Ad: Manage updates with the Download App
ie8 fix

Spyware, viruses, & security forum: VULNERABILITIES / FIXES - September 14, 2012

by: Carol~ September 14, 2012 6:03 AM PDT

Like this

0 people like this thread

Staff pick

VULNERABILITIES / FIXES - September 14, 2012

by Carol~ Moderator - 9/14/12 6:03 AM

Siemens SIMATIC S7-1200 SSL Private Key Reuse Security Issue

Release Date : 2012-09-14

Criticality level : Less critical
Impact : Spoofing
Where : From local network
Solution Status : Unpatched

Operating System : Siemens SIMATIC S7-1200 2.x

Description:
A security issue has been reported in Siemens SIMATIC S7-1200, which can be exploited by malicious people to conduct spoofing attacks.

The security issue is caused due to the use of a single SSL private key across multiple devices, which can be exploited to intercept and disclose encrypted traffic by spoofing another SIMATIC S7-1200 device.

The security issue is reported in versions 2.x.

Solution:
Upgrade to version 3.x.

Provided and/or discovered by:
The vendor credits Dmitry Sklyarov, Positive Technologies.

Original Advisory:
http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-240718.pdf

http://secunia.com/advisories/50630/


Reply
Report offensive post
Email to friend

IBM AIX NFS GID Enforcement Denial of Service Vulnerability

by Carol~ Moderator - 9/14/12 6:07 AM

In Reply to: VULNERABILITIES / FIXES - September 14, 2012 by Carol~ Moderator

Release Date : 2012-09-14

Criticality level : Less critical
Impact : DoS
Where : From local network
Solution Status : Vendor Patch

Operating System : AIX 5.x
AIX 6.x
AIX 7.x

Description:
A vulnerability has been reported in IBM AIX, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to GIDs in the NFS service not being enforced properly and can be exploited to render the service unusable.

The vulnerability is reported in AIX versions 5.3, 6.1, and 7.1.

Solution:
Apply fix.

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
IBM (IV17855, IV10327, IV11629, IV26436, IV12169):
http://aix.software.ibm.com/aix/efixes/security/nfsv4_advisory1.asc

http://secunia.com/advisories/50619/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Red Hat update for libxslt

by Carol~ Moderator - 9/14/12 6:08 AM

In Reply to: VULNERABILITIES / FIXES - September 14, 2012 by Carol~ Moderator

Release Date : 2012-09-14

Criticality level : Highly critical
Impact : Exposure of system information
DoS
System access
Where : From remote
Solution Status : Vendor Patch

Operating System : Red Hat Enterprise Linux Desktop 5
Red Hat Enterprise Linux Desktop 6
Red Hat Enterprise Linux HPC Node 6
Red Hat Enterprise Linux Server 5
Red Hat Enterprise Linux Server 6
Red Hat Enterprise Linux Workstation 6
RHEL Desktop Workstation 5

Description:
Red Hat has issued an update for libxslt. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose system information, cause a DoS (Denial of Service), and compromise an application using the library.

Solution:
Updated packages are available via Red Hat Network.

Original Advisory:
RHSA-2012:1265-2:
https://rhn.redhat.com/errata/RHSA-2012-1265.html

http://secunia.com/advisories/50634/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Ubuntu update for bind9

by Carol~ Moderator - 9/14/12 6:08 AM

In Reply to: VULNERABILITIES / FIXES - September 14, 2012 by Carol~ Moderator

Release Date : 2012-09-14

Criticality level : Moderately critical
Impact : DoS
Where : From remote
Solution Status : Vendor Patch

Operating System : Ubuntu Linux 10.04
Ubuntu Linux 11.04
Ubuntu Linux 11.10
Ubuntu Linux 12.04
Ubuntu Linux 8.04

Description:
Ubuntu has issued an update for bind9. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

Solution:
Apply updated packages.

Original Advisory:
USN-1566-1:
http://www.ubuntu.com/usn/usn-1566-1/

http://secunia.com/advisories/50645/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Eucalyptus Denial of Service and Security Bypass

by Carol~ Moderator - 9/14/12 6:08 AM

In Reply to: VULNERABILITIES / FIXES - September 14, 2012 by Carol~ Moderator

Eucalyptus Denial of Service and Security Bypass Vulnerabilities

Release Date : 2012-09-14

Criticality level : Less critical
Impact : Security Bypass
DoS
Where : From remote
Solution Status : Vendor Patch

Software: Eucalyptus 3.x

Description:
Some vulnerabilities have been reported in Eucalyptus, which can be exploited by malicious users to bypass certain security restrictions and cause a DoS (Denial of Service).

1) An error within the configuration of the bundled Apache Santuario (XML Security) library when handling XML Signature transforms can be exploited to cause a DoS.

2) An error within the Cloud Controller and Walrus SOAP web services components does not properly validated credentials when submitting messages in the internal format and can be exploited to gain admin permissions.

3) An error within the Cloud Controller and Walrus SOAP web services components authorization mechanism does not properly validated credentials when accessing certain services and can be exploited to e.g. manipulate volumes and snapshots of other users.

The vulnerabilities are reported in versions prior to 3.1.1.

Solution:
Update to version 3.1.1.

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
http://www.eucalyptus.com/eucalyptus-cloud/security/esa-05
http://www.eucalyptus.com/eucalyptus-cloud/security/esa-06
http://www.eucalyptus.com/eucalyptus-cloud/security/esa-07

http://secunia.com/advisories/50644/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

qdPM myAccount Arbitrary File Upload Vulnerability

by Carol~ Moderator - 9/14/12 6:08 AM

In Reply to: VULNERABILITIES / FIXES - September 14, 2012 by Carol~ Moderator

Release Date : 2012-09-14

Criticality level : Moderately critical
Impact : System access
Where : From remote
Solution Status : Unpatched

Software: qdPM 7.x

Description:
loneferret has discovered a vulnerability in qdPM, which can be exploited by malicious users to compromise a vulnerable system.

The vulnerability is caused due to application improperly verifying uploaded files when changing the profile image in myAccount. This can be exploited to execute arbitrary PHP code by uploading a PHP file.

The vulnerability is confirmed in version 7. Other versions may also be affected.

Solution:
No official solution is currently available.

Provided and/or discovered by:
loneferret

Original Advisory:
http://www.exploit-db.com/exploits/19154/

http://secunia.com/advisories/50599/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Vino Clipboard Content Disclosure Security Issue

by Carol~ Moderator - 9/14/12 6:08 AM

In Reply to: VULNERABILITIES / FIXES - September 14, 2012 by Carol~ Moderator

Release Date : 2012-09-14

Criticality level : Less critical
Impact : Exposure of sensitive information
Where : From local network
Solution Status : Unpatched

Software: Vino 3.x

Description:
A security issue has been reported in Vino, which can be exploited by malicious people to disclose certain sensitive information.

The security issue is caused due to the contents of the clipboard being transmitted to TCP port 5900, which can lead to sensitive data being disclosed.

The security issue is reported in version 3.4.2. Other versions may also be affected.

Solution:
No official solution is currently available.

Provided and/or discovered by:
nandhp in a bug report.

Original Advisory:
https://bugzilla.gnome.org/show_bug.cgi?id=678434
https://bugzilla.redhat.com/show_bug.cgi?id=857250

http://secunia.com/advisories/50527/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Red Hat update for postgresql

by Carol~ Moderator - 9/14/12 6:28 AM

In Reply to: VULNERABILITIES / FIXES - September 14, 2012 by Carol~ Moderator

Release Date : 2012-09-14

Criticality level : Moderately critical
Impact : System access
Where : From remote
Solution Status : Vendor Patch

Operating System : Red Hat Enterprise Linux Desktop 5
Red Hat Enterprise Linux Server 5
RHEL Desktop Workstation 5

Description:
Red Hat has issued an update for postgresql. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.

Solution:
Updated packages are available via Red Hat Network.

Original Advisory:
RHSA-2012:1264-1:
https://rhn.redhat.com/errata/RHSA-2012-1264.html

http://secunia.com/advisories/50636/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Red Hat update for postgresql and postgresql84

by Carol~ Moderator - 9/14/12 6:28 AM

In Reply to: VULNERABILITIES / FIXES - September 14, 2012 by Carol~ Moderator

Release Date : 2012-09-14

Criticality level : Moderately critical
Impact : Exposure of sensitive information
System access
Where : From remote
Solution Status : Vendor Patch

Operating System : Red Hat Enterprise Linux Desktop 5
Red Hat Enterprise Linux Desktop 6
Red Hat Enterprise Linux HPC Node 6
Red Hat Enterprise Linux Server 5
Red Hat Enterprise Linux Server 6
Red Hat Enterprise Linux Workstation 6
RHEL Desktop Workstation 5

Description:
Red Hat has issued an update for postgresql and postgresql84. This fixes two vulnerabilities, which can be exploited by malicious people to disclose certain sensitive information and compromise a user's system.

Solution:
Updated packages are available via Red Hat Network.

Original Advisory:
RHSA-2012:1263-1:
https://rhn.redhat.com/errata/RHSA-2012-1263.html

http://secunia.com/advisories/50635/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Red Hat update for bind97

by Carol~ Moderator - 9/14/12 7:40 AM

In Reply to: VULNERABILITIES / FIXES - September 14, 2012 by Carol~ Moderator

Release Date : 2012-09-14

Criticality level : Moderately critical
Impact : DoS
Where : From remote
Solution Status : Vendor Patch

Operating System : Red Hat Enterprise Linux Server 5
RHEL Desktop Workstation 5

Description:
Red Hat has issued an update for bind97. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

Solution:
Updated packages are available via Red Hat Network.

Original Advisory:
RHSA-2012:1266-1:
https://rhn.redhat.com/errata/RHSA-2012-1266.html

http://secunia.com/advisories/50582/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Tor Two Assertion Failure Denial of Service Vulnerabilities

by Carol~ Moderator - 9/14/12 7:40 AM

In Reply to: VULNERABILITIES / FIXES - September 14, 2012 by Carol~ Moderator

Release Date : 2012-09-14

Criticality level : Less critical
Impact : DoS
Where : From remote
Solution Status : Vendor Patch

Software: Tor 0.2.2.x

Description:
Two vulnerabilities have been reported in Tor, which can be exploited by malicious people to cause a DoS (Denial of Service).

1) An assertion failure within the "tor_timegm()" function when handling time information within a directory object can be exploited to cause a crash.

2) An assertion failure within the "compare_tor_addr_to_addr_policy()" function when handling certain port values can be exploited to crash directory authorities.

The vulnerabilities are reported in versions prior to 0.2.2.39.

Solution:
Update to version 0.2.2.39.

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
https://gitweb.torproject.org/tor.git/blob/release-0.2.2:/ReleaseNotes

http://secunia.com/advisories/50578/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

eZ Publish Account Creation Username Script Insertion

by Carol~ Moderator - 9/14/12 7:40 AM

In Reply to: VULNERABILITIES / FIXES - September 14, 2012 by Carol~ Moderator

eZ Publish Account Creation Username Script Insertion Vulnerability

Release Date : 2012-09-14

Criticality level : Moderately critical
Impact : Cross Site Scripting
Where : From remote
Solution Status : Partial Fix

Software: eZ Publish 4.x

Description:
A vulnerability has been reported in eZ Publish, which can be exploited by malicious people to conduct script insertion attacks.

Input passed as username when creating a profile is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed.

Successful exploitation requires the application to allow users to create accounts.

The vulnerability is reported in versions 4.0 through 4.7 and 4.2011 through 4.2012.8.

Solution:
Update or upgrade to a fixed version (see vendor's advisory for details).

Provided and/or discovered by:
The vendor credits Serhey Dolgushev

Original Advisory:
EZSA-2012-010:
http://share.ez.no/community-project/security-advisories/ezsa-2012-010-ez-publish-user-login-cross-site-scripting-xss-vulnerability

http://secunia.com/advisories/50641/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Debian update for tor

by Carol~ Moderator - 9/14/12 8:51 AM

In Reply to: VULNERABILITIES / FIXES - September 14, 2012 by Carol~ Moderator

Release Date : 2012-09-14

Criticality level : Less critical
Impact : DoS
Where : From remote
Solution Status : Vendor Patch

Operating System : Debian GNU/Linux 6.0

Description:
Debian has issued an update for tor. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

Solution:
Apply updated packages via the apt-get package manager.

Original Advisory:
DSA-2548-1:
http://www.debian.org/security/2012/dsa-2548

http://secunia.com/advisories/50583/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Red Hat update for bind

by Carol~ Moderator - 9/14/12 8:52 AM

In Reply to: VULNERABILITIES / FIXES - September 14, 2012 by Carol~ Moderator

Release Date : 2012-09-14

Criticality level : Moderately critical
Impact : DoS
Where : From remote
Solution Status : Vendor Patch

Operating System : Red Hat Enterprise Linux Desktop 5
Red Hat Enterprise Linux Desktop 6
Red Hat Enterprise Linux HPC Node 6
Red Hat Enterprise Linux Server 5
Red Hat Enterprise Linux Server 6
Red Hat Enterprise Linux Workstation 6
RHEL Desktop Workstation 5

Description:
Red Hat has issued an update for bind. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

Solution:
Updated packages are available via Red Hat Network.

Original Advisory:
RHSA-2012:1267-1:
https://rhn.redhat.com/errata/RHSA-2012-1267.html

RHSA-2012:1268-1:
https://rhn.redhat.com/errata/RHSA-2012-1268.html

http://secunia.com/advisories/50579/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Red Hat update for dbus

by Carol~ Moderator - 9/14/12 8:57 AM

In Reply to: VULNERABILITIES / FIXES - September 14, 2012 by Carol~ Moderator

Release Date : 2012-09-14

Criticality level : Less critical
Impact : Privilege escalation
Where : Local system
Solution Status : Vendor Patch

Operating System : Red Hat Enterprise Linux Desktop 6
Red Hat Enterprise Linux HPC Node 6
Red Hat Enterprise Linux Server 6
Red Hat Enterprise Linux Workstation 6

Description:
Red Hat has issued an update for dbus. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.

The vulnerability is caused due to the library not properly sanitizing certain environment settings when running binaries linked to it, which can be exploited to run setuid or setgid applications.

Solution:
Updated packages are available via Red Hat Network.

Provided and/or discovered by:
Sebastian Krahmer, SUSE Security Team.

Original Advisory:
RHSA-2012:1261-1:
https://rhn.redhat.com/errata/RHSA-2012-1261.html

http://secunia.com/advisories/50544/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

SUSE update for dbus-1

by Carol~ Moderator - 9/14/12 11:11 AM

In Reply to: VULNERABILITIES / FIXES - September 14, 2012 by Carol~ Moderator

Release Date : 2012-09-14

Criticality level : Less critical
Impact : Privilege escalation
Where : Local system
Solution Status : Vendor Patch

Operating System : SUSE Linux Enterprise Server (SLES) 11

Description:
SUSE has issued an update for dbus. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.

The vulnerability is caused due to the library not properly sanitizing certain environment settings when running binaries linked to it, which can be exploited to run setuid or setgid applications.

Solution:
Apply updated packages via the zypper package manager.

Provided and/or discovered by:
Sebastian Krahmer, SUSE Security Team.

Original Advisory:
SUSE-SU-2012:1155-1:
http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00009.html

SUSE-SU-2012:1155-2:
http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00015.html

http://secunia.com/advisories/50537/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Novell GroupWise Internet Agent "Content-Length" Integer

by Carol~ Moderator - 9/14/12 11:13 AM

In Reply to: VULNERABILITIES / FIXES - September 14, 2012 by Carol~ Moderator

Novell GroupWise Internet Agent "Content-Length" Integer Overflow Vulnerability

Release Date : 2012-09-14

Criticality level : Moderately critical
Impact : System access
Where From local network
Solution Status : Partial Fix

Software: GroupWise 2012.x
Novell GroupWise Server 8.x

Description:
Francis Provencher has discovered a vulnerability in Novell GroupWise, which can be exploited by malicious people to potentially compromise a vulnerable system.

The vulnerability is caused due to an integer overflow error in GroupWise Internet Agent (gwia.exe) when copying request data and can be exploited to cause a heap-based buffer overflow by e.g. sending a specially crafted request with the "Content-Length" header value set to "-1" to the web-based administration interface (TCP port 9850).

Successful exploitation may allow execution of arbitrary code.

The vulnerability is confirmed in version 8.0.2 HP3 and reported in version 2012. Other versions may also be affected.

Solution:
Apply fixes if available.

Provided and/or discovered by:
Francis Provencher, Protek Research Labs via Secunia.

http://secunia.com/advisories/50622/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

OpenX "xajaxargs" SQL Injection Vulnerability

by Carol~ Moderator - 9/14/12 12:13 PM

In Reply to: VULNERABILITIES / FIXES - September 14, 2012 by Carol~ Moderator

Release Date : 2012-09-14

Criticality level : Moderately critical
Impact : Manipulation of data
Where : From remote
Solution Status : Vendor Patch

Software: OpenX (formerly Openads and phpAdsNew) 2.x

Description:
A vulnerability has been discovered in OpenX, which can be exploited by malicious people to conduct SQL injection attacks.

Input passed via the "xajaxargs" parameter to www/admin/updates-history.php (when "xajax" is set to "expandOSURow") is not properly sanitised in e.g. the "queryAuditBackupTablesByUpgradeId()" function (lib/OA/Upgrade/DB_UpgradeAuditor.php) before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

The vulnerability is confirmed in version 2.8.9. Prior versions may also be affected.

Solution:
Update to version 2.8.10.

Provided and/or discovered by:
Reported by the vendor.

http://secunia.com/advisories/50598/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Forum Icon Legend

  • UnreadUnread
  • ReadRead
  • Locked threadLocked thread
  •   
  •   
  •   
  •   
  •   
  •   
  •   
  • ModeratorModerator
  • CNET StaffCNET Staff
  • Samsung StaffSamsung Staff
  • Norton Authorized Support TeamNorton Authorized Support Team
  • AVG StaffAVG Staff
  • avast! Staffavast! Staff
  • Webroot Support TeamWebroot Support Team
  • Acer Customer Experience TeamAcer Customer Experience Team
  • Windows Outreach TeamWindows Outreach Team
  • DISH staffDISH staff
  • Dell StaffDell Staff
  • Intel StaffIntel Staff
  • QuestionQuestion
  • Resolved questionResolved question
  • General discussionGeneral discussion
  • TipTip
  • Alert or warningAlert or warning
  • PraisePraise
  • RantRant

You are e-mailing the following post: Post Subject

Your e-mail address is used only to let the recipient know who sent the e-mail and in case of transmission error. Neither your address nor the recipient's address will be used for any other purpose.

Sorry, there was a problem emailing this post. Please try again.

Submit Email Cancel

Thank you. Sent email to

Close

Thank you. Sent email to

Close

You are reporting the following post: Post Subject

If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.

Offensive: Sexually explicit or offensive language

Spam: Advertisements or commercial links

Disruptive posting: Flaming or offending other users

Illegal activities: Promote cracked software, or other illegal content

Sorry, there was a problem submitting your post. Please try again.

Submit Report Cancel

Your message has been submitted and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.

Close

Your message has been submitted and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.

Close

You are posting a reply to: Post Subject

The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to the CNET Forums policies for details. All submitted content is subject to CBS Interactive Site Terms of Use.

You are currently tracking this discussion. Click here to manage your tracked discussions.

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

Sorry, there was a problem submitting your post. Please try again.

Sorry, there was a problem generating the preview. Please try again.

Duplicate posts are not allowed in the forums. Please edit your post and submit again.

Submit Reply Preview Cancel

Thank you, , your post has been submitted.

> Click here to view your post. > Manage your tracked discussions. > Track this discussion. Close

Thank you, , your post has been submitted and will appear on our site shortly.

Close