Ad: Manage updates with the Download App
ie8 fix

Spyware, viruses, & security forum: VULNERABILITIES / FIXES - March 27, 2012

by: Carol~ March 27, 2012 3:24 AM PDT

Like this

0 people like this thread

Staff pick

VULNERABILITIES / FIXES - March 27, 2012

by Carol~ Moderator - 3/27/12 3:24 AM

Google Talk Credentials Disclosure Security Issue

Release Date: 2012-03-27

Criticality level: Less critical
Impact: Exposure of sensitive information
Where : From remote
Solution Status: Unpatched

Software: Google Talk 1.x

Description:
Andrea Micalizzi has discovered a security issue in Google Talk, which can be exploited by malicious people to disclose sensitive information.

The security issue is caused due to the application insecurely processing the data supplied via the "gtalk://" URI and can be exploited to redirect authentication requests in the clear text to an attacker chosen server.

Successful exploitation requires that a localised version is installed without uninstalling the non-localised version.

The security issue is confirmed in version 1.0.5. Other versions may also be affected.

Solution:
Follow proper uninstallation procedures before installing the localised version.

Provided and/or discovered by:
Andrea Micalizzi (rgod)

Original Advisory:
http://retrogod.altervista.org/9sg_gtalk_uri.html

http://secunia.com/advisories/48448/


Reply
Report offensive post
Email to friend

SUSE update for MozillaFirefox and MozillaThunderbird

by Carol~ Moderator - 3/27/12 5:04 AM

In Reply to: VULNERABILITIES / FIXES - March 27, 2012 by Carol~ Moderator

Release Date : 2012-03-27

Criticality level : Highly critical
Impact : Cross Site Scripting
Security Bypass
Exposure of sensitive information
System access
Where : From remote
Solution Status : Vendor Patch

Operating System: openSUSE 11.4
openSUSE 12.1

Description:
SUSE has issued an update for MozillaFirefox and MozillaThunderbird. This fixes multiple vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, disclose certain sensitive information, and compromise a user's system.

Solution:
Apply updated packages via the zypper package manager.

Original Advisory:
openSUSE-SU-2012:0417-1:
https://hermes.opensuse.org/messages/14081825

http://secunia.com/advisories/48553/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

SUSE update for libzip

by Carol~ Moderator - 3/27/12 5:56 AM

In Reply to: VULNERABILITIES / FIXES - March 27, 2012 by Carol~ Moderator

Release Date : 2012-03-27

Criticality level : Highly critical
Impact : System access
DoS
Where : From remote
Solution Status : Vendor Patch

Operating System: openSUSE 12.1

Description:
SUSE has issued an update for libzip. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library.

Solution:
Apply updated packages via the zypper package manager.

Original Advisory:
openSUSE-SU-2012:0416-1:
https://hermes.opensuse.org/messages/14081810

http://secunia.com/advisories/48562/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

SUSE update for gnash

by Carol~ Moderator - 3/27/12 6:51 AM

In Reply to: VULNERABILITIES / FIXES - March 27, 2012 by Carol~ Moderator

Release Date : 2012-03-27

Criticality level : Highly critical
Impact : System access
Where : From remote
Solution Status : Vendor Patch

Operating System: openSUSE 11.4
openSUSE 12.1

Description:
SUSE has issued an update for gnash. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.

Solution:
Apply updated packages via the zypper package manager.

Original Advisory:
openSUSE-SU-2012:0415-1:
https://hermes.opensuse.org/messages/14081796

http://secunia.com/advisories/48540/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

vBulletin vbShout Module "message" Cross-Site Scripting

by Carol~ Moderator - 3/27/12 6:51 AM

In Reply to: VULNERABILITIES / FIXES - March 27, 2012 by Carol~ Moderator

vBulletin vbShout Module "message" Cross-Site Scripting Vulnerability

Release Date : 2012-03-27

Criticality level : Less critical
Impact : Cross Site Scripting
Where : From remote
Solution Status : Vendor Patch

Software: vBShout (module for vBulletin) 6.x

Description:
A vulnerability has been reported in the vBShout module for vBulletin, which can be exploited by malicious people to conduct cross-site scripting attacks.

Input passed to the "message" parameter in vbshout.php (when "do" is set to "archive" and "instanceid" is valid) is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

This vulnerability is reported in versions prior to 6.0.7.

Solution:
Update to version 6.0.7.

Provided and/or discovered by:
Avram Marius Gabriel.

Original Advisory:
DragonByte Technologies:
http://www.dragonbyte-tech.com/f4/vbshout-v6-0-7-security-release-6885/

Avram Marius Gabriel:
http://packetstormsecurity.org/files/111160/vBulletin-vBShout-6.0.5-Cross-Site-Scripting.html

http://secunia.com/advisories/48531/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

vBulletin vBShop Module Multiple Script Insertion

by Carol~ Moderator - 3/27/12 6:51 AM

In Reply to: VULNERABILITIES / FIXES - March 27, 2012 by Carol~ Moderator

vBulletin vBShop Module Multiple Script Insertion Vulnerabilities

Release Date : 2012-03-27

Criticality level : Less critical
Impact : Cross Site Scripting
Where : From remote
Solution Status : Vendor Patch

Software: vBShop 2.x (module for vBulletin)

Description:
Multiple vulnerabilities have been reported in the vBShop module for vBulletin, which can be exploited by malicious users to conduct script insertion attacks.

1) Input passed via the message when sending a gift is not properly sanitised in dbtech/vbshop_pro/actions/inventory.php before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed.

2) Input passed via the donate message when donating is not properly sanitised in dbtech/vbshop_pro/actions/donate.php before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed.

3) Certain input is not properly sanitised in dbtech/vbshop_pro/actions/shopmanagement.php and dbtech/vbshop_pro/actions/itemmanagement.php before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed.

The vulnerabilities are reported in versions prior to 2.2.3.

Solution:
Update to version 2.2.3.

Provided and/or discovered by:
1) ToiL via bugabuse.net.
2-3) Reported by the vendor.

Original Advisory:
Bugabuse.net:
https://www.bugabuse.net/120-website-hacking/32496-vbshop-0day-bugabuse-net.html

DragonByte:
http://www.dragonbyte-tech.com/f4/vbshop-v2-2-3-security-release-6868/

http://secunia.com/advisories/48560/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Family Connections Cross-Site Scripting Vulnerability

by Carol~ Moderator - 3/27/12 6:56 AM

In Reply to: VULNERABILITIES / FIXES - March 27, 2012 by Carol~ Moderator

Release Date : 2012-03-27

Criticality level : Less critical
Impact : Cross Site Scripting
Where : From remote
Solution Status : Unpatched

Software: Family Connections 2.x

Description:
A vulnerability has been discovered in Family Connections, which can be exploited by malicious people to conduct cross-site scripting attacks.

Input passed to the "uid" parameter in gallery/index.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

The vulnerability is confirmed in version 2.9. Other versions may also be affected.

Solution:
Edit the source code to ensure that input is properly sanitised.

Provided and/or discovered by:
Ahmed Elhady Mohamed

Original Advisory:
http://www.exploit-db.com/exploits/18667/

http://secunia.com/advisories/48569/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Ruby Zip/Ruby Gem Zip File Parsing Vulnerabilities

by Carol~ Moderator - 3/27/12 7:28 AM

In Reply to: VULNERABILITIES / FIXES - March 27, 2012 by Carol~ Moderator

Release Date : 2012-03-27

Criticality level : Highly critical
Impact : System access
DoS
Where : From remote
Solution Status : Unpatched

Software: Zip/Ruby gem for Ruby 0.x

Description:
Two vulnerabilities have been reported in the Zip/Ruby gem for Ruby, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library.

The vulnerabilities exist in the bundled version of libzip.

The vulnerabilities are reported in version 0.3.6 and prior.

Solution:
Do not process untrusted ZIP archives.

Provided and/or discovered by:
Thomas Klausner and Timo Warns, PRESENSE Technologies GmbH

Original Advisory:
PRE-CERT:
http://www.pre-cert.de/advisories/PRE-SA-2012-02.txt

http://secunia.com/advisories/48534/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Opera Multiple Vulnerabilities

by Carol~ Moderator - 3/27/12 10:30 AM

In Reply to: VULNERABILITIES / FIXES - March 27, 2012 by Carol~ Moderator

Release Date : 2012-03-27

Criticality level : Highly critical
Impact : Security Bypass
Spoofing
System access
Where : From remote
Solution Status : Vendor Patch

Software: Opera 11.x

Description:
Multiple vulnerabilities have been reported in Opera, which can be exploited by malicious people to conduct spoofing attacks, bypass certain security restrictions, and potentially compromise a user's system.

1) An error when displaying the download dialog box within a small window can be exploited to download and execute a file by tricking a user into entering a specific keyboard sequence.

2) An error when displaying the download dialog box can be exploited to overlay the box with other content subsequently tricking a user into downloading and executing a file.

3) An error when handling history.state of sites implementing history.pushState and history.replaceState can be exploited to bypass the cross-domain policy restriction and disclose certain information to other sites.

4) An error when displaying certain dialogs can be exploited to display arbitrary content while showing the URL of a trusted web site in the address bar.

5) An error when handling redirects to a slowly responding, trusted site can be exploited to display arbitrary content while showing the URL of a trusted web site in the address bar.

The vulnerabilities are reported in versions prior to 11.62.

Solution:
Update to version 11.62.

Provided and/or discovered by:
1,2,5) The vendor credits Jordi Chancel.
3,4) Reported by the vendor.

Original Advisory:
Opera:
http://www.opera.com/docs/changelogs/windows/1162/
http://www.opera.com/support/kb/view/1010/
http://www.opera.com/support/kb/view/1011/
http://www.opera.com/support/kb/view/1012/
http://www.opera.com/support/kb/view/1013/
http://www.opera.com/support/kb/view/1014/

http://secunia.com/advisories/48535/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Event Calendar PHP "cal_year" Cross-Site Scripting

by Carol~ Moderator - 3/27/12 11:42 AM

In Reply to: VULNERABILITIES / FIXES - March 27, 2012 by Carol~ Moderator

Event Calendar PHP "cal_year" Cross-Site Scripting Vulnerability

Release Date : 2012-03-27

Criticality level : Less critical
Impact : Cross Site Scripting
Where : From remote
Solution Status : Vendor Patch

Software: Event Calendar PHP

Description:
A vulnerability has been reported in Event Calendar PHP, which can be exploited by malicious people to conduct cross-site scripting attacks.

Input passed via the "cal_year" parameter to certain scripts is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

The vulnerability is reported in versions downloaded prior to 2012-03-27.

Solution:
Update to a version downloaded after 2012-03-27.

Provided and/or discovered by:
3spi0n

Original Advisory
http://packetstormsecurity.org/files/111161/Event-Calendar-PHP-Cross-Site-Scripting.html

http://secunia.com/advisories/48539/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Debian update for linux-2.6

by Carol~ Moderator - 3/27/12 11:42 AM

In Reply to: VULNERABILITIES / FIXES - March 27, 2012 by Carol~ Moderator

Release Date : 2012-03-27

Criticality level : Not critical
Impact : DoS
Where : Local system
Solution Status : Vendor Patch

Operating System: Debian GNU/Linux 6.0

Description:
Debian has issued an update for linux-2.6. This fixes multiple security issues and vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and disclose potentially sensitive information and by malicious, local users and malicious, local users in a guest virtual machine to cause a DoS (Denial of Service).

Solution:
Apply updated packages via the apt-get package manager.

Original Advisory:
DSA-2443-1:
http://www.debian.org/security/2012/dsa-2443

http://secunia.com/advisories/48523/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Ubuntu update for linux-ec2

by Carol~ Moderator - 3/27/12 11:47 AM

In Reply to: VULNERABILITIES / FIXES - March 27, 2012 by Carol~ Moderator

Release Date : 2012-03-27

Criticality level : Not critical
Impact : DoS
Where : Local system
Solution Status : Vendor Patch

Operating System: Ubuntu Linux 10.04

Description:
Ubuntu has issued an update for linux-ec2. This fixes a vulnerability, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

Solution:
Apply updated packages.

Original Advisory:
USN-1410-1:
http://www.ubuntu.com/usn/usn-1410-1

http://secunia.com/advisories/48545/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Ubuntu update for linux-ti-omap4

by Carol~ Moderator - 3/27/12 11:47 AM

In Reply to: VULNERABILITIES / FIXES - March 27, 2012 by Carol~ Moderator

Release Date : 2012-03-27

Crriticality level : Less critical
Ipact : DoS
Where : From local network
Solution Status : Vendor Patch

Operating System: Ubuntu Linux 11.10

Description:
Ubuntu has issued an update for linux-ti-omap4. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to an error when handling VLAN packets for interfaces in promiscuous mode and can be exploited to cause a kernel crash via specially crafted VLAN packets.

Solution:
Apply updated packages.

Original Advisory:
USN-1404-1:
http://www.ubuntu.com/usn/usn-1404-1/

http://secunia.com/advisories/48547/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Ubuntu update for kernel

by Carol~ Moderator - 3/27/12 11:49 AM

In Reply to: VULNERABILITIES / FIXES - March 27, 2012 by Carol~ Moderator

Release Date : 2012-03-27

Criticality level : Not critical
Impact : Privilege escalation
DoS
Where : Local system
Solution Status : Vendor Patch

Operating System: Ubuntu Linux 11.10

Description:
Ubuntu has issued an update for the kernel. This fixes multiple vulnerabilities, which can be exploited by malicious, local users and malicious, local users in a guest virtual machine to cause a DoS (Denial of Service) and gain escalated privileges and by malicious people to cause a DoS (Denial of Service).

1) The vulnerability is caused due to an error within the "mem_cgroup_usage_unregister_event()" function when several events are attached to an eventfd and can be exploited to cause a kernel oops.

Solution:
Apply updated packages.

Original Advisory:
USN-1405-1:
http://www.ubuntu.com/usn/usn-1405-1

http://secunia.com/advisories/48544/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Ubuntu update for kernel (2)

by Carol~ Moderator - 3/27/12 11:50 AM

In Reply to: VULNERABILITIES / FIXES - March 27, 2012 by Carol~ Moderator

Release Date : 2012-03-27

Criticality level : Not critical
Impact : DoS
Where : Local system
Solution Status : Vendor Patch

Operating System: Ubuntu Linux 10.10
Ubuntu Linux 11.04

Description:
Ubuntu has issued an update for the kernel. This fixes multiple vulnerabilities, which can be exploited by malicious, local users and malicious, local users in a guest virtual machine to cause a DoS (Denial of Service).

Solution:
Apply updated packages.

Original Advisory:
USN-1406-1:
http://www.ubuntu.com/usn/usn-1406-1

USN-1407-1:
http://www.ubuntu.com/usn/usn-1407-1

http://secunia.com/advisories/48565/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Ubuntu update for linux-lts-backport-oneiric

by Carol~ Moderator - 3/27/12 1:07 PM

In Reply to: VULNERABILITIES / FIXES - March 27, 2012 by Carol~ Moderator

Release Date : 2012-03-27

Criticality level : Less critical
Impact : DoS
Where : From local network
Solution Status : Vendor Patch

Operating System: Ubuntu Linux 10.04

Description:
Ubuntu has issued an update for linux-lts-backport-oneiric. This fixes two vulnerabilities, which can be exploited by malicious, local users and malicious people to cause a DoS (Denial of Service).

Solution:
Apply updated packages.

Original Advisory:
USN-1409-1:
http://www.ubuntu.com/usn/usn-1409-1

http://secunia.com/advisories/48536/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Forum Icon Legend

  • UnreadUnread
  • ReadRead
  • Locked threadLocked thread
  •   
  •   
  •   
  •   
  •   
  •   
  •   
  • ModeratorModerator
  • CNET StaffCNET Staff
  • Samsung StaffSamsung Staff
  • Norton Authorized Support TeamNorton Authorized Support Team
  • AVG StaffAVG Staff
  • avast! Staffavast! Staff
  • Webroot Support TeamWebroot Support Team
  • Acer Customer Experience TeamAcer Customer Experience Team
  • Windows Outreach TeamWindows Outreach Team
  • DISH staffDISH staff
  • Dell StaffDell Staff
  • Intel StaffIntel Staff
  • QuestionQuestion
  • Resolved questionResolved question
  • General discussionGeneral discussion
  • TipTip
  • Alert or warningAlert or warning
  • PraisePraise
  • RantRant

You are e-mailing the following post: Post Subject

Your e-mail address is used only to let the recipient know who sent the e-mail and in case of transmission error. Neither your address nor the recipient's address will be used for any other purpose.

Sorry, there was a problem emailing this post. Please try again.

Submit Email Cancel

Thank you. Sent email to

Close

Thank you. Sent email to

Close

You are reporting the following post: Post Subject

If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.

Offensive: Sexually explicit or offensive language

Spam: Advertisements or commercial links

Disruptive posting: Flaming or offending other users

Illegal activities: Promote cracked software, or other illegal content

Sorry, there was a problem submitting your post. Please try again.

Submit Report Cancel

Your message has been submitted and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.

Close

Your message has been submitted and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.

Close

You are posting a reply to: Post Subject

The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to the CNET Forums policies for details. All submitted content is subject to CBS Interactive Site Terms of Use.

You are currently tracking this discussion. Click here to manage your tracked discussions.

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

Sorry, there was a problem submitting your post. Please try again.

Sorry, there was a problem generating the preview. Please try again.

Duplicate posts are not allowed in the forums. Please edit your post and submit again.

Submit Reply Preview Cancel

Thank you, , your post has been submitted.

> Click here to view your post. > Manage your tracked discussions. > Track this discussion. Close

Thank you, , your post has been submitted and will appear on our site shortly.

Close