Denial of Service). The vulnerability is caused due to an unspecified error when handling a SELECT statement containing a rownum condition with a subquery and can be exploited to cause the server to shutdown. The vulnerability is reported in versions prior to 6.5.0.8 Interim Fix 5. SOLUTION: Update to version 6.5.0.8 Interim Fix 5. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: IBM (IC79861): http://www.ibm.com/support/docview.wss?uid=swg27021052 http://www.ibm.com/support/docview.wss?rs=3457&uid=swg1IC79861 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 26 21:56:07 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 27 Jan 2012 06:56:07 +0100 Subject: [SEC] [SA47615] Oracle Database Two Vulnerabilities Message-ID: <201201270556.q0R5u7JE011601@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Oracle Database Two Vulnerabilities SECUNIA ADVISORY ID: SA47615 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47615/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47615 RELEASE DATE: 2012-01-18 DISCUSS ADVISORY: http://secunia.com/advisories/47615/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47615/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47615 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in Oracle Database, which can be exploited by malicious users to cause a DoS (Denial of Service) and manipulate certain data and by malicious people to cause a DoS. 1) An error within the Core RDBMS component when handling the SCN (Systems Change Number) values can be exploited to corrupt the and render the database unusable by increasing the SCN beyond the Maximum Reasonable SCN limit. 2) An unspecified error within the Listener component can be exploited to shutdown the database. The vulnerabilities are reported in the following products: * Oracle Database 11g Release 2, versions 11.2.0.2 and 11.2.0.3 * Oracle Database 11g Release 1, version 11.1.0.7 * Oracle Database 10g Release 2, versions 10.2.0.3, 10.2.0.4, and 10.2.0.5 * Oracle Database 10g Release 1, version 10.1.0.5 SOLUTION: Apply updates (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: 1) InfoWorld It is currently unclear who reported the second vulnerability as the Oracle Critical Patch Update for January 2012 only provides a bundled list of credits. This section will be updated when/if the original reporter provides more information. ORIGINAL ADVISORY: Oracle: http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html#AppendixDB http://blogs.oracle.com/security/entry/learning_more_about_oracle_database InfoWorld: http://www.infoworld.com/d/security/fundamental-oracle-flaw-revealed-184163-0 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 26 22:08:02 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 27 Jan 2012 07:08:02 +0100 Subject: [SEC] [SA47617] Oracle Outside In Technology Outside In Filters Three Vulnerabilities Message-ID: <201201270608.q0R682If001167@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Oracle Outside In Technology Outside In Filters Three Vulnerabilities SECUNIA ADVISORY ID: SA47617 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47617/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47617 RELEASE DATE: 2012-01-18 DISCUSS ADVISORY: http://secunia.com/advisories/47617/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47617/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47617 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Three vulnerabilities have been reported in Oracle Outside In Technology, which can be exploited to malicious people to compromise an application using the library. 1) An unspecified error exists in the JPEG 2000 filter. 2) Another unspecified error exists in the JPEG 2000 filter. 3) An unspecified error exists in the Lotus 123 v4 parser. Successful exploitation of the vulnerabilities may allow execution of arbitrary code. The vulnerabilities are reported in versions 8.3.5 and 8.3.7. SOLUTION: Apply updates (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: 3) Will Dormann, CERT/CC. An anonymous person via ZDI. It is currently unclear who reported the remaining vulnerabilities as the Oracle Critical Patch Update for January 2012 only provides a bundled list of credits. This section will be updated when/if the original reporters provide more information. ORIGINAL ADVISORY: Oracle: http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html US-CERT VU#738961: http://www.kb.cert.org/vuls/id/738961 ZDI: http://www.zerodayinitiative.com/advisories/ZDI-12-017/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 27 10:30:35 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 27 Jan 2012 19:30:35 +0100 Subject: [SEC] [SA47609] Syneto UTM Cross-Site Request Forgery Vulnerability Message-ID: <201201271830.q0RIUZ1D001884@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Syneto UTM Cross-Site Request Forgery Vulnerability SECUNIA ADVISORY ID: SA47609 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47609/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47609 RELEASE DATE: 2012-01-27 DISCUSS ADVISORY: http://secunia.com/advisories/47609/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47609/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47609 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Syneto UTM, which can be exploited by malicious people to conduct cross-site request forgery attacks. The vulnerability is caused due to Syneto UTM allowing users to perform certain actions via HTTP requests without performing proper validity checks to verify the requests. This can be exploited to e.g. conduct script-insertion attacks when a logged-in user visits a specially crafted web page. The vulnerability is reported in version 1.3.3 CE and 1.4.x versions. Other versions may also be affected. SOLUTION: Do not browse untrusted websites or follow untrusted links while logged in to the web interface. PROVIDED AND/OR DISCOVERED BY: Vulnerability Research Laboratory ORIGINAL ADVISORY: http://www.vulnerability-lab.com/get_content.php?id=373 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 27 11:29:35 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 27 Jan 2012 20:29:35 +0100 Subject: [SEC] [SA47715] Debian update for libxml2 Message-ID: <201201271929.q0RJTZfQ024692@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Debian update for libxml2 SECUNIA ADVISORY ID: SA47715 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47715/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47715 RELEASE DATE: 2012-01-27 DISCUSS ADVISORY: http://secunia.com/advisories/47715/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47715/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47715 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for libxml2. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library. For more information: SA45325 SA46632 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2394-1: http://www.debian.org/security/2012/dsa-2394 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 27 12:29:52 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 27 Jan 2012 21:29:52 +0100 Subject: [SEC] [SA47736] Oracle Solaris Apache Tomcat Multiple Vulnerabilities Message-ID: <201201272029.q0RKTqr1015062@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Oracle Solaris Apache Tomcat Multiple Vulnerabilities SECUNIA ADVISORY ID: SA47736 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47736/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47736 RELEASE DATE: 2012-01-27 DISCUSS ADVISORY: http://secunia.com/advisories/47736/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47736/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47736 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Oracle has acknowledged a weakness, a security issue and two vulnerabilities in Apache Tomcat included in Solaris, which can be exploited by malicious, local users to disclose sensitive information, bypass certain security restrictions, and cause a DoS (Denial of Service) and by malicious people to disclose potentially sensitive information and bypass certain security restrictions. For more information: SA44981 SA45232 SA45748 SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: http://blogs.oracle.com/sunsecurity/entry/cve_2011_3190_vulnerability_in http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_apache_tomcat2 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 27 13:30:05 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 27 Jan 2012 22:30:05 +0100 Subject: [SEC] [SA47729] VR GPub Cross-Site Request Forgery Vulnerability Message-ID: <201201272130.q0RLU5C0005433@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: VR GPub Cross-Site Request Forgery Vulnerability SECUNIA ADVISORY ID: SA47729 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47729/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47729 RELEASE DATE: 2012-01-27 DISCUSS ADVISORY: http://secunia.com/advisories/47729/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47729/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47729 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in VR GPub, which can be exploited by malicious people to conduct cross-site request forgery attacks. The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. add an "editor" user by tricking a logged in administrator into visiting a malicious web site. The vulnerability is confirmed in version 4.0. Other versions may also be affected. SOLUTION: Do not browse untrusted sites or follow untrusted links while being logged-in to the application. PROVIDED AND/OR DISCOVERED BY: Cyber-Crystal ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/18418/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 27 14:25:06 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 27 Jan 2012 23:25:06 +0100 Subject: [SEC] [SA47727] phplist "testtarget" Cross-Site Scripting Vulnerability Message-ID: <201201272225.q0RMP6bD028105@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: phplist "testtarget" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA47727 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47727/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47727 RELEASE DATE: 2012-01-27 DISCUSS ADVISORY: http://secunia.com/advisories/47727/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47727/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47727 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in phplist, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to the "testtarget" POST parameter in admin/index.php (when "page" is set to "send", "id" is a valid message id, and "tab" is set to "Format") is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 2.10.17. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Cyber-Crystal ORIGINAL ADVISORY: http://packetstormsecurity.org/files/109118/phplist-xsrfxss.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 27 14:44:51 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 27 Jan 2012 23:44:51 +0100 Subject: [SEC] [SA47720] Cisco IronPort Appliances telnetd Buffer Overflow Vulnerability Message-ID: <201201272244.q0RMipbB017860@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Cisco IronPort Appliances telnetd Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA47720 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47720/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47720 RELEASE DATE: 2012-01-27 DISCUSS ADVISORY: http://secunia.com/advisories/47720/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47720/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47720 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Cisco has acknowledged a vulnerability in some Cisco IronPort Appliances, which can be exploited by malicious people to compromise a vulnerable system. For more information: SA47397 The vulnerability is reported in the following products: * Cisco IronPort Email Security Appliance (C-Series and X-Series) versions prior to 7.6.0. * Cisco IronPort Security Management Appliance (M-Series) versions prior to 7.8.0. SOLUTION: Disable the telnet service or update to a fixed version when available (please see the vendor's advisory for more information). Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: Cisco (cisco-sa-20120126-ironport): http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120126-ironport OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 27 15:11:00 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 28 Jan 2012 00:11:00 +0100 Subject: [SEC] [SA47777] EMC NetWorker Server Unspecified Buffer Overflow Vulnerability Message-ID: <201201272311.q0RNB01V007709@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: EMC NetWorker Server Unspecified Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA47777 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47777/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47777 RELEASE DATE: 2012-01-27 DISCUSS ADVISORY: http://secunia.com/advisories/47777/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47777/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47777 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in EMC NetWorker Server, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an unspecified error and can be exploited to cause a buffer overflow. No further information is currently available. Successful exploitation may allow execution of arbitrary code. The vulnerability is reported in versions 7.5.x and 7.6.x. SOLUTION: Update to version 7.6.3 SP1 Cumulative Release build 851. PROVIDED AND/OR DISCOVERED BY: The vendor credits Tal Zeltzer via ZDI. ORIGINAL ADVISORY: EMC: http://archives.neohapsis.com/archives/bugtraq/2012-01/att-0164/ESA-2012-005.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 27 16:00:59 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 28 Jan 2012 01:00:59 +0100 Subject: [SEC] [SA47776] RSA enVision Environment Variable Information Disclosure Security Issue Message-ID: <201201280000.q0S00wZk030308@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: RSA enVision Environment Variable Information Disclosure Security Issue SECUNIA ADVISORY ID: SA47776 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47776/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47776 RELEASE DATE: 2012-01-27 DISCUSS ADVISORY: http://secunia.com/advisories/47776/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47776/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47776 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in RSA enVision, which can be exploited by malicious people to disclose certain sensitive information. The security issue is caused due to the application disclosing certain environment variables containing web system setup information via the web interface. The security issue is reported in versions prior to 4.1 Patch 3 and 4.0 Service Pack 4 Patch 5. SOLUTION: Update to version 4.1 Patch 3 or 4.0 Service Pack 4 Patch. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: RSA (ESA-2012-007): http://archives.neohapsis.com/archives/bugtraq/2012-01/att-0165/ESA-2012-007.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 27 16:40:44 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 28 Jan 2012 01:40:44 +0100 Subject: [SEC] [SA47756] Oracle GlassFish Enterprise Server / Java System Application Server SSL/TLS IV Selection Message-ID: <201201280040.q0S0eimD020469@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Oracle GlassFish Enterprise Server / Java System Application Server SSL/TLS IV Selection SECUNIA ADVISORY ID: SA47756 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47756/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47756 RELEASE DATE: 2012-01-27 DISCUSS ADVISORY: http://secunia.com/advisories/47756/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47756/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47756 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Oracle has acknowledged a weakness in Sun GlassFish Enterprise Server and Sun Java System Application Server, which can be exploited by malicious people to disclose potentially sensitive information and hijack a user's session. A design error exists within the implementation of SSL 3.0 and TLS 1.0 protocols. For more information: SA46168 The weakness is reported in GlassFish Enterprise Server version 2.1.1 and Sun Java System Application Server version 8.1 and 8.2. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: http://blogs.oracle.com/sunsecurity/entry/cve_2011_3389_chosen_plaintext2 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 27 16:59:09 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 28 Jan 2012 01:59:09 +0100 Subject: [SEC] [SA47775] Ubuntu update for libicu Message-ID: <201201280059.q0S0x9Tp010198@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Ubuntu update for libicu SECUNIA ADVISORY ID: SA47775 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47775/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47775 RELEASE DATE: 2012-01-27 DISCUSS ADVISORY: http://secunia.com/advisories/47775/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47775/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47775 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for libicu. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise an application using the library. For more information: SA47146 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1348-1: http://www.ubuntu.com/usn/usn-1348-1/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 27 17:26:23 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 28 Jan 2012 02:26:23 +0100 Subject: [SEC] [SA47779] Apache HTTP Server "httpOnly" Cookie Disclosure and Denial of Service Message-ID: <201201280126.q0S1QN60032455@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Apache HTTP Server "httpOnly" Cookie Disclosure and Denial of Service SECUNIA ADVISORY ID: SA47779 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47779/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47779 RELEASE DATE: 2012-01-27 DISCUSS ADVISORY: http://secunia.com/advisories/47779/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47779/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47779 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in Apache HTTP Server, which can be exploited by malicious people to disclose potentially sensitive information and cause a DoS (Denial of Service). 1) An error when handling the "%{cookiename}C" log format string when using a threaded MPM can be exploited to cause a crash by sending a specially crafted cookie. This vulnerability is reported in versions 2.2.17, 2.2.18, 2.219, 2.2.20, and 2.2.21. 2) An error within the default error response for status code 400 when no custom ErrorDocument is configured can be exploited to expose "httpOnly" cookies. This vulnerability is reported in versions 2.2.0, 2.2.2, 2.2.3, 2.2.4, 2.2.5, 2.2.6, 2.2.8, 2.2.9, 2.2.10, 2.2.11, 2.2.12, 2.2.13, 2.2.14, 2.2.15, 2.2.16, 2.2.17, 2.2.18, 2.2.19, 2.2.20, and 2.2.21. SOLUTION: Fixed in the SVN repository. PROVIDED AND/OR DISCOVERED BY: 1) Reported to the Apache security team by an unspecified person. 2) The vendor credits Norman Hippert. ORIGINAL ADVISORY: http://httpd.apache.org/security/vulnerabilities_22.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 27 17:47:25 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 28 Jan 2012 02:47:25 +0100 Subject: [SEC] [SA47691] DClassifieds Cross-Site Request Forgery Vulnerability Message-ID: <201201280147.q0S1lPMR022226@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: DClassifieds Cross-Site Request Forgery Vulnerability SECUNIA ADVISORY ID: SA47691 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47691/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47691 RELEASE DATE: 2012-01-27 DISCUSS ADVISORY: http://secunia.com/advisories/47691/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47691/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47691 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: High-Tech Bridge SA has discovered a vulnerability in DClassifieds, which can be exploited by malicious people to conduct cross-site request forgery attacks. The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. change an administrator's password by tricking a logged in administrator into visiting a malicious web site. The vulnerability is confirmed in version 0.1final. Prior versions may also be affected. SOLUTION: Apply the "csrf_fix_120105" fix. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: High-Tech Bridge SA ORIGINAL ADVISORY: HTB23067: https://www.htbridge.ch/advisory/csrf_cross_site_request_forgery_in_dclassifieds.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 27 18:12:04 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 28 Jan 2012 03:12:04 +0100 Subject: [SEC] [SA47731] Drupal Search Autocomplete Module SQL Injection Vulnerability Message-ID: <201201280212.q0S2C4n9012061@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Drupal Search Autocomplete Module SQL Injection Vulnerability SECUNIA ADVISORY ID: SA47731 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47731/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47731 RELEASE DATE: 2012-01-27 DISCUSS ADVISORY: http://secunia.com/advisories/47731/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47731/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47731 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the Search Autocomplete module for Drupal, which can be exploited by malicious users to conduct SQL injection attacks. Certain unspecified input related to search fields is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation requires "use search_autocomplete" privileges. The vulnerability is reported in versions prior to 7.x-2.1. SOLUTION: Update to version 7.x-2.1. PROVIDED AND/OR DISCOVERED BY: The vendor credits Miguel Hermo. ORIGINAL ADVISORY: SA-CONTRIB-2012-013: http://drupal.org/node/1416612 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 27 18:47:20 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 28 Jan 2012 03:47:20 +0100 Subject: [SEC] [SA47670] Postfix Admin Multiple Vulnerabilities Message-ID: <201201280247.q0S2lKE9001977@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Postfix Admin Multiple Vulnerabilities SECUNIA ADVISORY ID: SA47670 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47670/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47670 RELEASE DATE: 2012-01-27 DISCUSS ADVISORY: http://secunia.com/advisories/47670/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47670/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47670 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Postfix Admin, which can be exploited by malicious users to conduct SQL injection attacks and by malicious people to conduct cross-site scripting and script insertion attacks. 1) Input passed via the "domain" parameter to unspecified scripts is not properly sanitised in templates/menu.php and templates/edit-vacation.php before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Certain unspecified input passed to create-domain.php, create-alias.php, and edit-alias.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 3) Certain unspecified input is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. 4) Certain unspecified input is not properly sanitised in the "pacrypt()" function in functions.inc.php before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. 5) Certain unspecified input is not properly sanitised in backup.php before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code, which will be executed when a database dump is being restored. The vulnerabilities are reported in versions 2.3.4 and prior. SOLUTION: Fixed in the SVN repository. PROVIDED AND/OR DISCOVERED BY: The vendor credits Filippo Cavallarin. ORIGINAL ADVISORY: http://www.openwall.com/lists/oss-security/2012/01/26/5 http://postfixadmin.svn.sourceforge.net/svnroot/postfixadmin/branches/postfixadmin-2.3/CHANGELOG.TXT OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 27 19:17:38 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 28 Jan 2012 04:17:38 +0100 Subject: [SEC] [SA47605] IBM SPSS SamplePower VsVIEW6 ActiveX Control Two Vulnerabilities Message-ID: <201201280317.q0S3HcFO024832@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: IBM SPSS SamplePower VsVIEW6 ActiveX Control Two Vulnerabilities SECUNIA ADVISORY ID: SA47605 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47605/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47605 RELEASE DATE: 2012-01-17 DISCUSS ADVISORY: http://secunia.com/advisories/47605/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47605/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47605 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in IBM SPSS SamplePower, which can be exploited by malicious people to compromise a user's system. The vulnerabilities are caused due to unspecified errors in the VsVIEW6 ActiveX Control (VsVIEW6.ocx) when handling the "SaveDoc()" and "PrintFile()" methods. No further information is currently available. Successful exploitation may allow execution of arbitrary code. The vulnerabilities are reported in version 3.0. SOLUTION: As a workaround the vendor recommends to set the kill-bit for the affected ActiveX control. PROVIDED AND/OR DISCOVERED BY: The vendor credits Andrea Micalizza aka rgod via ZDI. ORIGINAL ADVISORY: IBM: http://www.ibm.com/support/docview.wss?uid=swg21577951 ISS X-Force: http://xforce.iss.net/xforce/xfdb/72119 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 30 10:30:35 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 30 Jan 2012 19:30:35 +0100 Subject: [SEC] [SA47782] WHMCompleteSolution Ticket Subject Code Injection Vulnerability Message-ID: <201201301830.q0UIUZMr006795@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: WHMCompleteSolution Ticket Subject Code Injection Vulnerability SECUNIA ADVISORY ID: SA47782 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47782/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47782 RELEASE DATE: 2012-01-30 DISCUSS ADVISORY: http://secunia.com/advisories/47782/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47782/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47782 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in WHMCompleteSolution, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an error in includes/functions.php when processing the subject field of submitted tickets and can be exploited to execute arbitrary PHP code. The vulnerability is reported in versions 4.5.2 and prior and versions 5.0.3 and prior. SOLUTION: Apply the patch. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: WHMCompleteSolution: http://forum.whmcs.com/showthread.php?t=43462 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 30 11:29:53 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 30 Jan 2012 20:29:53 +0100 Subject: [SEC] [SA47682] Gentoo update for bip Message-ID: <201201301929.q0UJTrWj029545@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Gentoo update for bip SECUNIA ADVISORY ID: SA47682 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47682/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47682 RELEASE DATE: 2012-01-30 DISCUSS ADVISORY: http://secunia.com/advisories/47682/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47682/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47682 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gentoo has issued an update for bip. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system. For more information: SA41285 SA47679 SOLUTION: Update to version "net-irc/bip-0.8.8-r1" or later. ORIGINAL ADVISORY: GLSA 201201-18: http://security.gentoo.org/glsa/glsa-201201-18.xml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 30 12:35:51 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 30 Jan 2012 21:35:51 +0100 Subject: [SEC] [SA47771] IBM WebSphere Application Server for z/OS Data Disclosure Security Issue Message-ID: <201201302035.q0UKZpMl020010@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: IBM WebSphere Application Server for z/OS Data Disclosure Security Issue SECUNIA ADVISORY ID: SA47771 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47771/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47771 RELEASE DATE: 2012-01-30 DISCUSS ADVISORY: http://secunia.com/advisories/47771/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47771/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47771 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in IBM WebSphere Application Server for z/OS, which can be exploited by malicious, local users to gain knowledge of potentially sensitive information. The security issue is caused due to the SibRaRecoverableSiXaResource class logging certain potentially sensitive information to the FFDC log files. The security issue is reported in IBM WebSphere Application Server for z/OS version 6.1.x prior to 6.1.0.41. SOLUTION: Update to version 6.1.0.41 (Fix Pack 41). PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: IBM (PM36685): http://www.ibm.com/support/docview.wss?uid=swg1PM36685 http://www.ibm.com/support/docview.wss?uid=swg27007951 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 30 13:29:42 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 30 Jan 2012 22:29:42 +0100 Subject: [SEC] [SA47769] IBM Web Experience Factory Smart Refresh Script Insertion Vulnerability Message-ID: <201201302129.q0ULTgIw010297@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: IBM Web Experience Factory Smart Refresh Script Insertion Vulnerability SECUNIA ADVISORY ID: SA47769 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47769/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47769 RELEASE DATE: 2012-01-30 DISCUSS ADVISORY: http://secunia.com/advisories/47769/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47769/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47769 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in IBM Web Experience Factory, which can be exploited by malicious people to conduct script insertion attacks. Certain unspecified input is not properly sanitised before being used by the Smart Refresh component. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. The vulnerability is reported in versions 7.0.0.2 and 7.0.1.2. SOLUTION: Apply interim fix LO65984_WPF7002 or LO65985_WEF7012. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www-01.ibm.com/support/docview.wss?uid=swg21575083 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 30 14:32:19 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 30 Jan 2012 23:32:19 +0100 Subject: [SEC] [SA47680] Gentoo update for acroread Message-ID: <201201302232.q0UMWJQC000644@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Gentoo update for acroread SECUNIA ADVISORY ID: SA47680 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47680/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47680 RELEASE DATE: 2012-01-30 DISCUSS ADVISORY: http://secunia.com/advisories/47680/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47680/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47680 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gentoo has issued an update for acroread. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, and compromise a user's system. For more information: SA42095 SA43207 SA45978 SA47133 SOLUTION: Update to "app-text/acroread-9.4.7" or later. ORIGINAL ADVISORY: GLSA 201201-19: http://www.gentoo.org/security/en/glsa/glsa-201201-19.xml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 30 14:56:42 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 30 Jan 2012 23:56:42 +0100 Subject: [SEC] [SA47746] Gentoo ktsuss Two Vulnerabilities Message-ID: <201201302256.q0UMug6O022936@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Gentoo ktsuss Two Vulnerabilities SECUNIA ADVISORY ID: SA47746 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47746/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47746 RELEASE DATE: 2012-01-30 DISCUSS ADVISORY: http://secunia.com/advisories/47746/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47746/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47746 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gentoo has acknowledged two vulnerabilities in the ktsuss package, which can be exploited by malicious, local users to bypass certain security restrictions and gain escalated privileges. 1) An error within src/ktsuss.c when the target UID (user ID) and the current UID are identical leads to an authentication bypass and prevents the dropping of privileges, which can be exploited to execute arbitrary commands with root privileges. 2) An error due to spawning a GTK interface subprocess with root privileges can be exploited to execute arbitrary commands with root privileges by using the "GTK_MODULES" environment variable. SOLUTION: The vendor recommends to unmerge ktsuss. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: 1, 2) John Lightsey via the OSS mailing list. ORIGINAL ADVISORY: GLSA 201201-15: http://www.gentoo.org/security/en/glsa/glsa-201201-15.xml OSS security: http://www.openwall.com/lists/oss-security/2011/08/13/2 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 30 15:11:50 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 31 Jan 2012 00:11:50 +0100 Subject: [SEC] [SA47792] Inquisiq R3 Cross-Site Request Forgery Vulnerability Message-ID: <201201302311.q0UNBowE012642@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Inquisiq R3 Cross-Site Request Forgery Vulnerability SECUNIA ADVISORY ID: SA47792 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47792/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47792 RELEASE DATE: 2012-01-30 DISCUSS ADVISORY: http://secunia.com/advisories/47792/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47792/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47792 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Vulnerability Lab has reported a vulnerability in Inquisiq R3, which can be exploited by malicious people to conduct cross-site request forgery attacks. The application's web interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. change the administrator's password and conduct cross-site scripting and script insertion attacks by tricking a logged in user into visiting a malicious web site. SOLUTION: Do not browse untrusted websites or follow untrusted links while logged in to the application. PROVIDED AND/OR DISCOVERED BY: Chokri B.A., Vulnerability Lab. ORIGINAL ADVISORY: http://www.vulnerability-lab.com/get_content.php?id=317 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 30 16:34:13 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 31 Jan 2012 01:34:13 +0100 Subject: [SEC] [SA47717] Gentoo update for chromium Message-ID: <201201310034.q0V0YDrA003357@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Gentoo update for chromium SECUNIA ADVISORY ID: SA47717 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47717/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47717 RELEASE DATE: 2012-01-30 DISCUSS ADVISORY: http://secunia.com/advisories/47717/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47717/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47717 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gentoo has issued an update for chromium. This fixes some vulnerabilities, which potentially can be exploited by malicious people to compromise a user's system. For more information: SA47449 SA47694 SOLUTION: Update to version "www-client/chromium-16.0.912.77" or later. ORIGINAL ADVISORY: GLSA 201201-17: http://security.gentoo.org/glsa/glsa-201201-17.xml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 30 16:59:16 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 31 Jan 2012 01:59:16 +0100 Subject: [SEC] [SA47726] Debian update for wireshark Message-ID: <201201310059.q0V0xGwu025702@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Debian update for wireshark SECUNIA ADVISORY ID: SA47726 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47726/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47726 RELEASE DATE: 2012-01-30 DISCUSS ADVISORY: http://secunia.com/advisories/47726/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47726/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47726 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for wireshark. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a user's system. For more information: SA45927 SA47494 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2395-1: http://www.debian.org/security/2012/dsa-2395 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 30 17:26:13 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 31 Jan 2012 02:26:13 +0100 Subject: [SEC] [SA47719] Gentoo update for xkeyboard-config Message-ID: <201201310126.q0V1QDmM015590@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Gentoo update for xkeyboard-config SECUNIA ADVISORY ID: SA47719 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47719/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47719 RELEASE DATE: 2012-01-30 DISCUSS ADVISORY: http://secunia.com/advisories/47719/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47719/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47719 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gentoo has issued an update for xkeyboard-config. This fixes a weakness, which can be exploited by malicious people with physical access to bypass certain security restrictions. For more information: SA47566 SOLUTION: Update to version "x11-misc/xkeyboard-config-2.4.1-r3" or later. ORIGINAL ADVISORY: GLSA 201201-16: http://security.gentoo.org/glsa/glsa-201201-16.xml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 30 17:46:48 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 31 Jan 2012 02:46:48 +0100 Subject: [SEC] [SA47714] Debian update for icu Message-ID: <201201310146.q0V1km7q005371@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Debian update for icu SECUNIA ADVISORY ID: SA47714 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47714/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47714 RELEASE DATE: 2012-01-30 DISCUSS ADVISORY: http://secunia.com/advisories/47714/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47714/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47714 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for icu. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise an application using the library. For more information: SA47146 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2397-1: http://lists.debian.org/debian-security-announce/2012/msg00021.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 30 18:11:39 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 31 Jan 2012 03:11:39 +0100 Subject: [SEC] [SA47803] Ada Web Server Web Form Hash Collision Denial of Service Vulnerability Message-ID: <201201310211.q0V2Bd8H027605@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Ada Web Server Web Form Hash Collision Denial of Service Vulnerability SECUNIA ADVISORY ID: SA47803 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47803/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47803 RELEASE DATE: 2012-01-30 DISCUSS ADVISORY: http://secunia.com/advisories/47803/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47803/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47803 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ogro has reported a vulnerability in Ada Web Server, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error within a hash generation function when hashing form posts and updating a hash table. This can be exploited to cause a hash collision resulting in high CPU consumption via a specially crafted form sent in a HTTP POST request. The vulnerability is reported in version 2.10.0. Other versions may also be affected. SOLUTION: Update to version 2.10.2 or 2.11. PROVIDED AND/OR DISCOVERED BY: Ogro ORIGINAL ADVISORY: Ada Web Server: http://archives.neohapsis.com/archives/bugtraq/2012-01/0169.html Ogro: http://ogrod2.blogspot.com/2012/01/28c3-effective-denial-of-service.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 30 18:46:28 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 31 Jan 2012 03:46:28 +0100 Subject: [SEC] [SA47765] FFmpeg Multiple Vulnerabilities Message-ID: <201201310246.q0V2kSWH017604@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: FFmpeg Multiple Vulnerabilities SECUNIA ADVISORY ID: SA47765 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47765/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47765 RELEASE DATE: 2012-01-30 DISCUSS ADVISORY: http://secunia.com/advisories/47765/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47765/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47765 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in FFmpeg, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library. 1) A boundary error within the DV decoder can be exploited to cause an out-of-bounds read via specially crafted media files. 2) An NULL-pointer dereference error within the DV decoder can be exploited to cause a crash via specially crafted media files. 3) A double-free error within the "vp3_update_thread_context()" function (libavcodec/vp3.c) can be exploited via specially crafted media files. 4) An error within the "codec_get_buffer()" function (ffmpeg.c) can be exploited via specially crafted media files. 5) An error within the "ff_h263_decode_frame()" function (libavformat/nsvdec.c) can be exploited via specially crafted media files. 6) A boundary error within the "nsv_read_chunk()" function (libavformat/nsvdec.c) can be exploited to cause an out-of-bounds write via specially crafted media files. 7) An error within the "decode_mb()" function (libavcodec/error_resilience.c) can be exploited to cause an out-of-bounds write via specially crafted media files. 8) An error within the "smacker_decode_header_tree()" function (libavcodec/smacker.c) can be exploited via specially crafted media files. 9) An error within the "decode_frame()" function (libavcodec/kgv1dec.c) can be exploited via specially crafted media files. 10) An error within the H264 decoder can be exploited to cause an infinite loop via specially crafted media files. 11) An error within the "read_offs()" function (libavcodec/mjpegbdec.c) can be exploited via specially crafted media files. 12) An error within the "dirac_unpack_idwt_params()" function (libavcodec/diracdec.c) can be exploited via specially crafted media files. 13) An error within the "dirac_decode_data_unit()" function (libavcodec/diracdec.c) can be exploited via specially crafted media files. 14) An error within the "dpcm_decode_frame()" function (libavcodec/dpcm.c) can be exploited via specially crafted media files. 15) An error within the "decode_init()" function (libavcodec/kmvc.c) can be exploited via specially crafted media files. 16) An error within the "rv20_decode_picture_header()" function (libavcodec/rv10.c) can be exploited to cause a crash via specially crafted Matroska files. 17) A NULL-pointer dereference error within the "decode_mb_info()" function (libavcodec/indeo5.c) can be exploited to cause a crash via specially crafted media files. SOLUTION: Update to version 0.10. PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1-15) Mateusz "j00ru" Jurczyk and Gynvael Coldwind 16, 17) John Villamil ORIGINAL ADVISORY: http://ffmpeg.org/security.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 30 19:17:01 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 31 Jan 2012 04:17:01 +0100 Subject: [SEC] [SA47763] Samba Connection Request Memory Leak Denial of Service Vulnerability Message-ID: <201201310317.q0V3H1XA008036@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Samba Connection Request Memory Leak Denial of Service Vulnerability SECUNIA ADVISORY ID: SA47763 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47763/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47763 RELEASE DATE: 2012-01-30 DISCUSS ADVISORY: http://secunia.com/advisories/47763/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47763/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47763 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Samba, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to a memory leak error within the smbd daemon when handling connection requests and can be exploited to exhaust memory and render the service unusable. The vulnerability is reported in versions 3.6.0 through 3.6.2. SOLUTION: Update to version 3.6.3. PROVIDED AND/OR DISCOVERED BY: The vendor credits Youzhong Yang and Ira Cooper, MathWorks. ORIGINAL ADVISORY: http://www.samba.org/samba/security/CVE-2012-0817 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 30 19:44:58 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 31 Jan 2012 04:44:58 +0100 Subject: [SEC] [SA47721] Debian update for qemu-kvm Message-ID: <201201310344.q0V3iwpn030313@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Debian update for qemu-kvm SECUNIA ADVISORY ID: SA47721 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47721/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47721 RELEASE DATE: 2012-01-30 DISCUSS ADVISORY: http://secunia.com/advisories/47721/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47721/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47721 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for qemu-kvm. This fixes a vulnerability, which can be exploited by malicious, local users in a guest virtual machine to potentially gain escalated privileges. For more information: SA47741 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2396-1: http://www.debian.org/security/2012/dsa-2396 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 31 10:30:31 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 31 Jan 2012 19:30:31 +0100 Subject: [SEC] [SA47780] FishEye / Crucible Webwork 2 Code Injection Vulnerability Message-ID: <201201311830.q0VIUVHv000791@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: FishEye / Crucible Webwork 2 Code Injection Vulnerability SECUNIA ADVISORY ID: SA47780 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47780/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47780 RELEASE DATE: 2012-01-31 DISCUSS ADVISORY: http://secunia.com/advisories/47780/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47780/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47780 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in FishEye and Crucible, which can be exploited by malicious users to compromise a vulnerable system. Certain unspecified input is not properly sanitised within the Webwork 2 framework before being used and can be exploited to inject and execute arbitrary Java code. Successful exploitation requires administrative privileges. This may be related to: SA47393 The vulnerability is reported in versions 2.0 through 2.7.8. SOLUTION: Update to version 2.6.7 or 2.7.9. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://confluence.atlassian.com/display/FISHEYE/FishEye+and+Crucible+Security+Advisory+2012-01-31 https://jira.atlassian.com/browse/FE-3891 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 31 11:30:37 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 31 Jan 2012 20:30:37 +0100 Subject: [SEC] [SA47758] VMware ESX Server Multiple Vulnerabilities Message-ID: <201201311930.q0VJUbTr023634@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: VMware ESX Server Multiple Vulnerabilities SECUNIA ADVISORY ID: SA47758 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47758/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47758 RELEASE DATE: 2012-01-31 DISCUSS ADVISORY: http://secunia.com/advisories/47758/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47758/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47758 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: VMware has acknowledged multiple vulnerabilities in VMware ESX Server, which can be exploited by malicious, local users to disclose potentially sensitive and system information, bypass certain security restrictions, cause a DoS (Denial of Service), and gain escalated privileges, by malicious people with physical access to disclose certain system information, and by malicious people to disclose sensitive information, conduct spoofing and cross-site scripting attacks, cause a DoS, and compromise a vulnerable system. For more information: SA40205 SA42176 SA43358 SA43537 SA43693 SA43803 SA43806 SA44164 SA44248 SA44466 SA44754 SA44792 SA45193 SA45253 SA45328 SA45835 SA45897 SA46539 1) A weakness exists in the bundled version of cURL. For more information: SA45067 2) Two vulnerabilities exist in the bundled version of rpm. For more information: SA43675 SA46096 3) Some security issues and vulnerabilities exist in the bundled version of samba. For more information: SA38286 SA38811 SA45371 SA45393 4) A security issue and some vulnerabilities exist in the bundled version of python. For more information: SA36425 SA41968 SA43463 SA43831 The vulnerabilities are reported in versions 4.0 and 4.1. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: VMSA-2012-0001: http://www.vmware.com/security/advisories/VMSA-2012-0001.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 31 12:29:33 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 31 Jan 2012 21:29:33 +0100 Subject: [SEC] [SA47799] HostBill Ticket Subject Code Injection Vulnerability Message-ID: <201201312029.q0VKTXSf013999@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: HostBill Ticket Subject Code Injection Vulnerability SECUNIA ADVISORY ID: SA47799 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47799/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47799 RELEASE DATE: 2012-01-31 DISCUSS ADVISORY: http://secunia.com/advisories/47799/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47799/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47799 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in HostBill, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an error when processing the subject field of submitted tickets and can be exploited to execute arbitrary PHP code. The vulnerability is reported in versions prior to 3.1.2. SOLUTION: Update to version 3.1.2. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: Hostbill: http://hostbillapp.com/changelog/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 31 13:29:36 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 31 Jan 2012 22:29:36 +0100 Subject: [SEC] [SA47812] SilverStripe Page Title Script Insertion Vulnerability Message-ID: <201201312129.q0VLTaJr004387@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: SilverStripe Page Title Script Insertion Vulnerability SECUNIA ADVISORY ID: SA47812 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47812/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47812 RELEASE DATE: 2012-01-31 DISCUSS ADVISORY: http://secunia.com/advisories/47812/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47812/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47812 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in SilverStripe, which can be exploited by malicious users to conduct script insertion attacks. Input passed via the "Title" parameter to admin/EditForm when creating a page is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being unpublished, deleted, or republished. Successful exploitation requires "Content Authors" privileges. The vulnerability is confirmed in version 2.4.6. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Karthik R ORIGINAL ADVISORY: http://packetstormsecurity.org/files/109210/silverstripecmspage-xss.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 31 14:27:29 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 31 Jan 2012 23:27:29 +0100 Subject: [SEC] [SA47608] VMware ESXi Server Python Multiple Vulnerabilities Message-ID: <201201312227.q0VMRTLr027122@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: VMware ESXi Server Python Multiple Vulnerabilities SECUNIA ADVISORY ID: SA47608 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47608/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47608 RELEASE DATE: 2012-01-31 DISCUSS ADVISORY: http://secunia.com/advisories/47608/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47608/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47608 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: VMware has acknowledged a security issue and multiple vulnerabilities in VMware ESXi Server, which can be exploited by malicious people to disclose sensitive information, cause a DoS (Denial of Service), and potentially compromise a vulnerable system. For more information: SA36425 SA39937 SA43831 The security issue and vulnerabilities are reported in the versions 3.5, 4.0, 4.1, and 5.0. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: VMSA-2012-0001: http://www.vmware.com/security/advisories/VMSA-2012-0001.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 31 14:44:21 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 31 Jan 2012 23:44:21 +0100 Subject: [SEC] [SA47785] Debian update for php5 Message-ID: <201201312244.q0VMiLEd016851@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Debian update for php5 SECUNIA ADVISORY ID: SA47785 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47785/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47785 RELEASE DATE: 2012-01-31 DISCUSS ADVISORY: http://secunia.com/advisories/47785/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47785/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47785 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for php5. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, cause a DoS (Denial of Service) and compromise a vulnerable system. For more information: SA44874 SA46107 SA47404 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2399-1: http://www.debian.org/security/2012/dsa-2399 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 31 15:12:07 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 1 Feb 2012 00:12:07 +0100 Subject: [SEC] [SA47804] Hitachi JP1/IT Service Level Management Unspecified Cross-Site Scripting Vulnerability Message-ID: <201201312312.q0VNC7WN006756@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Hitachi JP1/IT Service Level Management Unspecified Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA47804 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47804/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47804 RELEASE DATE: 2012-01-31 DISCUSS ADVISORY: http://secunia.com/advisories/47804/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47804/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47804 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Hitachi JP1/IT Service Level Management, which can be exploited by malicious people to conduct cross-site scripting attacks. Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is reported in version 09-50. SOLUTION: Update to version 09-51. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: Hitachi (English): http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-005/index.html Hitachi (Japanese): http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS12-005/index.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 31 16:27:23 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 1 Feb 2012 01:27:23 +0100 Subject: [SEC] [SA47738] HP Network Automation Unspecified Security Bypass Vulnerability Message-ID: <201202010027.q110RNRa029766@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: HP Network Automation Unspecified Security Bypass Vulnerability SECUNIA ADVISORY ID: SA47738 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47738/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47738 RELEASE DATE: 2012-01-31 DISCUSS ADVISORY: http://secunia.com/advisories/47738/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47738/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47738 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in HP Network Automation, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused due to an unspecified error and can be exploited to gain unauthorised access. No more information is currently available. The vulnerability is reported in HP Network Automation versions 9.0 and v9.10 running on Linux, Solaris, and Windows. SOLUTION: Update to version 9.10 and apply patch 2 or subsequent (Network Automation 09.10.02, NA_00015). PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: HPSBMU02738 SSRT100748: http://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c03171149 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 31 16:47:24 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 1 Feb 2012 01:47:24 +0100 Subject: [SEC] [SA47825] Hitachi JP1/IT Resource Management Unspecified Cross-Site Scripting Vulnerability Message-ID: <201202010047.q110lO1f019642@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Hitachi JP1/IT Resource Management Unspecified Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA47825 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47825/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47825 RELEASE DATE: 2012-01-31 DISCUSS ADVISORY: http://secunia.com/advisories/47825/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47825/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47825 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Hitachi JP1/IT Resource Management, which can be exploited by malicious people to conduct cross-site scripting attacks. For more information: SA47804 The vulnerability is reported in versions 09-10 through 09-10-03, 09-11 through 09-11-04, and 09-50 through 09-50-01. SOLUTION: Update to version 09-11-05 or 09-50-02 when available. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: Hitachi (English): http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-005/index.html Hitachi (Japanese): http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS12-005/index.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 31 17:14:20 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 1 Feb 2012 02:14:20 +0100 Subject: [SEC] [SA47774] Hitachi JP1/IT Desktop Management Unspecified Cross-Site Scripting Vulnerability Message-ID: <201202010114.q111EKcE009533@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Hitachi JP1/IT Desktop Management Unspecified Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA47774 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47774/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47774 RELEASE DATE: 2012-01-31 DISCUSS ADVISORY: http://secunia.com/advisories/47774/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47774/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47774 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Hitachi JP1/IT Desktop Management, which can be exploited by malicious people to conduct cross-site scripting attacks. Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is reported in version 09-50. SOLUTION: Update to version 09-50-01. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: Hitachi (English): http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-004/index.html Hitachi (Japanese): http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS12-004/index.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 31 17:46:54 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 1 Feb 2012 02:46:54 +0100 Subject: [SEC] [SA47773] Hitachi uCosminexus EUR Print Manager Unspecified Cross-Site Scripting Vulnerability Message-ID: <201202010146.q111ksR6031882@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Hitachi uCosminexus EUR Print Manager Unspecified Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA47773 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47773/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47773 RELEASE DATE: 2012-01-31 DISCUSS ADVISORY: http://secunia.com/advisories/47773/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47773/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47773 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Hitachi uCosminexus EUR Print Manager, which can be exploited by malicious people to conduct cross-site scripting attacks. Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Please see the vendor's advisory for the list of affected products. SOLUTION: Update to version 08-70-/B. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: Hitachi (English): http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-006/index.html Hitachi (Japanese): http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS12-006/index.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 31 18:13:51 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 1 Feb 2012 03:13:51 +0100 Subject: [SEC] [SA47818] RESTEasy XML Entity References Information Disclosure Vulnerability Message-ID: <201202010213.q112DpjN021769@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: RESTEasy XML Entity References Information Disclosure Vulnerability SECUNIA ADVISORY ID: SA47818 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47818/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47818 RELEASE DATE: 2012-01-31 DISCUSS ADVISORY: http://secunia.com/advisories/47818/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47818/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47818 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in RESTEasy, which can be exploited by malicious people to disclose potentially sensitive information. The vulnerability is caused due to an error when processing XML data, which can be exploited to e.g. disclose contents of certain local files by sending specially crafted XML data including external entity references. The vulnerability is reported in versions prior to 2.3.1. SOLUTION: Update to version 2.3.1. PROVIDED AND/OR DISCOVERED BY: Reported in a bug by Anuj Kathuria. ORIGINAL ADVISORY: https://issues.jboss.org/browse/RESTEASY-637 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 31 18:46:05 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 1 Feb 2012 03:46:05 +0100 Subject: [SEC] [SA47832] RESTEasy JAXB XML Entity References Information Disclosure Vulnerability Message-ID: <201202010246.q112k5du011737@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: RESTEasy JAXB XML Entity References Information Disclosure Vulnerability SECUNIA ADVISORY ID: SA47832 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47832/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47832 RELEASE DATE: 2012-01-31 DISCUSS ADVISORY: http://secunia.com/advisories/47832/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47832/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47832 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in RESTEasy, which can be exploited by malicious people to disclose potentially sensitive information. The vulnerability is caused due to an error when processing JAXB XML data, which can be exploited to e.g. disclose contents of certain local files by sending specially crafted XML data including external entity references. The vulnerability is reported in version 2.3.1. Other versions may also be affected. SOLUTION: Do not process untrusted XML data. PROVIDED AND/OR DISCOVERED BY: Reported in a bug by Anuj Kathuria. ORIGINAL ADVISORY: https://issues.jboss.org/browse/RESTEASY-647 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 31 19:20:57 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 1 Feb 2012 04:20:57 +0100 Subject: [SEC] [SA47815] Hitachi uCosminexus Products Unspecified Cross-Site Scripting Vulnerability Message-ID: <201202010320.q113Kvi6002150@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Hitachi uCosminexus Products Unspecified Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA47815 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47815/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47815 RELEASE DATE: 2012-01-31 DISCUSS ADVISORY: http://secunia.com/advisories/47815/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47815/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47815 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in some Hitachi uCosminexus products, which can be exploited by malicious people to conduct cross-site scripting attacks. For more information: SA47773 The vulnerability is reported in the following products: * Hitachi uCosminexus Stream Data Platform versions 01-00 through 01-00-/A. * Hitachi HiRDB RealTime Monitor versions 09-00 and 09-01. SOLUTION: Update to a fixed version when available. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: Hitachi (English): http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-006/index.html Hitachi (Japanese): http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS12-006/index.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 31 19:43:32 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 1 Feb 2012 04:43:32 +0100 Subject: [SEC] [SA47787] Mibew Messenger Cross-Site Request Forgery Vulnerability Message-ID: <201202010343.q113hWf6024426@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Mibew Messenger Cross-Site Request Forgery Vulnerability SECUNIA ADVISORY ID: SA47787 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47787/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47787 RELEASE DATE: 2012-01-31 DISCUSS ADVISORY: http://secunia.com/advisories/47787/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47787/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47787 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: CodSeq has discovered a vulnerability in Mibew Messenger, which can be exploited by malicious people to conduct cross-site request forgery attacks. The application's web interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. change an administrator's password and conduct script insertion attacks by tricking a logged in administrator into visiting a malicious web site. The vulnerability is confirmed in version 1.6.4. Other versions may also be affected. SOLUTION: Do not browse untrusted websites or follow untrusted links while logged in to the application. PROVIDED AND/OR DISCOVERED BY: CodSeq. ORIGINAL ADVISORY: CSA-12001: http://www.codseq.it/advisories/mibew_messenger_multiple_xss OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 31 19:55:31 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 1 Feb 2012 04:55:31 +0100 Subject: [SEC] [SA47826] HP Network Automation Unspecified Security Bypass Vulnerability Message-ID: <201202010355.q113tVPQ014082@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: HP Network Automation Unspecified Security Bypass Vulnerability SECUNIA ADVISORY ID: SA47826 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47826/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47826 RELEASE DATE: 2012-01-31 DISCUSS ADVISORY: http://secunia.com/advisories/47826/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47826/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47826 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in HP Network Automation, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused due to an unspecified error. For more information: SA47738 The vulnerability is reported in HP Network Automation versions 7.5x and 7.6x running on Linux, Solaris, and Windows. SOLUTION: Upgrade to version 9.10 and apply patch 2 or subsequent (Network Automation 09.10.02, NA_00015). PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: HPSBMU02738 SSRT100748: http://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c03171149 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 31 20:08:19 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 1 Feb 2012 05:08:19 +0100 Subject: [SEC] [SA47831] LuraWave JP2 Browser Plug-In File Processing Buffer Overflow Vulnerability Message-ID: <201202010408.q1148Jof003743@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: LuraWave JP2 Browser Plug-In File Processing Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA47831 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47831/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47831 RELEASE DATE: 2012-01-31 DISCUSS ADVISORY: http://secunia.com/advisories/47831/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47831/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47831 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Parvez Anwar has discovered a vulnerability in LuraWave JP2 Browser Plug-In, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an error in npjp2.dll when processing the Quantization Default (QCD) marker segment. This can be exploited to cause a stack-based buffer overflow via a specially crafted JPEG2000 (JP2) file. Successful exploitation allows execution of arbitrary code, but requires tricking a user into visiting a malicious web page. The vulnerability is confirmed in version 1.1.1.11. Other versions may also be affected. SOLUTION: Upgrade to version 2.1.1.11. PROVIDED AND/OR DISCOVERED BY: Parvez Anwar via Secunia. OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 31 20:22:35 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 1 Feb 2012 05:22:35 +0100 Subject: [SEC] [SA47350] LuraWave JP2 ActiveX Control File Processing Buffer Overflow Vulnerability Message-ID: <201202010422.q114MZfo025826@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: LuraWave JP2 ActiveX Control File Processing Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA47350 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47350/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47350 RELEASE DATE: 2012-01-31 DISCUSS ADVISORY: http://secunia.com/advisories/47350/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47350/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47350 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Parvez Anwar has discovered a vulnerability in LuraWave JP2 ActiveX Control, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an error in jp2_x.dll when processing the Quantization Default (QCD) marker segment. This can be exploited to cause a stack-based buffer overflow via a specially crafted JPEG2000 (JP2) file. Successful exploitation allows execution of arbitrary code, but requires tricking a user into visiting a malicious web page. The vulnerability is confirmed in version 2.1.5.5. Other versions may also be affected. SOLUTION: Update to version 2.1.5.11. PROVIDED AND/OR DISCOVERED BY: Parvez Anwar via Secunia. OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 31 20:43:19 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 1 Feb 2012 05:43:19 +0100 Subject: [SEC] [SA47784] TWiki User Organization Script Insertion Vulnerability Message-ID: <201202010443.q114hJdR015603@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: TWiki User Organization Script Insertion Vulnerability SECUNIA ADVISORY ID: SA47784 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47784/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47784 RELEASE DATE: 2012-01-31 DISCUSS ADVISORY: http://secunia.com/advisories/47784/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47784/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47784 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Sony has discovered a vulnerability in TWiki, which can be exploited by malicious people to conduct script insertion attacks. Input passed via the Organization field when registering or editing a user is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. The vulnerability is confirmed in version 5.1.1. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Sony ORIGINAL ADVISORY: http://st2tea.blogspot.com/2012/01/cross-site-scripting-twiki.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 31 20:55:19 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 1 Feb 2012 05:55:19 +0100 Subject: [SEC] [SA47786] Image Hosting Script DPI "showseries" Cross-Site Scripting Vulnerability Message-ID: <201202010455.q114tJv3005263@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Image Hosting Script DPI "showseries" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA47786 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47786/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47786 RELEASE DATE: 2012-01-31 DISCUSS ADVISORY: http://secunia.com/advisories/47786/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47786/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47786 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Image Hosting Script DPI, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to the "showseries" parameter in misc.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 1.3. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Red Security TEAM ORIGINAL ADVISORY: http://packetstormsecurity.org/files/109240/dpi10-xss.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 31 21:10:40 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 1 Feb 2012 06:10:40 +0100 Subject: [SEC] [SA47764] Debian update for curl Message-ID: <201202010510.q115AeAV028372@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Debian update for curl SECUNIA ADVISORY ID: SA47764 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47764/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47764 RELEASE DATE: 2012-01-31 DISCUSS ADVISORY: http://secunia.com/advisories/47764/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47764/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47764 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for curl. This fixes a weakness and a vulnerability, which can be exploited by malicious people to disclose potentially sensitive information, hijack a user's session, and manipulate certain data. For more information: SA47690 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2398-1: http://lists.debian.org/debian-security-announce/2012/msg00022.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 31 21:22:19 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 1 Feb 2012 06:22:19 +0100 Subject: [SEC] [SA47743] sudo "sudo_debug()" Format String Privilege Escalation Vulnerability Message-ID: <201202010522.q115MJ4a018018@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: sudo "sudo_debug()" Format String Privilege Escalation Vulnerability SECUNIA ADVISORY ID: SA47743 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47743/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47743 RELEASE DATE: 2012-01-31 DISCUSS ADVISORY: http://secunia.com/advisories/47743/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47743/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47743 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: joernchen has discovered a vulnerability in sudo, which can be exploited by malicious, local users to gain escalated privileges. The vulnerability is caused due to a format string error within the "sudo_debug()" function (src/sudo.c) when processing the program's name. This can be exploited by e.g. symlinking the sudo binary to a file with a specially crafted filename containing format specifiers and then executing the maliciously named symlink. The vulnerability is confirmed in version 1.8.3p1 and reported in versions 1.8.0 through 1.8.3p1. SOLUTION: Update to version 1.8.3p2. PROVIDED AND/OR DISCOVERED BY: joernchen ORIGINAL ADVISORY: sudo: http://www.sudo.ws/sudo/alerts/sudo_debug.html joernchen: http://seclists.org/fulldisclosure/2012/Jan/att-590/advisory_sudo.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 31 21:42:55 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 1 Feb 2012 06:42:55 +0100 Subject: [SEC] [SA47822] Red Hat update for ruby Message-ID: <201202010542.q115gteP007806@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Red Hat update for ruby SECUNIA ADVISORY ID: SA47822 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47822/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47822 RELEASE DATE: 2012-01-31 DISCUSS ADVISORY: http://secunia.com/advisories/47822/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47822/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47822 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for ruby. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA47405 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2012:0069-1: https://rhn.redhat.com/errata/RHSA-2012-0069.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 31 21:55:15 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 1 Feb 2012 06:55:15 +0100 Subject: [SEC] [SA47820] Red Hat update for php Message-ID: <201202010555.q115tFSw029846@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Red Hat update for php SECUNIA ADVISORY ID: SA47820 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47820/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47820 RELEASE DATE: 2012-01-31 DISCUSS ADVISORY: http://secunia.com/advisories/47820/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47820/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47820 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for php. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, bypass certain security restrictions, and cause a DoS (Denial of Service). For more information: SA43328 SA44874 SA46107 SA47404 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2012:0071-1: https://rhn.redhat.com/errata/RHSA-2012-0071.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 31 22:08:12 2012 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 1 Feb 2012 07:08:12 +0100 Subject: [SEC] [SA47821] Red Hat update for ruby Message-ID: <201202010608.q1168C4u019518@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Red Hat update for ruby SECUNIA ADVISORY ID: SA47821 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47821/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47821 RELEASE DATE: 2012-01-31 DISCUSS ADVISORY: http://secunia.com/advisories/47821/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47821/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47821 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for ruby. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA47405 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2012:0070-1: https://rhn.redhat.com/errata/RHSA-2012-0070.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ----------------------------------------------------------------------