Ad: Manage updates with the Download App
ie8 fix

Spyware, viruses, & security forum: VULNERABILITIES / FIXES - January 14, 2012

by: Carol~ January 14, 2013 7:10 AM PST

Like this

0 people like this thread

Staff pick

VULNERABILITIES / FIXES - January 14, 2012

by Carol~ Moderator - 1/14/13 7:10 AM

Avaya CMS Oracle Solaris Multiple Vulnerabilities

Release Date : 2013-01-14

Criticality level : Highly critical
Impact : Privilege escalation
DoS
System access
Where : From remote
Solution Status: Vendor Patch

Operating System: Avaya Call Management System (CMS)

Description:
Avaya has acknowledged multiple vulnerabilities in Avaya Call Management System, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.

The vulnerabilities are reported in versions R15 and R16 through R16.3.

Solution
Update to version R16.3eg.f.

Original Advisory:
ASA-2012-056:
https://downloads.avaya.com/css/P8/documents/100156057

ASA-2012-176:
https://downloads.avaya.com/css/P8/documents/100161000

http://secunia.com/advisories/51857/


Reply
Report offensive post
Email to friend

Siemens SIMATIC RF Manager ActiveX Control Buffer Overflow

by Carol~ Moderator - 1/14/13 7:14 AM

In Reply to: VULNERABILITIES / FIXES - January 14, 2012 by Carol~ Moderator

Siemens SIMATIC RF Manager ActiveX Control Buffer Overflow Vulnerability

Release Date : 2013-01-14

Criticality level : Highly critical
Impact : System access
Where : From remote
Solution Status: Vendor Patch

Software: Siemens SIMATIC RF Manager 2008
Siemens SIMATIC RF Manager Basic 3.x

Description:
A vulnerability has been reported in Siemens SIMATIC RF Manager, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to an error in an unspecified ActiveX control and can be exploited to cause a buffer overflow.

Successful exploitation may allow execution of arbitrary code.

The vulnerability is reported in RF-MANAGER 2008 and RF-MANAGER Basic versions 3.0 and prior.

Solution:
Patch is available by contacting vendor support (see the vendor's advisory for more details).

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-099741.pdf

http://secunia.com/advisories/51845/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

BlackBerry Tablet OS Adobe Flash Player and Samba Multiple

by Carol~ Moderator - 1/14/13 7:14 AM

In Reply to: VULNERABILITIES / FIXES - January 14, 2012 by Carol~ Moderator

BlackBerry Tablet OS Adobe Flash Player and Samba Multiple Vulnerabilities

Release Date : 2013-01-14

Criticality level : Highly critical
Impact : System access
Where : From remote
Solution Status: Vendor Patch

Operating System: BlackBerry Tablet OS 2.x

Description:
Multiple vulnerabilities have been reported in BlackBerry Tablet OS, which can be exploited by malicious people to compromise a user's system.

1) Some errors exists due to a vulnerable bundled version of Adobe Flash Player.

2) An error exists due to an error in the Samba component.

The vulnerabilities are reported in versions 2.1.0.1032 and prior.

Solution:
Update to version 2.1.0.1088.

Original Advisory:
BlackBerry (BSRT-2013-001, BSRT-2013-002):
http://www.blackberry.com/btsc/KB32019
http://www.blackberry.com/btsc/KB32189

http://secunia.com/advisories/51830/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Debian update for asterisk

by Carol~ Moderator - 1/14/13 7:14 AM

In Reply to: VULNERABILITIES / FIXES - January 14, 2012 by Carol~ Moderator

Release Date : 2013-01-14

Criticality level : Highly critical
Impact : DoS
System access
Where : From remote
Solution Status: Vendor Patch

Operating System : Debian GNU/Linux 6.0

Description:
Debian has issued an update for asterisk. This fixes multiple vulnerabilities, which can be exploited by malicious users to cause a DoS (Denial of Service) and by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.

Solution:
Apply updated packages via the apt-get package manager.

Original Advisory:
DSA-2605-1:
http://www.debian.org/security/2013/dsa-2605

http://secunia.com/advisories/51822/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Debian update for proftpd-dfsg

by Carol~ Moderator - 1/14/13 7:14 AM

In Reply to: VULNERABILITIES / FIXES - January 14, 2012 by Carol~ Moderator

Release Date : 2013-01-14

Criticality level : Less critical
Impact: Privilege escalation
Where : Local system
Solution Status: Vendor Patch

Operating System: Debian GNU/Linux 6.0

Description:
Debian has issued an update for proftpd-dfsg. This fixes a security issue, which can be exploited by malicious, local users to gain escalated privileges.

Solution:
Apply updated packages via the apt-get package manager.

Original Advisory:
DSA-2606-1:
http://www.debian.org/security/2013/dsa-2606

http://secunia.com/advisories/51823/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

CoDeSys Authentication Bypass and Directory Traversal

by Carol~ Moderator - 1/14/13 8:04 AM

In Reply to: VULNERABILITIES / FIXES - January 14, 2012 by Carol~ Moderator

CoDeSys Authentication Bypass and Directory Traversal Vulnerabilities

Release Date : 2013-01-14

Criticality level : Moderately critical
Impact : Security Bypass
System access
Where : From local network
Solution Status: Vendor Patch

Software: CoDeSys 2.x

Description:
Digital Bond has reported two vulnerabilities in CoDeSys, which can be exploited by malicious people to bypass certain security restrictions and compromise a vulnerable system.

1) An error within the authentication mechanism does not properly restrict access to the device and can be exploited to perform certain administrative tasks.

2) Certain input passed to the file transfer functionality is not properly verified before being used to access files. This can be exploited to read, delete, or upload arbitrary files via directory traversal sequences.

The vulnerabilities are reported in versions 2.3.x and 2.4.x.

Solution:
Apply patches (please contact the vendor for more information).

Provided and/or discovered by:
Reid Wightman, Digital Bond.

Original Advisory:
ICS-CERT (ICSA-13-011-01):
http://www.us-cert.gov/control_systems/pdf/ICSA-13-011-01.pdf

CoDeSys:
http://www.codesys.com/news-events/press-releases/detail/article/sicherheitsluecke-in-codesys-v23-laufzeitsystem.html

http://secunia.com/advisories/51847/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

IBM System Storage TS3310 Tape Library OpenSSL Denial of

by Carol~ Moderator - 1/14/13 8:15 AM

In Reply to: VULNERABILITIES / FIXES - January 14, 2012 by Carol~ Moderator

IBM System Storage TS3310 Tape Library OpenSSL Denial of Service Vulnerability

Release Date : 2013-01-14

Criticality level : Less critical
Impact : DoS
Where : From local network
Solution Status: Vendor Patch

Operating System: IBM System Storage TS3310 Tape Library

Description:
IBM has acknowledged a vulnerability in IBM System Storage TS3310 Tape Library, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to a bundled vulnerable version of OpenSSL.

The vulnerability is reported in firmware versions prior to 630G.

Solution:
Update to firmware versions 630G.

Original Advisory:
http://www.ibm.com/support/docview.wss?uid=ssg1S1004262

http://secunia.com/advisories/51851/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

IBM Intelligent Operations Center Event Data Script

by Carol~ Moderator - 1/14/13 8:15 AM

In Reply to: VULNERABILITIES / FIXES - January 14, 2012 by Carol~ Moderator

IBM Intelligent Operations Center Event Data Script Insertion Vulnerability

Release Date : 2012-12-18
Last Update : 2013-01-14

Criticality level : Less critical
Impact : Cross Site Scripting
Where : From local network
Solution Status : Vendor Patch

Software: IBM Intelligent Operations Center 1.x

Description:
A vulnerability has been reported in IBM Intelligent Operations Center, which can be exploited by malicious people to conduct script insertion attacks.

Input passed via event data is not properly sanitised before being displayed to the user. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed.

The vulnerability is reported in version 1.5.0.

Solution:
Apply interim fix PO00211.

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
IBM (PO00211):
http://www.ibm.com/support/docview.wss?uid=swg24034020
http://www.ibm.com/support/docview.wss?uid=swg21622222
http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm_intelligent_operations_center_vulnerability_in_incoming_event_data_fields_cve_2012_63604

http://secunia.com/advisories/51591


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Microsoft Internet Explorer "CDwnBindInfo" Use-After-Free

by Carol~ Moderator - 1/14/13 2:27 PM

In Reply to: VULNERABILITIES / FIXES - January 14, 2012 by Carol~ Moderator

Microsoft Internet Explorer "CDwnBindInfo" Use-After-Free Vulnerability

Release Date: 2012-12-30
Last Update : 2013-01-14

Criticality level : Extremely critical
Impact : System access
Where : From remote
Solution Status: Vendor Patch

Software: Microsoft Internet Explorer 6.x
Microsoft Internet Explorer 7.x
Microsoft Internet Explorer 8.x

Description:
A vulnerability has been reported in Microsoft Internet Explorer, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to a use-after-free error when handling the "CDwnBindInfo" object and can be exploited to dereference an already freed object.

Successful exploitation allows execution of arbitrary code.

NOTE: This is currently being actively exploited in targeted attacks.

Solution:
Apply updates.

Provided and/or discovered by:
Reported as a 0-day.

Original Advisory:
MS13-008 (KB2799329):
http://technet.microsoft.com/en-us/security/bulletin/ms13-008

http://technet.microsoft.com/en-us/security/advisory/2794220
http://support.microsoft.com/kb/2794220

http://secunia.com/advisories/51695


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Icinga history.cgi "show_history()" Buffer Overflow

by Carol~ Moderator - 1/14/13 2:27 PM

In Reply to: VULNERABILITIES / FIXES - January 14, 2012 by Carol~ Moderator

Icinga history.cgi "show_history()" Buffer Overflow Vulnerability

Release Date : 2013-01-14

Criticality level : Highly critical
Impact : System access
Where : From remote
Solution Status : Vendor Patch

Software: Icinga 1.x

Description:
A vulnerability has been reported in Icinga, which can be exploited by malicious people to compromise a vulnerable system.

The vulnerability is caused due to a boundary error within the "show_history()" function (history.c) within history.cgi when handling certain parameters, which can be exploited to cause a stack-based buffer overflow via an overly long "host" parameter.

Successful exploitation may allow execution of arbitrary code.

The vulnerability is reported in versions 1.6.1, 1.7.3, and 1.8.3. Prior versions may also be affected.

Solution:
Update to version 1.6.2, 1.7.4, or 1.8.4.

Original Advisory:
Icinga:
https://www.icinga.org/2013/01/14/icinga-1-6-2-1-7-4-1-8-4-released/

http://secunia.com/advisories/51863/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Nagios history.cgi "get_history()" Buffer Overflow

by Carol~ Moderator - 1/14/13 2:32 PM

In Reply to: VULNERABILITIES / FIXES - January 14, 2012 by Carol~ Moderator

Nagios history.cgi "get_history()" Buffer Overflow Vulnerability

Release Date : 2012-12-19
Last Update : 2013-01-14

Criticality level : Highly critical
Impact : System access
Where : From remote
Solution Status : Vendor Patch

Software: Nagios 3.x

Description:
temp66 has reported a vulnerability in Nagios, which can be exploited by malicious people to compromise a vulnerable system.

The vulnerability is caused due to a boundary error within the "get_history()" function (history.c) within history.cgi when handling certain parameters, which can be exploited to cause a stack-based buffer overflow via an overly long "host" parameter.

Successful exploitation may allow execution of arbitrary code.

The vulnerability is reported in version 3.4.3. Prior versions may also be affected.

Solution:
Update to version 3.4.4.

Provided and/or discovered by:
temp66

Original Advisory:
Nagios:
http://www.nagios.org/projects/nagioscore/history/core-3x

temp66:
http://archives.neohapsis.com/archives/fulldisclosure/2012-12/0108.html

http://secunia.com/advisories/51537


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

WordPress WP Photo Album Plus Plugin "wppa-tag" Cross-Site

by Carol~ Moderator - 1/14/13 2:44 PM

In Reply to: VULNERABILITIES / FIXES - January 14, 2012 by Carol~ Moderator

WordPress WP Photo Album Plus Plugin "wppa-tag" Cross-Site Scripting Vulnerability

Release Date : 2013-01-14

Criticality level : Less critical
Impact : Cross Site Scripting
Where : From remote
Solution Status: Vendor Patch

Software: WordPress WP Photo Album Plus Plugin 4.x

Description:
A vulnerability has been reported in the WP Photo Album Plus plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.

Input passed via the "wppa-tag" parameter to index.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

The vulnerability is reported in versions prior to 4.9.3.

Solution:
Update to version 4.9.3.

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
WP Photo Album Plus:
http://wordpress.org/extend/plugins/wp-photo-album-plus/changelog/
http://plugins.trac.wordpress.org/changeset/651655/wp-photo-album-plus/trunk/wppa-functions.php?old=651254&old_path=wp-photo-album-plus%2Ftrunk%2Fwppa-functions.php

http://secunia.com/advisories/51829/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Forum Icon Legend

  • UnreadUnread
  • ReadRead
  • Locked threadLocked thread
  •   
  •   
  •   
  •   
  •   
  •   
  •   
  • ModeratorModerator
  • CNET StaffCNET Staff
  • Samsung StaffSamsung Staff
  • Norton Authorized Support TeamNorton Authorized Support Team
  • AVG StaffAVG Staff
  • avast! Staffavast! Staff
  • Webroot Support TeamWebroot Support Team
  • Acer Customer Experience TeamAcer Customer Experience Team
  • Windows Outreach TeamWindows Outreach Team
  • DISH staffDISH staff
  • Dell StaffDell Staff
  • Intel StaffIntel Staff
  • QuestionQuestion
  • Resolved questionResolved question
  • General discussionGeneral discussion
  • TipTip
  • Alert or warningAlert or warning
  • PraisePraise
  • RantRant

You are e-mailing the following post: Post Subject

Your e-mail address is used only to let the recipient know who sent the e-mail and in case of transmission error. Neither your address nor the recipient's address will be used for any other purpose.

Sorry, there was a problem emailing this post. Please try again.

Submit Email Cancel

Thank you. Sent email to

Close

Thank you. Sent email to

Close

You are reporting the following post: Post Subject

If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.

Offensive: Sexually explicit or offensive language

Spam: Advertisements or commercial links

Disruptive posting: Flaming or offending other users

Illegal activities: Promote cracked software, or other illegal content

Sorry, there was a problem submitting your post. Please try again.

Submit Report Cancel

Your message has been submitted and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.

Close

Your message has been submitted and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.

Close

You are posting a reply to: Post Subject

The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to the CNET Forums policies for details. All submitted content is subject to CBS Interactive Site Terms of Use.

You are currently tracking this discussion. Click here to manage your tracked discussions.

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

Sorry, there was a problem submitting your post. Please try again.

Sorry, there was a problem generating the preview. Please try again.

Duplicate posts are not allowed in the forums. Please edit your post and submit again.

Submit Reply Preview Cancel

Thank you, , your post has been submitted.

> Click here to view your post. > Manage your tracked discussions. > Track this discussion. Close

Thank you, , your post has been submitted and will appear on our site shortly.

Close