Ad: Manage updates with the Download App
ie8 fix

Spyware, viruses, & security forum: VULNERABILITIES / FIXES - October 04, 2012

by: Carol~ October 4, 2012 6:34 AM PDT

Like this

0 people like this thread

Staff pick

VULNERABILITIES / FIXES - October 04, 2012

by Carol~ Moderator - 10/4/12 6:34 AM

Apple OS X Server Multiple Vulnerabilities

Release Date : 2012-10-04

Criticality level : Moderately critical
Impact: ecurity Bypass
Exposure of sensitive information
System access
Where: From remote
Solution Status : Vendor Patch

Software: Apple OS X Server 2.x

Description:
Some vulnerabilities have been reported in Apple OS X Server, which can be exploited by malicious people to disclose certain sensitive information, bypass certain security restrictions, and compromise a user's system.

The vulnerabilities are reported in versions prior to 2.1.1.

Solution:
Update to version 2.1.1.

Original Advisory:
APPLE-SA-2012-09-19-4:
http://prod.lists.apple.com/archives/security-announce/2012/Oct/msg00000.html

http://secunia.com/advisories/50859/


Reply
Report offensive post
Email to friend

HP Network Node Manager i Unspecified Information Disclosure

by Carol~ Moderator - 10/4/12 6:35 AM

In Reply to: VULNERABILITIES / FIXES - October 04, 2012 by Carol~ Moderator

HP Network Node Manager i Unspecified Information Disclosure Weakness

Release Date 2012-10-04

Criticality level : Not critical
Impact : Exposure of sensitive information
Where : From local network
Solution Status : Vendor Patch

Software: HP Network Node Manager i (NNMi) 9.x

Description:
A weakness has been reported in HP Network Node Manager i, which can be exploited by malicious people to disclose certain sensitive information.

The weakness is caused due to an unspecified error. No further information is currently available.

The weakness is reported in version 9.20.

Solution:
Apply hotfix Hotfix-NNMI-9.2XP1-UI-20120917.zip or later.

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
HPSBMU02817 SSRT100950:
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03507708

http://secunia.com/advisories/50861/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Omnistar Mailer "form_id" SQL Injection Vulnerabilities

by Carol~ Moderator - 10/4/12 6:39 AM

In Reply to: VULNERABILITIES / FIXES - October 04, 2012 by Carol~ Moderator

Release Date : 2012-10-04

Criticality level : Moderately critical
Impact: Manipulation of data
Where: From remote
Solution Status : Unpatched

Software: Omnistar Mailer

Description:
Ibrahim El-Sayed has reported two vulnerabilities in Omnistar Mailer, which can be exploited by malicious people to conduct SQL injection attacks.

Input passed via the "form_id" parameter to users/index.php and users/register.php is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

The vulnerabilities are reported in version 7.2. Other versions may also be affected.

Solution:
No official solution is currently available.

Provided and/or discovered by:
Ibrahim El-Sayed (the_storm), Vulnerability Lab

Original Advisory:
http://www.vulnerability-lab.com/download_content.php?id=711

http://secunia.com/advisories/50792/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

McAfee Firewall Enterprise BIND Resource Record Denial

by Carol~ Moderator - 10/4/12 6:39 AM

In Reply to: VULNERABILITIES / FIXES - October 04, 2012 by Carol~ Moderator

McAfee Firewall Enterprise BIND Resource Record Denial of Service Vulnerability

Release Date : 2012-10-04

Criticality level : Moderately critical
Impact: DoS
Where: From remote
Solution Status : Vendor Patch

Operating System : McAfee Firewall Enterprise (formely Sidewinder Firewall) 7.x
McAfee Firewall Enterprise 8.x

Description:
McAfee has acknowledged a vulnerability in McAfee Firewall Enterprise, which can be exploited by malicious people to cause a DoS (Denial of Service).

Please see the vendor's advisory for the list of affected versions.

Solution:
Apply patches (please see the vendor's advisory for more information).

Original Advisory:
https://kc.mcafee.com/corporate/index?page=content&id=KB76379

http://secunia.com/advisories/50852/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Drupal Commerce extra panes Module Cross-Site Request

by Carol~ Moderator - 10/4/12 6:39 AM

In Reply to: VULNERABILITIES / FIXES - October 04, 2012 by Carol~ Moderator

Drupal Commerce extra panes Module Cross-Site Request Forgery Vulnerability

Release Date : 2012-10-04

Criticality level : Less critical
Impact: Cross Site Scripting
Where: From remote
Solution Status : Vendor Patch

Software: Drupal Commerce extra panes Module 7.x

Description:
A vulnerability has been reported in the Commerce extra panes module for Drupal, which can be exploited by malicious people to conduct cross-site request forgery attacks.

The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. enable or disable a Commerce extra panes pane if a logged-in administrative user visits a malicious web site.

The vulnerability is reported in 7.x-1.x versions prior to 7.x-1.1.

Solution:
Update to version 7.x-1.1.

Provided and/or discovered by:
The vendor credits Ivo Van Geertruyen, Drupal Security Team

Original Advisory:
SA-CONTRIB-2012-151:
http://drupal.org/node/1802258

http://secunia.com/advisories/50802/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Template CMS Cross-Site Scripting and Request Forgery

by Carol~ Moderator - 10/4/12 6:39 AM

In Reply to: VULNERABILITIES / FIXES - October 04, 2012 by Carol~ Moderator

Template CMS Cross-Site Scripting and Request Forgery Vulnerabilities

Release Date : 2012-10-04

Criticality level : Less critical
Impact: Cross Site Scripting
Where: From remote
Solution Status : Unpatched

Software: Template CMS 2.x

Description:
High-Tech Bridge has discovered two vulnerabilities in Template CMS, which can be exploited by malicious people to conduct cross-site scripting and request forgery attacks.

1) Input passed to the "themes_editor" parameter in admin/index.php (when "action" is set to "add_template" and "id" is set to "themes") is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

2) The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. create an arbitrary user with administrative privileges if a logged-in administrative user visits a malicious web site.

The vulnerabilities are confirmed in version 2.1.1. Other versions may also be affected.

Solution:
No official solution is currently available.

Provided and/or discovered by:
High-Tech Bridge

Original Advisory:
High-Tech Bridge:
https://www.htbridge.com/advisory/HTB23115

http://secunia.com/advisories/50803/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Joomla! MijoFTP Component Unspecified Vulnerability

by Carol~ Moderator - 10/4/12 6:52 AM

In Reply to: VULNERABILITIES / FIXES - October 04, 2012 by Carol~ Moderator

Release Date : 2012-10-04

Criticality level : Highly critical
Impact: System access
Where: From remote
Solution Status : Vendor Patch

Software: MijoFTP 1.x (component for Joomla!)

Description:
A vulnerability has been reported in the MijoFTP component for Joomla!, which can be exploited by malicious people to compromise a vulnerable system.

The vulnerability is caused due to an unspecified error. No further information is currently available.

The vulnerability is reported in versions prior to 1.1.0.

Solution:
Update to version 1.1.0.

Provided and/or discovered by:
Reported by the vendor

Original Advisory:
MijoFTP:
http://www.mijosoft.com/blog/mijoftp-11-released

http://secunia.com/advisories/50841/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Ubuntu update for kernel

by Carol~ Moderator - 10/4/12 6:52 AM

In Reply to: VULNERABILITIES / FIXES - October 04, 2012 by Carol~ Moderator

Release Date : 2012-10-04

Criticality level : Moderately critical
Impact: Prvilege escalation
DoS
Where: From remote
Solution Status : Vendor Patch

Operating System : Ubuntu Linux 10.04

Description:
Ubuntu has issued an update for kernel. This fixes two vulnerabilities, which can be exploited by malicious, local users in a guest virtual machine to cause a DoS (Denial of Service) and potentially gain escalated privileges and by malicious people to cause a DoS (Denial of Service).

Solution:
Apply updated packages.

Original Advisory:
USN-1594-1:
http://www.ubuntu.com/usn/usn-1594-1/

http://secunia.com/advisories/50846/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

XnView JPEG-LS Image Processing Buffer Overflow

by Carol~ Moderator - 10/4/12 9:20 AM

In Reply to: VULNERABILITIES / FIXES - October 04, 2012 by Carol~ Moderator

XnView JPEG-LS Image Processing Buffer Overflow Vulnerability

Release Date : 2012-10-04

Criticality level : Highly critical
Impact: System access
Where: From remote
Solution Status : Unpatched

Software: XnView 1.x

Description:
Reaction Information Security has discovered a vulnerability in XnView, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to an error when processing JPEG-LS (lossless compression) images and can be exploited to cause a heap-based buffer overflow via a specially crafted file.

Successful exploitation may allow execution of arbitrary code, but requires tricking a user into opening a malicious file.

The vulnerability is confirmed in version 1.99.1. Other versions may also be affected.

Solution:
No official solution is currently available.

Provided and/or discovered by:
Joseph Sheridan, Reaction Information Security.

Original Advisory:
http://www.reactionpenetrationtesting.co.uk/xnview-jls-heap.html

http://secunia.com/advisories/50825/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Red Hat update for JBoss Operations Network

by Carol~ Moderator - 10/4/12 9:38 AM

In Reply to: VULNERABILITIES / FIXES - October 04, 2012 by Carol~ Moderator

Release Date : 2012-10-04

Criticality level : Less critical
Impact: DoS
Where: From remote
Solution Status : Vendor Patch

Software: JBoss Operations Network 3.x

Description:
Red Hat has issued an update for JBoss Operations Network. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

Solution:
Updated packages are available via Red Hat Network.

Original Advisory:
RHSA-2012:1331-1:
https://rhn.redhat.com/errata/RHSA-2012-1331.html

http://secunia.com/advisories/50863/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

OSSIM Multiple Cross-Site Scripting Vulnerabilities

by Carol~ Moderator - 10/4/12 11:07 AM

In Reply to: VULNERABILITIES / FIXES - October 04, 2012 by Carol~ Moderator

Release Date : 2012-10-04

Criticality level : Less critical
Impact: Cross Site Scripting
Where: From remote
Solution Status : Unpatched

Software: OSSIM (AlienVault Open Source SIM) 4.x

Description:
Ibrahim M. El-Sayed has reported some vulnerabilities in OSSIM, which can be exploited by malicious people to conduct cross-site scripting attacks.

Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

The vulnerabilities are reported in version 4.0. Other versions may also be affected.

Solution:
No official solution is currently available.

Provided and/or discovered by:
Ibrahim M. El-Sayed (the StOrM), Vulnerability Lab

Original Advisory:
http://vulnerability-lab.com/download_content.php?id=679

http://secunia.com/advisories/50865/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

WordPress Spider Calendar Plugin Cross-Site Scripting

by Carol~ Moderator - 10/4/12 1:03 PM

In Reply to: VULNERABILITIES / FIXES - October 04, 2012 by Carol~ Moderator

WordPress Spider Calendar Plugin Cross-Site Scripting and SQL Injection Vulnerabilities

Release Date : 2012-10-04

Criticality level : Moderately critical
Impact: Cross Site Scripting
Manipulation of data
Where: From remote
Solution Status : Unpatched

Software: Wordpress Spider Calendar Plugin 1.x

Description:
Two vulnerabilities have been discovered in Spider Calendar plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.

1) Input passed via the "date" parameter to front_end/spidercalendarbig.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

2) Input passed via the "calendar_id" parameter to front_end/spidercalendarbig_seemore.php (when "ev_ids" is set to the id of an available event) is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

The vulnerabilities are confirmed in versions 1.0.1. Other versions may also be affected.

Solution:
No official solution is currently available.

Provided and/or discovered by:
Daniel Barragan aka "D4NB4R".

Original Advisory:
Daniel Barragan aka "D4NB4R":
http://packetstormsecurity.org/files/117078/WordPress-Spider-1.0.1-SQL-Injection-XSS.html

http://secunia.com/advisories/50812/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Linux Kernel "compat_put_timeval()" Argument Passing

by Carol~ Moderator - 10/4/12 1:03 PM

In Reply to: VULNERABILITIES / FIXES - October 04, 2012 by Carol~ Moderator

Linux Kernel "compat_put_timeval()" Argument Passing Weakness

Release Date 2012-10-04

Criticality level : Not critical
Impact : Exposure of system information
DoS
Where : Local system
Solution Status : Vendor Workaround

Operating System : Linux Kernel 3.5.x

Description:
A weakness has been reported in Linux Kernel, which can be exploited by malicious, local users to disclose system information and cause a DoS (Denial of Service).

The weakness is caused due to an error in net/socket.c when calling the "compat_put_timeval()" function, which incorrectly passes arguments resulting in kernel memory disclosure or system crash.

Successful exploitation may require an architecture that uses a separate address space for user and kernel area (e.g. PA-RISC).

Solution:
Fixed in the source code repository.

Provided and/or discovered by:
Mikulas Patocka, Red Hat.

Original Advisory:
http://seclists.org/oss-sec/2012/q4/14

http://secunia.com/advisories/50790/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Zenphoto "date" Cross-Site Scripting Vulnerability

by Carol~ Moderator - 10/4/12 1:38 PM

In Reply to: VULNERABILITIES / FIXES - October 04, 2012 by Carol~ Moderator

Release Date : 2012-10-04

Criticality level : Less critical
Impact: Cross Site Scripting
Where: From remote
Solution Status : Unpatched

Software: Zenphoto 1.x

Description:
Scott Herbert has discovered a vulnerability in Zenphoto, which can be exploited by malicious people to conduct cross-site scripting attacks.

Input passed via the "date" parameter to zp-core/zp-extensions/zenpage/admin-news-articles.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

The vulnerability is confirmed in versions 1.4.3.2 and 1.4.3.3. Other versions may also be affected.

Solution:
No official solution is currently available.

Provided and/or discovered by:
Scott Herbert.

Original Advisory:
Scott Herbert:
http://scott-herbert.com/blog/2012/10/02/cookie-stealing-and-xss-vulnerable-in-zenphotoversion-1-4-3-2-1130

http://secunia.com/advisories/50799/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Forum Icon Legend

  • UnreadUnread
  • ReadRead
  • Locked threadLocked thread
  •   
  •   
  •   
  •   
  •   
  •   
  •   
  • ModeratorModerator
  • CNET StaffCNET Staff
  • Samsung StaffSamsung Staff
  • Norton Authorized Support TeamNorton Authorized Support Team
  • AVG StaffAVG Staff
  • avast! Staffavast! Staff
  • Webroot Support TeamWebroot Support Team
  • Acer Customer Experience TeamAcer Customer Experience Team
  • Windows Outreach TeamWindows Outreach Team
  • DISH staffDISH staff
  • Dell StaffDell Staff
  • Intel StaffIntel Staff
  • QuestionQuestion
  • Resolved questionResolved question
  • General discussionGeneral discussion
  • TipTip
  • Alert or warningAlert or warning
  • PraisePraise
  • RantRant

You are e-mailing the following post: Post Subject

Your e-mail address is used only to let the recipient know who sent the e-mail and in case of transmission error. Neither your address nor the recipient's address will be used for any other purpose.

Sorry, there was a problem emailing this post. Please try again.

Submit Email Cancel

Thank you. Sent email to

Close

Thank you. Sent email to

Close

You are reporting the following post: Post Subject

If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.

Offensive: Sexually explicit or offensive language

Spam: Advertisements or commercial links

Disruptive posting: Flaming or offending other users

Illegal activities: Promote cracked software, or other illegal content

Sorry, there was a problem submitting your post. Please try again.

Submit Report Cancel

Your message has been submitted and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.

Close

Your message has been submitted and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.

Close

You are posting a reply to: Post Subject

The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to the CNET Forums policies for details. All submitted content is subject to CBS Interactive Site Terms of Use.

You are currently tracking this discussion. Click here to manage your tracked discussions.

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

Sorry, there was a problem submitting your post. Please try again.

Sorry, there was a problem generating the preview. Please try again.

Duplicate posts are not allowed in the forums. Please edit your post and submit again.

Submit Reply Preview Cancel

Thank you, , your post has been submitted.

> Click here to view your post. > Manage your tracked discussions. > Track this discussion. Close

Thank you, , your post has been submitted and will appear on our site shortly.

Close