Ad: Manage updates with the Download App
ie8 fix

Spyware, viruses, & security forum: VULNERABILITIES / FIXES - February 25, 2013

by: Carol~ February 25, 2013 8:22 AM PST

Like this

0 people like this thread

Staff pick

VULNERABILITIES / FIXES - February 25, 2013

by Carol~ Moderator - 2/25/13 8:22 AM

Debian update for squid3

Release Date : 2013-02-25

Criticality level : Less critical
Impact : DoS
Where : From remote
Solution Status : Vendor Patch

Operating System: Debian GNU/Linux 6.0

Description:
Debian has issued an update for squid3. This fixes a vulnerability, which can be exploited by malicious users to cause a DoS (Denial of Service).

Solution:
Apply updated packages via the apt-get package manager.

Original Advisory:
DSA-2631-1:
http://www.debian.org/security/2013/dsa-2631

http://secunia.com/advisories/52370/


Reply
Report offensive post
Email to friend

Hitachi Cosminexus Products Oracle Java Multiple

by Carol~ Moderator - 2/25/13 8:27 AM

In Reply to: VULNERABILITIES / FIXES - February 25, 2013 by Carol~ Moderator

Hitachi Cosminexus Products Oracle Java Multiple Vulnerabilities

Release Date : 2013-02-25

Criticality level : Highly critical
Impact : Manipulation of data
Exposure of sensitive information
DoS
System access
Where: From remote
Solution Status : Vendor Patch

Software:
Cosminexus 5.x
Cosminexus 6.x
Cosminexus 7.x
Cosminexus 8.x
Cosminexus 9.x
Cosminexus Application Server 5.x
Cosminexus Application Server 6.x
Cosminexus Client 6.x
Cosminexus Developer 5.x
Cosminexus Developer 6.x
Cosminexus Server 4.x
Cosminexus Studio 4.x
Cosminexus Studio 5.x
uCosminexus Application Server
uCosminexus Client
uCosminexus Developer
uCosminexus Operator
uCosminexus Service Architect
uCosminexus Service Platform

Description:
Hitachi has acknowledged multiple vulnerabilities in multiple Cosminexus products, which can be exploited by malicious people to disclose certain sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.

The vulnerabilities exist in the bundled version of Cosminexus Developer's Kit for Java.

Please see the vendor's advisory for a list of affected products and versions.

Solution:
Apply updates (please see the vendor's advisory for details).

Original Advisory:
HS13-004:
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-004/index.html

http://secunia.com/advisories/52354/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Samsung Galaxy S III Emergency Contacts Home Button Passcode

by Carol~ Moderator - 2/25/13 8:27 AM

In Reply to: VULNERABILITIES / FIXES - February 25, 2013 by Carol~ Moderator

Samsung Galaxy S III Emergency Contacts Home Button "Passcode Lock" Bypass Weakness

Release Date : 2013-02-25

Criticality level : Not critical
Impact : Security Bypass
Where : Local system
Solution Status : Unpatched

Operating System: Samsung Galaxy S III

Description:
MTI Technology has discovered a weakness in Samsung Galaxy S III, which can be exploited by malicious people with physical access to bypass certain security restrictions.

The weakness is caused due to an error when handling the home button within the emergency contacts, which can be exploited to partially bypass the "Passcode Lock" feature by enabling voice commands and e.g. conduct phone calls.

The weakness is confirmed on Samsung Galaxy S III GT-19305 running with kernel version 3.0.31-746327 and Android version 4.1.2. Other versions may also be affected.

Solution:
No official solution is currently available.

Provided and/or discovered by:
MTI Technology

Original Advisory:
http://archives.neohapsis.com/archives/bugtraq/2013-02/0122.html

http://secunia.com/advisories/52384/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Apache Maven / Apache Maven Wagon SSL Certificate

by Carol~ Moderator - 2/25/13 8:29 AM

In Reply to: VULNERABILITIES / FIXES - February 25, 2013 by Carol~ Moderator

Apache Maven / Apache Maven Wagon SSL Certificate Verification Security Issue

Release Date : 2013-02-25

Criticality level : Less critical
Impact : Spoofing
Where : From remote
Solution Status : Vendor Patch

Software:
Apache Maven 3.x
Apache Maven Wagon 2.x

Description:
A security issue has been reported in Apache Maven and Apache Maven Wagon, which can be exploited by malicious people to conduct spoofing attacks.

The security issue is caused due to the application not properly verifying the SSL certificate while in the default non-secure SSL mode. This can be exploited to e.g. spoof the server via a MitM (Man-in-the-Middle) attack and e.g. disclose potentially sensitive information.

The security issue is reported in Apache Maven version 3.0.4 and Apache Maven Wagon versions 2.1, 2.2, and 2.3.

Solution:
Update to Apache Maven version 3.0.5 and Apache Maven Wagon version 2.4.

Provided and/or discovered by:
The vendor credits Graham Leggett.

Original Advisory:
http://maven.apache.org/docs/3.0.5/release-notes.html
http://maven.apache.org/security.html

http://secunia.com/advisories/52381/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Ruby REXML Denial of Service Vulnerability

by Carol~ Moderator - 2/25/13 8:31 AM

In Reply to: VULNERABILITIES / FIXES - February 25, 2013 by Carol~ Moderator

Release Date : 2013-02-25

Criticality level : Moderately critical
Impact : DoS
Where : From remote
Solution Status : Vendor Patch

Software: Ruby 1.9.x

Description:
A vulnerability has been reported in Ruby, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to an error in the REXML library when expanding XML entities. This can be exploited to consume large amounts of memory and cause a crash or hang via a specially crafted XML containing malicious attributes.

The vulnerability is reported in versions prior to 1.9.3-p392.

Solution:
Update to version 1.9.3-p392.

Provided and/or discovered by:
The vendor credits Ben Murphy.

Original Advisory:
Ruby:
http://www.ruby-lang.org/en/news/2013/02/22/rexml-dos-2013-02-22/

http://secunia.com/advisories/52363/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Honeywell Multiple Products ActiveX Control Remote Code

by Carol~ Moderator - 2/25/13 10:06 AM

In Reply to: VULNERABILITIES / FIXES - February 25, 2013 by Carol~ Moderator

Honeywell Multiple Products ActiveX Control Remote Code Execution Vulnerability

Release Date : 2013-02-25

Criticality level : Highly critical
Impact : System access
Where: From remote
Solution Status : Vendor Patch

Software:
Honeywell ComfortPoint Open Manager (CPO-M)
Honeywell Enterprise Buildings Integrator (EBI)
Honeywell SymmetrE

Description:
A vulnerability has been reported in multiple Honeywell products, which can be exploited by malicious people to compromise a vulnerable system.

The vulnerability is caused due to an unspecified error in the HscRemoteDeploy.dll module. No further information is currently available.

Successful exploitation may allow execution of arbitrary code.

The vulnerability is reported in the following products:
* Honeywell Enterprise Buildings Integrator (EBI) R310, R400.2, R410.1, and R410.2
* Honeywell SymmetrE R310, R410.1, and R410.2
* Honeywell ComfortPoint Open Manager (CPO-M) R100

Solution:
Apply Station Security Update package (please contact the vendor for more information).

Provided and/or discovered by:
ICS-CERT credits Juan Vazquez, Rapid7.

Original Advisory:
ICSA-13-053-02:
http://ics-cert.us-cert.gov/pdf/ICSA-13-053-02.pdf

http://secunia.com/advisories/52389/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

SUSE update for acroread

by Carol~ Moderator - 2/25/13 10:22 AM

In Reply to: VULNERABILITIES / FIXES - February 25, 2013 by Carol~ Moderator

Release Date : 2013-02-25

Criticality level : Highly critical
Impact : System access
Where: From remote
Solution Status : Vendor Patch

Operating System: openSUSE 12.1

Description:
SUSE has issued an update for acroread. This fixes two vulnerabilities, which can be exploited by malicious people to compromise a user's system.

Solution:
Apply updated packages via the zypper package manager.

Original Advisory:
openSUSE-SU-2013:0335-1:
http://lists.opensuse.org/opensuse-updates/2013-02/msg00068.html

http://secunia.com/advisories/52304/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

GIT "git-imap-send" SSL Certificate Verification Security

by Carol~ Moderator - 2/25/13 10:22 AM

In Reply to: VULNERABILITIES / FIXES - February 25, 2013 by Carol~ Moderator

GIT "git-imap-send" SSL Certificate Verification Security Issue

Release Date : 2013-02-25

Criticality level : Less critical
Impact : Spoofing
Where: From remote
Solution Status : Vendor Patch

Software: GIT 1.x

Description:
A security issue has been reported in GIT, which can be exploited by malicious people to conduct spoofing attacks.

The security issue is caused due to the "git-imap-send" not properly verifying IMAP server hostname against the domain name in SSL certificates. This can be exploited to e.g. spoof the server via a MitM (Man-in-the-Middle) attack and e.g. disclose potentially sensitive information.

The security issue is reported in versions prior to 1.8.1.4.

Solution:
Update to version 1.8.1.4.

Original Advisory:
https://bugzilla.novell.com/show_bug.cgi?id=804730
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701586

http://secunia.com/advisories/52361/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

CometChat Two Vulnerabilities

by Carol~ Moderator - 2/25/13 12:22 PM

In Reply to: VULNERABILITIES / FIXES - February 25, 2013 by Carol~ Moderator

Release Date: 2013-02-19
Last Update : 2013-02-25

Criticality level : Less critical
Impact: Cross Site Scripting
Exposure of system information
Where : From remote
Solution Status: Vendor Patch

Software: CometChat 4.x

Description:
Two vulnerabilities have been reported in CometChat, which can be exploited by malicious users to disclose certain system information and by malicious people to conduct cross-site scripting attacks.

1) Input passed via the "id" GET parameter to plugins/handwrite/index.php (when "basedata" is set to "null" and "embed" is set to "web") is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in the context of an affected site.

2) Input passed via the "action" GET parameter to modules/chatrooms/chatrooms.php is not properly sanitised before being passed to the "call_user_func()" function. This can be exploited to e.g. disclose certain system information by invoking the "phpinfo()" method.

The vulnerabilities are reported in versions 4.6, 4.4, and 4.0 (w/o security patch issued on 2013-02-10).

Solution:
Apply patch.

Provided and/or discovered by
B127Y.

Original Advisory:
B127Y:
http://www.janissaries.org/exploits/1

CometChat:
http://www.cometchat.com/blog/cometchat-critical-security-update/

http://secunia.com/advisories/52182


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

SUSE update for openssl

by Carol~ Moderator - 2/25/13 12:23 PM

In Reply to: VULNERABILITIES / FIXES - February 25, 2013 by Carol~ Moderator

Release Date : 2013-02-25

Criticality level : Less critical
Impact : Exposure of sensitive information
DoS
Where: From remote
Solution Status : Vendor Patch

Operating System:
openSUSE 11.4
openSUSE 12.2

Description:
SUSE has issued an update for openssl. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information and cause a DoS (Denial of Service) of the application using the library.

Solution:
Apply updated packages via the zypper package manager.

Original Advisory:
openSUSE-SU-2013:0337-1:
http://lists.opensuse.org/opensuse-updates/2013-02/msg00070.html

openSUSE-SU-2013:0339-1:
http://lists.opensuse.org/opensuse-updates/2013-02/msg00072.html

http://secunia.com/advisories/52314/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Inkscape Insecure Library Loading Vulnerability

by Carol~ Moderator - 2/25/13 12:36 PM

In Reply to: VULNERABILITIES / FIXES - February 25, 2013 by Carol~ Moderator

Release Date : 2010-09-01
Last Update : 2013-02-25

Criticality level : Highly critical
Impact : System access
Where : From remote
Solution Status : Unpatched

Software: Inkscape 0.x

Description:
A vulnerability has been discovered in Inkscape, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to the application bundling a vulnerable version of the Pthreads-win32 library, which loads libraries (e.g. quserex.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening SVG or SVGZ files located on a remote WebDAV or SMB share.

Successful exploitation allows execution of arbitrary code.

The vulnerability is confirmed in versions 0.48.0 r9654 and 0.48.4-1 running on Windows. Other versions may also be affected.

Solution:
No official solution is currently available.

Provided and/or discovered by:
Reported by an unknown person.

Original Advisory:
http://www.corelan.be:8800/index.php/2010/08/25/dll-hijacking-kb-2269637-the-unofficial-list/

http://secunia.com/advisories/41222


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

WordPress Pretty Link Lite Plugin "get-data" Cross-Site

by Carol~ Moderator - 2/25/13 1:45 PM

In Reply to: VULNERABILITIES / FIXES - February 25, 2013 by Carol~ Moderator

WordPress Pretty Link Lite Plugin "get-data" Cross-Site Scripting Vulnerability

Release Date: 2013-02-21
Last Update : 2013-02-25

Criticality level : Less critical
Impact: Cross Site Scripting
Where: From remote
Solution Status : Vendor Patch

Software: WordPress Pretty Link Lite Plugin 1.x

Description:
A vulnerability has been discovered in the Pretty Link Lite plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.

Input passed via the "get-data" GET parameter to wp-content/plugins/pretty-link/includes/version-2
-kvasir/open-flash-chart.swf is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's web browser session in the context of an affected site.

The vulnerability is confirmed in version 1.6.2. Prior versions may also be affected.

Solution:
Update to version 1.6.3.

Provided and/or discovered by:
hip

Original Advisory:
Pretty Link Lite:
http://wordpress.org/extend/plugins/pretty-link/changelog/
http://plugins.trac.wordpress.org/changeset/658428/pretty-link/trunk

hip:
http://packetstormsecurity.org/files/120433/WordPress-Pretty-Link-1.6.3-Cross-Site-Scripting.html

http://secunia.com/advisories/52246


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

SUSE update for RubyOnRails

by Carol~ Moderator - 2/25/13 1:45 PM

In Reply to: VULNERABILITIES / FIXES - February 25, 2013 by Carol~ Moderator

Release Date : 2013-02-25

Criticality level : Moderately critical
Impact : Security Bypass
Exposure of sensitive information
DoS
System access
Where: From remote
Solution Status : Vendor Patch

Operating System :
openSUSE 12.1
openSUSE 12.2

Description:
SUSE has issued an update for RubyOnRails. This fixes two security issues and multiple vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive information and by malicious people to bypass certain security restrictions, disclose potentially sensitive information, cause a DoS (Denial of Service), and compromise a vulnerable system.

Solution:
Apply updated packages via the zypper package manager.

Original Advisory:
openSUSE-SU-2013:0338-1:
http://lists.opensuse.org/opensuse-updates/2013-02/msg00071.html

http://secunia.com/advisories/52259/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

SUSE update for openssl

by Carol~ Moderator - 2/25/13 1:45 PM

In Reply to: VULNERABILITIES / FIXES - February 25, 2013 by Carol~ Moderator

Release Date : 2013-02-25

Criticality level : Highly critical
Impact : Security Bypass
Exposure of sensitive information
DoS
System access
Where: From remote
Solution Status : Vendor Patch

Operating System: openSUSE 12.1

Description:
SUSE has issued an update for openssl. This fixes multiple vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, disclose potentially sensitive information, cause a DoS (Denial of Service), and potentially compromise an application using the library.

Solution:
Apply updated packages via the zypper package manager.

Original Advisory:
openSUSE-SU-2013:0336-1:
http://lists.opensuse.org/opensuse-updates/2013-02/msg00069.html

http://secunia.com/advisories/52292/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Kerberos KDC "pkinit_check_kdc_pkid()" NULL Pointer

by Carol~ Moderator - 2/25/13 1:46 PM

In Reply to: VULNERABILITIES / FIXES - February 25, 2013 by Carol~ Moderator

Kerberos KDC "pkinit_check_kdc_pkid()" NULL Pointer Dereference Denial of Service Vulnerability

Release Date : 2013-02-25

Criticality level : Less critical
Impact : DoS
Where : From remote
Solution Status : Vendor Patch

Software: Kerberos 5.x

Description:
A vulnerability has been reported in Kerberos, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to a NULL pointer dereference error in KDC within the "pkinit_check_kdc_pkid()" function (src/plugins/preauth/pkinit/pkinit_crypto_openssl.c) and can be exploited to crash the KDC daemon by sending specially crafted packets.

Successful exploitation requires that Public Key Cryptography for Initial Authentication (PKINIT) is enabled and the attacker to have a valid PKINIT certificate, have observed a successful PKINIT authentication, or that anonymous PKINIT is enabled (disabled by default).

The vulnerability is reported in versions 1.6.3 and later.

Solution:
Update to version 1.10.4 or 1.11.1.

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
http://krbdev.mit.edu/rt/Ticket/Display.html?id=7570
http://krbdev.mit.edu/rt/Ticket/Display.html?id=7577

http://secunia.com/advisories/52390/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Forum Icon Legend

  • UnreadUnread
  • ReadRead
  • Locked threadLocked thread
  •   
  •   
  •   
  •   
  •   
  •   
  •   
  • ModeratorModerator
  • CNET StaffCNET Staff
  • Samsung StaffSamsung Staff
  • Norton Authorized Support TeamNorton Authorized Support Team
  • AVG StaffAVG Staff
  • avast! Staffavast! Staff
  • Webroot Support TeamWebroot Support Team
  • Acer Customer Experience TeamAcer Customer Experience Team
  • Windows Outreach TeamWindows Outreach Team
  • DISH staffDISH staff
  • Dell StaffDell Staff
  • Intel StaffIntel Staff
  • QuestionQuestion
  • Resolved questionResolved question
  • General discussionGeneral discussion
  • TipTip
  • Alert or warningAlert or warning
  • PraisePraise
  • RantRant

You are e-mailing the following post: Post Subject

Your e-mail address is used only to let the recipient know who sent the e-mail and in case of transmission error. Neither your address nor the recipient's address will be used for any other purpose.

Sorry, there was a problem emailing this post. Please try again.

Submit Email Cancel

Thank you. Sent email to

Close

Thank you. Sent email to

Close

You are reporting the following post: Post Subject

If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.

Offensive: Sexually explicit or offensive language

Spam: Advertisements or commercial links

Disruptive posting: Flaming or offending other users

Illegal activities: Promote cracked software, or other illegal content

Sorry, there was a problem submitting your post. Please try again.

Submit Report Cancel

Your message has been submitted and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.

Close

Your message has been submitted and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.

Close

You are posting a reply to: Post Subject

The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to the CNET Forums policies for details. All submitted content is subject to CBS Interactive Site Terms of Use.

You are currently tracking this discussion. Click here to manage your tracked discussions.

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

Sorry, there was a problem submitting your post. Please try again.

Sorry, there was a problem generating the preview. Please try again.

Duplicate posts are not allowed in the forums. Please edit your post and submit again.

Submit Reply Preview Cancel

Thank you, , your post has been submitted.

> Click here to view your post. > Manage your tracked discussions. > Track this discussion. Close

Thank you, , your post has been submitted and will appear on our site shortly.

Close