Ad: Manage updates with the Download App
ie8 fix

Spyware, viruses, & security forum: VULNERABILITIES / FIXES - December 24, 2012

by: Carol~ December 24, 2012 9:30 AM PST

Like this

0 people like this thread

Staff pick

VULNERABILITIES / FIXES - December 24, 2012

by Carol~ Moderator - 12/24/12 9:30 AM

SUSE update for chromium

Release Date : 2012-12-24

Criticality level : Highly critical
Impact : Unknown
System access
Where : From remote
Solution Status : Vendor Patch

Operating System : openSUSE 12.1
openSUSE 12.2

Description:
SUSE has issued an update for chromium. This fixes multiple vulnerabilities, where one has an unknown impact and others can be exploited by malicious people to compromise a user's system.

Solution:
Apply updated packages via the zypper package manager.

Original Advisory:
openSUSE-SU-2012:1682-1:
http://lists.opensuse.org/opensuse-updates/2012-12/msg00073.html

http://secunia.com/advisories/51685/


Reply
Report offensive post
Email to friend

pfSense Multiple Vulnerabilities

by Carol~ Moderator - 12/24/12 9:35 AM

In Reply to: VULNERABILITIES / FIXES - December 24, 2012 by Carol~ Moderator

Release Date : 2012-12-24

Criticality level : Highly critical
Impact : Exposure of sensitive information
Privilege escalation
DoS
System access
Where : From remote
Solution Status : Vendor Patch

Operating System: pfSense 2.x

Description:
pfSense has acknowledged multiple vulnerabilities in pfSense, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to disclose potentially sensitive information, cause a DoS (Denial of Service), and potentially compromise an application using the library.

The vulnerabilities are reported in versions prior to 2.0.2.

Solution:
Update to version 2.0.2.

Original Advisory:
http://blog.pfsense.org/?p=676

http://secunia.com/advisories/51674/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

ownCloud Security Bypass Security Issue and Cross-Site

by Carol~ Moderator - 12/24/12 9:35 AM

In Reply to: VULNERABILITIES / FIXES - December 24, 2012 by Carol~ Moderator

ownCloud Security Bypass Security Issue and Cross-Site Scripting Vulnerability

Release Date : 2012-12-24

Criticality level : Moderately critical
Impact : Security Bypass
Cross Site Scripting
Where : From remote
Solution Status : Vendor Patch

Software: ownCloud 4.x

Description:
A security issue and a vulnerability has been reported in ownCloud, which can be exploited by malicious people to conduct cross-site scripting attacks and bypass certain security restrictions.

1) An error due to the application not verifying permissions when accessing settings.php can be exploited to change the app configuration for user_webdavauth and user_ldap and subsequently login as arbitrary users.

Successful exploitation of this vulnerability requires the plugins to be enabled.

2) Certain input passed to apps/bookmark/index.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

The security issue and the vulnerability are reported in versions prior to 4.5.5 and 4.0.10.

Solution:
Update to version 4.5.5 or 4.0.10

Provided and/or discovered by:
1) Reported by the vendor
2) The vendor credits Yuji Kosuga

Original Advisory:
http://owncloud.org/security/advisories/oc-sa-2012-006/
http://owncloud.org/security/advisories/oc-sa-2012-007/

http://secunia.com/advisories/51614/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

WordPress Clockstone Theme upload.php Arbitrary File Upload

by Carol~ Moderator - 12/24/12 9:35 AM

In Reply to: VULNERABILITIES / FIXES - December 24, 2012 by Carol~ Moderator

WordPress Clockstone Theme upload.php Arbitrary File Upload Vulnerability

Release Date : 2012-12-24

Criticality level : Highly critical
Impact : System access
Where : From remote
Solution Status : Vendor Patch

Software: WordPress Clockstone Theme 1.x

Description:
DigiP has reported a vulnerability in the Clockstone theme for WordPress, which can be exploited by malicious people to compromise a vulnerable system.

The vulnerability is caused due to the wp-content/themes/clockstone/theme/functions/upload.php script allowing the upload of files with arbitrary extensions to a folder inside the webroot. This can be exploited to execute arbitrary PHP code by uploading a malicious PHP script.

The vulnerability is reported in versions 1.2 and prior.

Solution:
Reportedly fixed by the vendor (please contact the vendor for details).

Provided and/or discovered by:
DigiP

Original Advisory:
http://www.attack-scanner.com/security/clockstone-and-other-various-cmsmasters-themes-flaw-patched/

http://secunia.com/advisories/51619/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Tiki Wiki CMS/Groupware "unserialize()" Arbitrary PHP Code

by Carol~ Moderator - 12/24/12 9:35 AM

In Reply to: VULNERABILITIES / FIXES - December 24, 2012 by Carol~ Moderator

Tiki Wiki CMS/Groupware "unserialize()" Arbitrary PHP Code Execution Vulnerabilities

Release Date : 2012-12-24

Criticality level : Highly critical
Impact : System access
Where : From remote
Solution Status : Vendor Patch

Software: Tiki Wiki CMS/Groupware 6.x
Tiki Wiki CMS/Groupware 9.x

Description:
Some vulnerabilities have been reported in Tiki Wiki CMS/Groupware, which can be exploited by malicious people to compromise a vulnerable system.

The vulnerabilities are caused due to certain scripts using "unserialize()" with user controlled input and can be exploited to potentially execute arbitrary PHP code.

The vulnerabilities are reported in versions prior to 6.9 and 9.3.

Solution:
Update to version 6.9 or 9.3.

Provided and/or discovered by:
The vendor credits Lukas Reschke, StatusCode and Egix.

Original Advisory:
http://info.tiki.org/article210-Tiki-10-0-is-here
http://sourceforge.net/p/tikiwiki/code/44330
http://sourceforge.net/p/tikiwiki/code/44361

http://secunia.com/advisories/51650/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Hero Framework Cross-Site Scripting and Request Forgery

by Carol~ Moderator - 12/24/12 9:35 AM

In Reply to: VULNERABILITIES / FIXES - December 24, 2012 by Carol~ Moderator

Hero Framework Cross-Site Scripting and Request Forgery Vulnerabilities

Release Date : 2012-12-24

Criticality level : Less critical
Impact : Cross Site Scripting
Where : From remote
Solution Status : Unpatched

Software: Hero Framework 3.x

Description:
Stefan Schurtz has discovered multiple vulnerabilities in Hero Framework, which can be exploited by malicious people to conduct cross-site scripting and request forgery attacks.

1) Input passed to the "q" parameter in search and "username" parameter in users/login (when "errors" is set to "true") is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

2) The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. change the first and last name of users if a logged-in user visits a malicious web site.

Note: This can further be exploited to conduct script insertion attacks.

The vulnerabilities are confirmed in version 3.76. Other versions may also be affected.

Solution:
No official solution is currently available.

Provided and/or discovered by:
Stefan Schurtz

Original Advisory:
http://www.darksecurity.de/index.php?/227-SSCHADV2012-023-Hero-Framework-3.76-Cross-site-Scripting-vulnerability.html

http://secunia.com/advisories/51668/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

IBM Rational System Architect Multiple Java Vulnerabilities

by Carol~ Moderator - 12/24/12 9:36 AM

In Reply to: VULNERABILITIES / FIXES - December 24, 2012 by Carol~ Moderator

Release Date : 2012-12-24

Criticality level : Highly critical
Impact : Manipulation of data
Exposure of sensitive information
DoS
System access
Where : From remote
Solution Status : Vendor Patch

Software: IBM Rational System Architect 11.x

Description:
IBM has acknowledged multiple vulnerabilities in IBM Rational System Architect, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and potentially compromise a vulnerable system.

The vulnerabilities are reported in versions prior to 11.4.2.2.

Solution:
Update to version 11.4.2.2.

Original Advisory:
http://www.ibm.com/support/docview.wss?uid=swg21620037

http://secunia.com/advisories/51684/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Novell iPrint Client "op-client-interface-version" Code

by Carol~ Moderator - 12/24/12 9:37 AM

In Reply to: VULNERABILITIES / FIXES - December 24, 2012 by Carol~ Moderator

Novell iPrint Client "op-client-interface-version" Code Execution Vulnerability

Release Date : 2012-12-24

Criticality level : Highly critical
Impact : System access
Where : From remote
Solution Status : Vendor Patch

Software: Novell iPrint Client 5.x

Description:
A vulnerability has been reported in Novell iPrint Client, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to an unspecified error when handling the "op-client-interface-version" parameter. No further information is currently available.

Successful exploitation may allow execution of arbitrary code.

The vulnerability is reported in versions prior to 5.82.

Solution:
Update to version 5.82

Provided and/or discovered by:
The vendor credits Brian Gorenc, HP DVLabs.

Original Advisory:
Novell:
http://www.novell.com/support/kb/doc.php?id=7008708

http://secunia.com/advisories/51616/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

IBM Tivoli NetView for z/OS Privilege Escalation

by Carol~ Moderator - 12/24/12 10:25 AM

In Reply to: VULNERABILITIES / FIXES - December 24, 2012 by Carol~ Moderator

IBM Tivoli NetView for z/OS Privilege Escalation Vulnerability

Release Date : 2012-12-24

Criticality level: Less critical
Impact : Privilege escalation
Where : Local system
Solution Status: Vendor Patch

Software: IBM Tivoli NetView for z/OS 1.x
IBM Tivoli Netview for z/OS 5.x
IBM Tivoli NetView for z/OS 6.x

Description:
A vulnerability has been reported in IBM Tivoli NetView for z/OS, which can be exploited by malicious, local users to gain escalated privileges.

The vulnerability is caused due to an unspecified error, which may allow a Unix System Services (USS) user to execute programs with the privileges of the NetView application.

The vulnerability is reported in versions 1.4, 5.1 through 5.4, and 6.1.

Solution:
Apply APARs OA41061, OA41060, and OA41059.

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
IBM (OA41061, OA41060, OA41059):
http://www.ibm.com/support/docview.wss?uid=swg21621163

http://secunia.com/advisories/51680/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

IBM Rational Synergy Java Multiple Vulnerabilities

by Carol~ Moderator - 12/24/12 10:26 AM

In Reply to: VULNERABILITIES / FIXES - December 24, 2012 by Carol~ Moderator

Release Date : 2012-12-24

Criticality level : Highly critical
Impact : Cross Site Scripting
Spoofing
Manipulation of data
Exposure of sensitive information
DoS
System access
Where : From remote
Solution Status : Vendor Patch

Software: IBM Rational Synergy 7.x

Description:
IBM has acknowledged some vulnerabilities in IBM Rational Synergy, which can be exploited by malicious people to conduct spoofing and cross-site scripting attacks, disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.

The vulnerabilities are reported in versions prior to 7.1.0.7.

Solution:
Update to version 7.1.0.7.

Original Advisory:
IBM:
http://www.ibm.com/support/docview.wss?uid=swg21618977

http://secunia.com/advisories/51681/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

IBM Rational Method Composer Java Multiple Vulnerabilities

by Carol~ Moderator - 12/24/12 11:06 AM

In Reply to: VULNERABILITIES / FIXES - December 24, 2012 by Carol~ Moderator

Release Date : 2012-12-24

Criticality level : Highly critical
Impact : Manipulation of data
Exposure of sensitive information
DoS
System access
Where : From remote
Solution Status : Vendor Patch

Software: IBM Rational Method Composer 7.x

Description:
IBM has acknowledged multiple vulnerabilities in IBM Rational Method Composer, which can be exploited by malicious, local users to disclose potentially sensitive information, manipulate certain data, and cause a DoS (Denial of Service) and by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS, and compromise a vulnerable system.

The vulnerabilities are reported in versions prior to 7.5.2.1.

Solution:
Update to versions 7.5.2.1.

Original Advisory:
http://www.ibm.com/support/docview.wss?uid=swg21620862

http://secunia.com/advisories/51682/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Novell eDirectory Multiple Vulnerabilities

by Carol~ Moderator - 12/24/12 11:07 AM

In Reply to: VULNERABILITIES / FIXES - December 24, 2012 by Carol~ Moderator

Release Date : 2012-12-24

Criticality level : Moderately critical
Impact : System access
DoS
Cross Site Scripting
Where : From remote
Solution Status : Vendor Patch

Software: Novell eDirectory 8.x

Description:
Some vulnerabilities have been reported in Novell eDirectory, which can be exploited by malicious users to cause a DoS (Denial of Service) and by malicious people to conduct cross-site scripting attacks and compromise a vulnerable system.

1) An error within the dhost service when handling certain characters can be exploited to crash the service via a specially crafted HTTP request.

NOTE: This vulnerability affects the Windows platform only.

2) Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

3) An error in the NCP implementation can be exploited to cause a stack-based buffer overflow.

Successful exploitation of this vulnerability may allow execution of arbitrary code.

The vulnerabilities are reported in versions prior to 8.8.7.2 and 8.8.6.7.

Solution:
Update to version 8.8.7.2 or 8.8.6.7.

Provided and/or discovered by:
1, 2) The vendor credits Positive Technologies.
3) Reported by the vendor.

Original Advisory:
http://www.novell.com/support/kb/doc.php?id=3426981
http://www.novell.com/support/kb/doc.php?id=7011533
http://www.novell.com/support/kb/doc.php?id=7011538
http://www.novell.com/support/kb/doc.php?id=7011539

http://secunia.com/advisories/51667/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

FireFly Media Server HTTP Header Parsing Denial of Service

by Carol~ Moderator - 12/24/12 11:07 AM

In Reply to: VULNERABILITIES / FIXES - December 24, 2012 by Carol~ Moderator

FireFly Media Server HTTP Header Parsing Denial of Service Vulnerability

Release Date : 2012-12-24

Criticality level : Less critical
Impact : DoS
Where : From local network
Solution Status : Unpatched

Software: FireFly Media Server 1.x

Description:
High-Tech Bridge has discovered a vulnerability in FireFly Media Server, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to a NULL-pointer dereference error within firefly.exe when parsing HTTP headers and can be exploited to crash the server via a specially crafted request.

The vulnerability is confirmed in version 1.0.0.1359. Other versions may also be affected.

Solution:
No official solution is currently available.

Provided and/or discovered by:
High-Tech Bridge

Original Advisory:
https://www.htbridge.com/advisory/HTB23129

http://secunia.com/advisories/51606/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Forum Icon Legend

  • UnreadUnread
  • ReadRead
  • Locked threadLocked thread
  •   
  •   
  •   
  •   
  •   
  •   
  •   
  • ModeratorModerator
  • CNET StaffCNET Staff
  • Samsung StaffSamsung Staff
  • Norton Authorized Support TeamNorton Authorized Support Team
  • AVG StaffAVG Staff
  • avast! Staffavast! Staff
  • Webroot Support TeamWebroot Support Team
  • Acer Customer Experience TeamAcer Customer Experience Team
  • Windows Outreach TeamWindows Outreach Team
  • DISH staffDISH staff
  • Dell StaffDell Staff
  • Intel StaffIntel Staff
  • QuestionQuestion
  • Resolved questionResolved question
  • General discussionGeneral discussion
  • TipTip
  • Alert or warningAlert or warning
  • PraisePraise
  • RantRant

You are e-mailing the following post: Post Subject

Your e-mail address is used only to let the recipient know who sent the e-mail and in case of transmission error. Neither your address nor the recipient's address will be used for any other purpose.

Sorry, there was a problem emailing this post. Please try again.

Submit Email Cancel

Thank you. Sent email to

Close

Thank you. Sent email to

Close

You are reporting the following post: Post Subject

If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.

Offensive: Sexually explicit or offensive language

Spam: Advertisements or commercial links

Disruptive posting: Flaming or offending other users

Illegal activities: Promote cracked software, or other illegal content

Sorry, there was a problem submitting your post. Please try again.

Submit Report Cancel

Your message has been submitted and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.

Close

Your message has been submitted and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.

Close

You are posting a reply to: Post Subject

The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to the CNET Forums policies for details. All submitted content is subject to CBS Interactive Site Terms of Use.

You are currently tracking this discussion. Click here to manage your tracked discussions.

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

Sorry, there was a problem submitting your post. Please try again.

Sorry, there was a problem generating the preview. Please try again.

Duplicate posts are not allowed in the forums. Please edit your post and submit again.

Submit Reply Preview Cancel

Thank you, , your post has been submitted.

> Click here to view your post. > Manage your tracked discussions. > Track this discussion. Close

Thank you, , your post has been submitted and will appear on our site shortly.

Close