Ad: Manage updates with the Download App
ie8 fix

Spyware, viruses, & security forum: VULNERABILITIES / FIXES - April 30, 2012

by: Carol~ April 30, 2012 8:01 AM PDT

Like this

0 people like this thread

Staff pick

VULNERABILITIES / FIXES - April 30, 2012

by Carol~ Moderator - 4/30/12 8:01 AM

SUSE update for MozillaFirefox, MozillaThunderbird, seamonkey, and xulrunner

Release Date : 2012-04-30

Criticality level : Highly critical
Impact : Security Bypass
Cross Site Scripting
Spoofing
Exposure of system information
Exposure of sensitive information
System access
Where : From remote
Solution Status : Vendor Patch

Operating System: openSUSE 11.4
openSUSE 12.1

Description:
SUSE has issued an update for MozillaFirefox, MozillaThunderbird, seamonkey, and xulrunner. This fixes multiple vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting and spoofing attacks, disclose certain system and sensitive information, bypass certain security restrictions, and compromise a user's system.

Solution:
Apply updated packages via the zypper package manager.

Original Advisory:
openSUSE-SU-2012:0567-1:
http://lists.opensuse.org/opensuse-updates/2012-04/msg00066.html

http://secunia.com/advisories/49055/


Reply
Report offensive post
Email to friend

Ubuntu update for firefox

by Carol~ Moderator - 4/30/12 8:03 AM

In Reply to: VULNERABILITIES / FIXES - April 30, 2012 by Carol~ Moderator

Release Date : 2012-04-30

Criticality level : Highly critical
Impact : Security Bypass
Cross Site Scripting
Spoofing
Exposure of system information
Exposure of sensitive information
System access
Where : From remote
Solution Status : Vendor Patch

Operating System: Ubuntu Linux 10.04
Ubuntu Linux 11.04
Ubuntu Linux 11.10
Ubuntu Linux 12.04

Description:
Ubuntu has issued an update for firefox. This:fixes multiple vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting and spoofing attacks, disclose certain system and sensitive information, bypass certain security restrictions, and compromise a user's system.

Solution:
Apply upda:ted packages.

Original Advisory:
USN-1430-1:
http://www.ubuntu.com/usn/usn-1430-1

USN-1430-2:
http://www.ubuntu.com/usn/usn-1430-2

http://secunia.com/advisories/49047/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

IBM OS/400 HTTP Server mod_proxy Reverse Proxy Mode Security

by Carol~ Moderator - 4/30/12 9:06 AM

In Reply to: VULNERABILITIES / FIXES - April 30, 2012 by Carol~ Moderator

IBM OS/400 HTTP Server mod_proxy Reverse Proxy Mode Security Bypass Weakness

Release Date : 2012-04-30

Criticality level : Less critical
Impact : Security Bypass
Where : From remote
Solution Status : Vendor Patch

Operating System: IBM OS/400 6.x

Description:
IBM has acknowledged a weakness in OS/400, which can be exploited by malicious people to bypass certain security restrictions.

The weakness is reported in versions V6R1M0.

Solution:
Apply APAR SE51505 or install PTF SI46401.

Original Advisory:
IBM (SE51505, SI46401):
http://www.ibm.com/support/docview.wss?uid=nas2394373277328c954862579cd003c709c
http://www.ibm.com/support/docview.wss?uid=nas39578294f523b4b8c862579dd00751bce

http://secunia.com/advisories/49028/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

SKYUC "encode" Cross-Site Scripting Vulnerability

by Carol~ Moderator - 4/30/12 9:06 AM

In Reply to: VULNERABILITIES / FIXES - April 30, 2012 by Carol~ Moderator

Release Date : 2012-04-30

Criticality level : Less critical
Impact : Cross Site Scripting
Where : From remote
Solution Status : Unpatched

Software: SKYUC 3.x

Description:
A vulnerability has been discovered in SKYUC, which can be exploited by malicious people to conduct cross-site scripting attacks.

Input passed via the "encode" parameter to search.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

The vulnerability is confirmed in version 3.4.1. Other versions may also be affected.

Solution:
Filter malicious characters and character sequences using a proxy.

Provided and/or discovered by:
Farbod Mahini.

http://secunia.com/advisories/49006/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Debian update for imagemagick

by Carol~ Moderator - 4/30/12 9:57 AM

In Reply to: VULNERABILITIES / FIXES - April 30, 2012 by Carol~ Moderator

Release Date : 2012-04-30

Criticality level : Moderately critical
Impact : System access
DoS
Where : From remote
Solution Status : Vendor Patch

Operating System: Debian GNU/Linux 6.0

Description:
Debian has issued an update for imagemagick. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.

Solution:
Apply updated packages via the apt-get package manager.

Original Advisory:
DSA-2462-1:
http://www.debian.org/security/2012/dsa-2462

http://secunia.com/advisories/48974/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

OpenStack Compute (Nova) iptables Resource Exhaustion Denial

by Carol~ Moderator - 4/30/12 11:54 AM

In Reply to: VULNERABILITIES / FIXES - April 30, 2012 by Carol~ Moderator

OpenStack Compute (Nova) iptables Resource Exhaustion Denial of Service Vulnerability

Release Date : 2012-04-30

Criticality level : Less critical
Impact : DoS
Where : From remote
Solution Status : Vendor Workaround

Software: OpenStack Compute (Nova) 2012.x

Description:
A vulnerability has been reported in OpenStack Compute (Nova), which can be exploited by malicious users to cause a DoS (Denial of Service).

The vulnerability is caused due to the application not enforcing quotas on the number of security group rules created. This can be exploited to create multiple iptables rules and exhaust system resources.

The vulnerability is reported in version 2012.1. Other versions may also be affected.

Solution:
Fixed in the GIT repository.

Provided and/or discovered by:
Red Hat credits Dan Prince.

Original Advisory:
https://bugs.launchpad.net/nova/+bug/969545

http://secunia.com/advisories/49034/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Axous "id" SQL Injection Vulnerability

by Carol~ Moderator - 4/30/12 2:09 PM

In Reply to: VULNERABILITIES / FIXES - April 30, 2012 by Carol~ Moderator

Release Date : 2012-04-30

Criticality level : Moderately critical
Impact : Manipulation of data
Where : From remote
Solution Status : Vendor Patch

Software: Axous 1.x

Description:
A vulnerability has been discovered in Axous, which can be exploited by malicious people to conduct SQL injection attacks.

Input passed via the "id" parameter to page.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

The vulnerability is reported in version 1.1.0 and confirmed in version 1.01. Prior versions may also be affected.

Solution:
Update to version 1.1.1.

Provided and/or discovered by:
farbodmahini

Original Advisory:
http://www.exploit-db.com/exploits/18793/

http://secunia.com/advisories/48989/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Opial Script Insertion and SQL Injection Vulnerabilities

by Carol~ Moderator - 4/30/12 2:11 PM

In Reply to: VULNERABILITIES / FIXES - April 30, 2012 by Carol~ Moderator

Release Date : 2012-04-30

Criticality level : Moderately critical
Impact : Cross Site Scripting
Manipulation of data
Where : From remote
Solution Status : Unpatched

Software: Opial 2.x

Description:
Two vulnerabilities have been reported in Opial, which can be exploited by malicious people to conduct script insertion and SQL injection attacks.

1) Input passed via the "searchkeayword" parameter to searchresult.php when performing a search is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed.

2) Input passed via the "albumid" parameter to albumdetail.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

The vulnerabilities are reported in version 2.0. Other versions may also be affected.

Solution:
Filter malicious characters and character sequences using a proxy.

Provided and/or discovered by:
1) the_storm via Vulnerability Laboratory Research
2) Originally reported in Opial 1.0 by ThE g0bL!N

Original Advisory:
the_storm:
http://www.vulnerability-lab.com/get_content.php?id=522

ThE g0bL!N:
http://www.exploit-db.com/exploits/9080/

http://secunia.com/advisories/48982/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

WordPress Zingiri Web Shop Plugin Cross-Site Scripting

by Carol~ Moderator - 4/30/12 2:12 PM

In Reply to: VULNERABILITIES / FIXES - April 30, 2012 by Carol~ Moderator

WordPress Zingiri Web Shop Plugin Cross-Site Scripting and Script Insertion Vulnerabilities

Release Date : 2012-04-27
Last Update: 2012-04-30

Criticality level : Moderately critical
Impact : Cross Site Scripting
Where : From remote
Solution Status : Vendor Patch

Software: WordPress Zingiri Web Shop Plugin 2.x

Description:
Two vulnerabilities have been discovered in the Zingiri Web Shop plugin for WordPress, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting attacks.

1) Input passed via the "page" parameter to index.php is not properly sanitised before being returned to the user in plugins/zingiri-web-shop/zing.inc.php. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

2) Input passed via the "notes" POST parameter to index.php (when "page" is set to "checkout") is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site if malicious data is viewed.

The vulnerabilities are confirmed in version 2.4.0. Other versions may also be affected.

Solution:
Update to version 2.4.2.

Provided and/or discovered by:
Mehmet Ince

Original Advisory:
Mehmet Ince:
http://www.exploit-db.com/exploits/18787/

Zingiri:
http://wordpress.org/extend/plugins/zingiri-web-shop/changelog/

http://secunia.com/advisories/48991


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

HP ProCurve 5400 zl Switch Malware Infected Compact Flash

by Carol~ Moderator - 4/30/12 2:13 PM

In Reply to: VULNERABILITIES / FIXES - April 30, 2012 by Carol~ Moderator

HP ProCurve 5400 zl Switch Malware Infected Compact Flash Card

Release Date : 2012-04-11
Last Update: 2012-04-30

Criticality level : Less critical
Impact : System access
Where : From remote
Solution Status : Vendor Patch

Operating System: HP ProCurve 5400 zl Switch Series

Description:
A security issue has:been reported in the HP ProCurve 5400 zl Switch, which can be exploited by malicious people to compromise a users' system.

The security issue is caused due to certain switches being distributed with compact flash cards containing malware. This can be exploited to infect a user's system if the compact flash card is connected to it.

Please see the vendor's advisory for a list of affected models and serial numbers.

Solution:
Apply software update K.15.08.00007:

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
HPSBPV02754 SSRT100803:
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03249176

http://secunia.com/advisories/48738


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Uiga Personal Portal Multiple Cross-Site Scripting and SQL

by Carol~ Moderator - 4/30/12 2:17 PM

In Reply to: VULNERABILITIES / FIXES - April 30, 2012 by Carol~ Moderator

Uiga Personal Portal Multiple Cross-Site Scripting and SQL Injection Vulnerabilities

Release Date : 2010-03-01
Last Update: 2012-04-30

Criticality level : Moderately critical
Impact : Cross Site Scripting
Where : From remote
Solution Status : Unpatched

Software: Uiga Personal Portal

Description:
Multiple vulnerabilities have been discovered in Uiga Personal Portal, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.

1) Input passed via the "id" parameter to index.php (when "view" is set to "photos") is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

2) Input passed via the "exhort" parameter to index.php (when "view" is set to "ar_det") is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

3) Input passed via the URL to cart.php, includes/photoview.php, and index2.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

4) Input passed via the "p" parameter to index2.php (when "c" is set to "1") is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

The vulnerabilities are confirmed in the version downloaded on April 27th 2010. Other versions may also be affected.

Solution:
Edit the source code to ensure that input is properly sanitised.

Provided and/or discovered by:
1) Easy Laster
2) 41.w4r10r
3) Eyup CELIK
4) farbodmahini, Secure-Land Security Team

Original Advisory:
Easy Laster:
http://www.exploit-db.com/exploits/11599/

Eyup CELIK:
http://www.exploit-db.com/exploits/18002/

farbodmahini:
http://packetstormsecurity.org/files/112288/uigapersonalportalindex2-sql.txt

http://secunia.com/advisories/38757


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Uiga FanClub SQL Injection and Cross-Site Scripting

by Carol~ Moderator - 4/30/12 2:54 PM

In Reply to: VULNERABILITIES / FIXES - April 30, 2012 by Carol~ Moderator

Uiga FanClub SQL Injection and Cross-Site Scripting Vulnerabilities

Release Date : 2010-03-01
Last Update: 2012-04-30

Criticality level : Moderately critical
Impact : Cross Site Scripting
Where : From remote
Solution Status : Unpatched

Software: Uiga FanClub

Description:
Some vulnerabilities have been discovered in Uiga FanClub, which can be exploited by malicious people to conduct SQL injection and cross-site scripting attacks.

1) Input passed via the "id" parameter to index.php (when "view" is set to "photos") is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

2) Input passed to the "admin_name" and "admin_password" parameters in admin/admin_login.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

3) Input passed via the "p" parameter to index2.php (when "c" is set to "1") is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

The vulnerabilities are confirmed in the version downloaded on March 1st 2010. Other versions may also be affected.

Solution:
Edit the source code to ensure that input is properly sanitised.

Provided and/or discovered by:
1) Easy Laster
2) An anonymous person
3) farbodmahini, Secure-Land Security Team

Original Advisory:
Easy Laster:
http://www.exploit-db.com/exploits/11600/

farbodmahini:
http://packetstormsecurity.org/files/112287/Uiga-FanClub-SQL-Injection.html

http://secunia.com/advisories/38756


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

SilverStripe Multiple Script Insertion Vulnerabilities

by Carol~ Moderator - 4/30/12 2:54 PM

In Reply to: VULNERABILITIES / FIXES - April 30, 2012 by Carol~ Moderator

Release Date : 2012-01-31
Last Update: 2012-04-30

Criticality level : Less critical
Impact : Cross Site Scripting
Where : From remote
Solution Status : Vendor Patch

Software: SilverStripe 2.x

Description:
Multiple vulnerabilities have been reported in SilverStripe, which can be exploited by malicious users to conduct script insertion attacks.

1) Input passed via the "Title" parameter to admin/EditForm when creating a page is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being unpublished, deleted, or republished.

Successful exploitation requires "Content Authors" privileges.

This vulnerability is confirmed in version 2.4.6. Prior versions may also be affected.

2) Certain input when inserting data into templates is not properly sanitised in the "getHTML()" function in core/control/SilverStripeNavigatorItem.php before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed.

This vulnerability is reported in versions prior to 2.4.7.

Solution:
Update to version 2.4.7.

Provided and/or discovered by:
1) Karthik R.
2) Reported by the vendor.

Original Advisory:
http://packetstormsecurity.org/files/109210/silverstripecmspage-xss.txt

SilverStripe:
http://doc.silverstripe.org/sapphire/en/trunk/changelogs/2.4.7

http://secunia.com/advisories/47812


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Forum Icon Legend

  • UnreadUnread
  • ReadRead
  • Locked threadLocked thread
  •   
  •   
  •   
  •   
  •   
  •   
  •   
  • ModeratorModerator
  • CNET StaffCNET Staff
  • Samsung StaffSamsung Staff
  • Norton Authorized Support TeamNorton Authorized Support Team
  • AVG StaffAVG Staff
  • avast! Staffavast! Staff
  • Webroot Support TeamWebroot Support Team
  • Acer Customer Experience TeamAcer Customer Experience Team
  • Windows Outreach TeamWindows Outreach Team
  • DISH staffDISH staff
  • Dell StaffDell Staff
  • Intel StaffIntel Staff
  • QuestionQuestion
  • Resolved questionResolved question
  • General discussionGeneral discussion
  • TipTip
  • Alert or warningAlert or warning
  • PraisePraise
  • RantRant

You are e-mailing the following post: Post Subject

Your e-mail address is used only to let the recipient know who sent the e-mail and in case of transmission error. Neither your address nor the recipient's address will be used for any other purpose.

Sorry, there was a problem emailing this post. Please try again.

Submit Email Cancel

Thank you. Sent email to

Close

Thank you. Sent email to

Close

You are reporting the following post: Post Subject

If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.

Offensive: Sexually explicit or offensive language

Spam: Advertisements or commercial links

Disruptive posting: Flaming or offending other users

Illegal activities: Promote cracked software, or other illegal content

Sorry, there was a problem submitting your post. Please try again.

Submit Report Cancel

Your message has been submitted and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.

Close

Your message has been submitted and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.

Close

You are posting a reply to: Post Subject

The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to the CNET Forums policies for details. All submitted content is subject to CBS Interactive Site Terms of Use.

You are currently tracking this discussion. Click here to manage your tracked discussions.

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

Sorry, there was a problem submitting your post. Please try again.

Sorry, there was a problem generating the preview. Please try again.

Duplicate posts are not allowed in the forums. Please edit your post and submit again.

Submit Reply Preview Cancel

Thank you, , your post has been submitted.

> Click here to view your post. > Manage your tracked discussions. > Track this discussion. Close

Thank you, , your post has been submitted and will appear on our site shortly.

Close