Ad: Manage updates with the Download App
ie8 fix

Spyware, viruses, & security forum: VULNERABILITIES / FIXES - March 12, 2013

by: Carol~ March 12, 2013 4:24 AM PDT

Like this

0 people like this thread

Staff pick

VULNERABILITIES / FIXES - March 12, 2013

by Carol~ Moderator - 3/12/13 4:24 AM

Avant Browser Rendering Engines Two Code Execution Vulnerabilities

Release Date : 2013-03-12

Criticality level : Highly critical
Impact : System access
Where : From remote
Solution Status : Vendor Patch

Software: Avant Browser 2013

Description:
Two vulnerabilities have been reported in Avant Browser, which can be exploited by malicious people to compromise a user's system.

The vulnerabilities are reported in versions prior to 2013 build 21.

Solution:
Update to version 2013 build 21.

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
http://www.avantbrowser.com/new.aspx

http://secunia.com/advisories/52541/


Reply
Report offensive post
Email to friend

WordPress MobileView Plugin ZeroClipboard Cross-Site

by Carol~ Moderator - 3/12/13 4:33 AM

In Reply to: VULNERABILITIES / FIXES - March 12, 2013 by Carol~ Moderator

WordPress MobileView Plugin ZeroClipboard Cross-Site Scripting Vulnerability

Release Date : 2013-03-12

Criticality level : Less critical
Impact: Cross Site Scripting
Where : From remote
Solution Status : Unpatched

Software: WordPress MobileView Plugin 1.x

Description:
Henri Salo has discovered a vulnerability in the MobileView plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.

Input passed via the "id" parameter to wp-content/plugins/mobileview/admin/js/ZeroClipboard.swf is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

The vulnerability is confirmed in version 1.0.7. Other versions may also be affected.

Solution:
No official solution is currently available.

Provided and/or discovered by:
Henri Salo

Original Advisory:
Henri Salo:
http://www.openwall.com/lists/oss-security/2013/03/10/2

http://secunia.com/advisories/52463/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

WordPress JC Coupon Plugin ZeroClipboard Cross-Site

by Carol~ Moderator - 3/12/13 4:33 AM

In Reply to: VULNERABILITIES / FIXES - March 12, 2013 by Carol~ Moderator

WordPress JC Coupon Plugin ZeroClipboard Cross-Site Scripting Vulnerability

Release Date : 2013-03-12

Criticality level : Less critical
Impact: Cross Site Scripting
Where : From remote
Solution Status : Unpatched

Software: WordPress JC Coupon Plugin 2.x

Description:
Henri Salo has discovered a vulnerability in the JC Coupon plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.

Input passed via the "id" parameter to wp-content/plugins/jaspreetchahals-coupons-lite/js/ZeroClipboard.swf is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

The vulnerability is confirmed in version 2.1. Other versions may also be affected.

Solution:
No official solution is currently available.

Provided and/or discovered by:
Henri Salo

Original Advisory:
Henri Salo:
http://www.openwall.com/lists/oss-security/2013/03/10/2

http://secunia.com/advisories/52469/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

WordPress GeSHi Source Colorer Plugin ZeroClipboard

by Carol~ Moderator - 3/12/13 4:33 AM

In Reply to: VULNERABILITIES / FIXES - March 12, 2013 by Carol~ Moderator

WordPress GeSHi Source Colorer Plugin ZeroClipboard Cross-Site Scripting Vulnerability

Release Date : 2013-03-12

Criticality level : Less critical
Impact: Cross Site Scripting
Where : From remote
Solution Status : Unpatched

Software: WordPress GeSHi Source Colorer Plugin 0.x

Description:
Henri Salo has discovered a vulnerability in the GeSHi Source Colorer plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.

Input passed via the "id" parameter to wp-content/plugins/geshi-source-colorer/external/zeroclipboard/ZeroClipboard.swf is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

The vulnerability is confirmed in version 0.13. Other versions may also be affected.

Solution:
No official solution is currently available.

Provided and/or discovered by:
Henri Salo

Original Advisory:
Henri Salo:
http://www.openwall.com/lists/oss-security/2013/03/10/2

http://secunia.com/advisories/52478/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

WordPress Cleeng Plug & Go Plugin ZeroClipboard Cross-Site

by Carol~ Moderator - 3/12/13 4:33 AM

In Reply to: VULNERABILITIES / FIXES - March 12, 2013 by Carol~ Moderator

WordPress Cleeng Plug & Go Plugin ZeroClipboard Cross-Site Scripting Vulnerability

Release Date : 2013-03-12

Criticality level : Less critical
Impact: Cross Site Scripting
Where : From remote
Solution Status : Unpatched

Software: WordPress Cleeng Plug & Go Plugin 2.x

Description:
Henri Salo has discovered a vulnerability in the Cleeng Plug & Go plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.

Input passed via the "id" parameter to wp-content/plugins/cleeng/js/ZeroClipboard.swf is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

The vulnerability is confirmed in version 2.3.2. Other versions may also be affected.

Solution:
No official solution is currently available.

Provided and/or discovered by:
Henri Salo

Original Advisory:
Henri Salo:
http://www.openwall.com/lists/oss-security/2013/03/10/2

http://secunia.com/advisories/52524/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

WordPress Buckets Plugin ZeroClipboard Cross-Site

by Carol~ Moderator - 3/12/13 4:34 AM

In Reply to: VULNERABILITIES / FIXES - March 12, 2013 by Carol~ Moderator

WordPress Buckets Plugin ZeroClipboard Cross-Site Scripting Vulnerability

Release Date : 2013-03-12

Criticality level : Less critical
Impact: Cross Site Scripting
Where : From remote
Solution Status : Unpatched

Software: WordPress Buckets Plugin 0.x

Description:
Henri Salo has discovered a vulnerability in the Buckets plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.

Input passed via the "id" parameter to wp-content/plugins/buckets/js/ZeroClipboard.swf is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

The vulnerability is confirmed in version 0.1.9.3. Other versions may also be affected.

Solution:
No official solution is currently available.

Provided and/or discovered by:
Henri Salo

Original Advisory:
Henri Salo:
http://www.openwall.com/lists/oss-security/2013/03/10/2

http://secunia.com/advisories/52525/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

WordPress Zopim Live Chat Plugin ZeroClipboard Cross-Site

by Carol~ Moderator - 3/12/13 4:34 AM

In Reply to: VULNERABILITIES / FIXES - March 12, 2013 by Carol~ Moderator

WordPress Zopim Live Chat Plugin ZeroClipboard Cross-Site Scripting Vulnerability

Release Date : 2013-03-12

Criticality level : Less critical
Impact: Cross Site Scripting
Where : From remote
Solution Status : Vendor Patch

Software: WordPress Zopim Live Chat Plugin 1.x

Description:
Henri Salo has discovered a vulnerability in the Zopim Live Chat plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.

Input passed via the "id" parameter to wp-content/plugins/zopim-live-chat/ZeroClipboard.swf is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

The vulnerability is confirmed in version 1.2.5. Prior versions may also be affected.

Solution:
Update to version 1.2.6.

Provided and/or discovered by:
Henri Salo

Original Advisory:
Zopim Live Chat:
http://wordpress.org/extend/plugins/zopim-live-chat/changelog/

Henri Salo:
http://www.openwall.com/lists/oss-security/2013/03/10/2

http://secunia.com/advisories/52566/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

WordPress PayPal Digital Goods Plugin ZeroClipboard Cross

by Carol~ Moderator - 3/12/13 4:34 AM

In Reply to: VULNERABILITIES / FIXES - March 12, 2013 by Carol~ Moderator

WordPress PayPal Digital Goods Plugin ZeroClipboard Cross-Site Scripting Vulnerability

Release Date : 2013-03-12

Criticality level : Less critical
Impact: Cross Site Scripting
Where : From remote
Solution Status : Unpatched

Software: WordPress PayPal Digital Goods Plugin 2.x

Description:
Henri Salo has discovered a vulnerability in the PayPal Digital Goods plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.

Input passed via the "id" parameter to wp-content/plugins/paypal-digital-goods-monetization-powered-by-cleeng/js/ZeroClipboard.swf is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

The vulnerability is confirmed in version 2.2.13. Other versions may also be affected.

Solution:
No official solution is currently available.

Provided and/or discovered by:
Henri Salo

Original Advisory:
Henri Salo:
http://www.openwall.com/lists/oss-security/2013/03/10/2

http://secunia.com/advisories/52417/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

WordPress Tiny URL Plugin ZeroClipboard Cross-Site Scripting

by Carol~ Moderator - 3/12/13 4:34 AM

In Reply to: VULNERABILITIES / FIXES - March 12, 2013 by Carol~ Moderator

WordPress Tiny URL Plugin ZeroClipboard Cross-Site Scripting Vulnerability

Release Date : 2013-03-12

Criticality level : Less critical
Impact: Cross Site Scripting
Where : From remote
Solution Status : Unpatched

Software: WordPress Tiny URL Plugin 1.x

Description:
Henri Salo has discovered a vulnerability in the Tiny URL plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.

Input passed via the "id" parameter to wp-content/plugins/tiny-url/swf/ZeroClipboard10.swf is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

The vulnerability is confirmed in version 1.3.2. Other versions may also be affected.

Solution:
No official solution is currently available.

Provided and/or discovered by:
Henri Salo

Original Advisory:
Henri Salo:
http://www.openwall.com/lists/oss-security/2013/03/10/2

http://secunia.com/advisories/52456/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

WordPress WP Clone by WP Academy Plugin ZeroClipboard

by Carol~ Moderator - 3/12/13 4:34 AM

In Reply to: VULNERABILITIES / FIXES - March 12, 2013 by Carol~ Moderator

WordPress WP Clone by WP Academy Plugin ZeroClipboard Cross-Site Scripting Vulnerability

Release Date : 2013-03-12

Criticality level : Less critical
Impact: Cross Site Scripting
Where : From remote
Solution Status : Vendor Patch

Software: WordPress WP Clone by WP Academy Plugin 2.x

Description:
Henri Salo has discovered a vulnerability in the WP Clone by WP Academy plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.

Input passed via the "id" parameter to wp-content/plugins/wp-clone-by-wp-academy/lib/js/ZeroClipboard.swf is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

The vulnerability is confirmed in version 2.1.1. Prior versions may also be affected.

Solution:
Update to version 2.1.2.

Original Advisory:
WP Clone by WP Academy:
http://wordpress.org/extend/plugins/wp-clone-by-wp-academy/changelog/

Henri Salo:
http://www.openwall.com/lists/oss-security/2013/03/10/2

http://secunia.com/advisories/52461/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Red Hat update for JBoss Enterprise Application Platform and

by Carol~ Moderator - 3/12/13 4:35 AM

In Reply to: VULNERABILITIES / FIXES - March 12, 2013 by Carol~ Moderator

Red Hat update for JBoss Enterprise Application Platform and JBoss Enterprise Web Platform

Release Date : 2013-03-12

Criticality level : Less critical
Impact: Security Bypass
Where : From remote
Solution Status : Vendor Patch

Software:
JBoss Enterprise Application Platform 5.x
JBoss Enterprise Web Platform 5.x

Description:
Red Hat has issued an update for JBoss Enterprise Application Platform and JBoss Enterprise Web Platform. This fixes a weakness, which can be exploited by malicious people to bypass certain security restrictions.

Solution:
Updated packages are available via Red Hat Network.

Original Advisory:
RHSA-2013:0629-1:
http://rhn.redhat.com/errata/RHSA-2013-0629.html

RHSA-2013:0631-1:
http://rhn.redhat.com/errata/RHSA-2013-0631.html

RHSA-2013:0632-1:
http://rhn.redhat.com/errata/RHSA-2013-0632.html

RHSA-2013:0633-1:
http://rhn.redhat.com/errata/RHSA-2013-0633.html

http://secunia.com/advisories/52569/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Red Hat update for java-1.7.0-ibm

by Carol~ Moderator - 3/12/13 4:39 AM

In Reply to: VULNERABILITIES / FIXES - March 12, 2013 by Carol~ Moderator

Release Date : 2013-03-12

Criticality level : Highly critical
Impact: Manipulation of data
Exposure of sensitive information
DoS
System access
Where : From remote
Solution Status : Vendor Patch

Software:
Red Hat Enterprise Linux Desktop Supplementary (v. 6)
Red Hat Enterprise Linux HPC Node Supplementary (v. 6)
Red Hat Enterprise Linux Server Supplementary (v. 6)
Red Hat Enterprise Linux Workstation Supplementary (v. 6)
RHEL Desktop Supplementary (v. 5 client)
RHEL Supplementary (v. 5 server)

Description:
Red Hat has issued an update for java-1.7.0-ibm. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose certain sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.

Solution:
Updated packages are available via Red Hat Network.

Original Advisory:
RHSA-2013:0626-1:
http://rhn.redhat.com/errata/RHSA-2013-0626.html

http://secunia.com/advisories/52575/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Red Hat update for java-1.6.0-ibm

by Carol~ Moderator - 3/12/13 4:39 AM

In Reply to: VULNERABILITIES / FIXES - March 12, 2013 by Carol~ Moderator

Release Date : 2013-03-12

Criticality level : Highly critical
Impact: Manipulation of data
Exposure of sensitive information
DoS
System access
Where : From remote
Solution Status : Vendor Patch

Software:
Red Hat Enterprise Linux Desktop Supplementary (v. 6)
Red Hat Enterprise Linux HPC Node Supplementary (v. 6)
Red Hat Enterprise Linux Server Supplementary (v. 6)
Red Hat Enterprise Linux Workstation Supplementary (v. 6)
RHEL Desktop Supplementary (v. 5 client)
RHEL Supplementary (v. 5 server)

Description:
Red Hat has issued an update for java-1.6.0-ibm. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose certain sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.

Solution:
Updated packages are available via Red Hat Network.

Original Advisory:
RHSA-2013:0625-1:
http://rhn.redhat.com/errata/RHSA-2013-0625.html

http://secunia.com/advisories/52570/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Red Hat update for tomcat6

by Carol~ Moderator - 3/12/13 4:39 AM

In Reply to: VULNERABILITIES / FIXES - March 12, 2013 by Carol~ Moderator

Release Date : 2013-03-12

Criticality level : Moderately critical
Impact: Security Bypass
DoS
Where : From remote
Solution Status : Vendor Patch

Operating System :
Red Hat Enterprise Linux Desktop 6
Red Hat Enterprise Linux HPC Node 6
Red Hat Enterprise Linux Server 6
Red Hat Enterprise Linux Workstation 6

Description:
Red Hat has issued an update for tomcat6. This fixes a weakness and two vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and cause a DoS (Denial of Service).

Solution:
Updated packages are available via Red Hat Network.

Original Advisory:
RHSA-2013:0623-1:
http://rhn.redhat.com/errata/RHSA-2013-0623.html

http://secunia.com/advisories/52572/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Red Hat update for java-1.5.0-ibm

by Carol~ Moderator - 3/12/13 4:39 AM

In Reply to: VULNERABILITIES / FIXES - March 12, 2013 by Carol~ Moderator

Release Date : 2013-03-12

Criticality level : Highly critical
Impact : DoS
Manipulation of data
Exposure of sensitive information
System access
Where : From remote
Solution Status : Vendor Patch

Software:
Red Hat Enterprise Linux Desktop Supplementary (v. 6)
Red Hat Enterprise Linux HPC Node Supplementary (v. 6)
Red Hat Enterprise Linux Server Supplementary (v. 6)
Red Hat Enterprise Linux Workstation Supplementary (v. 6)
RHEL Desktop Supplementary (v. 5 client)
RHEL Supplementary (v. 5 server)

Description:
Red Hat has issued an update for java-1.5.0-ibm. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose certain sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.

Solution:
Updated packages are available via Red Hat Network.

Original Advisory:
RHSA-2013:0624-1:
http://rhn.redhat.com/errata/RHSA-2013-0624.html

http://secunia.com/advisories/52573/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

WordPress SlideDeck 2 Lite Responsive Content Slider Plugin

by Carol~ Moderator - 3/12/13 4:40 AM

In Reply to: VULNERABILITIES / FIXES - March 12, 2013 by Carol~ Moderator

WordPress SlideDeck 2 Lite Responsive Content Slider Plugin ZeroClipboard Two Cross-Site Scripting Vulnerabilities

Release Date : 2013-03-12

Criticality level : Less critical
Impact: Cross Site Scripting
Where : From remote
Solution Status : Unpatched

Software: WordPress SlideDeck 2 Lite Responsive Content Slider Plugin 2.x

Description:
Henri Salo has discovered two vulnerabilities in the SlideDeck 2 Lite Responsive Content Slider plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.

Input passed via the "id" parameter to wp-content/plugins/slidedeck2/js/zeroclipboard/ZeroClipboard.swf and wp-content/plugins/slidedeck2/js/zeroclipboard/ZeroClipboard10.swf is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

The vulnerabilities are confirmed in version 2.1.20130306. Other versions may also be affected.

Solution:
No official solution is currently available.

Provided and/or discovered by:
Henri Salo

Original Advisory:
Henri Salo:
http://www.openwall.com/lists/oss-security/2013/03/10/2

http://secunia.com/advisories/52462/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Red Hat update for kernel

by Carol~ Moderator - 3/12/13 4:53 AM

In Reply to: VULNERABILITIES / FIXES - March 12, 2013 by Carol~ Moderator

Release Date : 2013-03-12

Criticality level : Less critical
Impact : Privilege escalation
Where: Local system
Solution Status : Vendor Patch

Operating System :
Red Hat Enterprise Linux Desktop 5
Red Hat Enterprise Linux Server 5

Description:
Red Hat has issued an update for kernel. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.

Solution:
Updated packages are available via Red Hat Network.

Original Advisory:
RHSA-2013:0621-1:
http://rhn.redhat.com/errata/RHSA-2013-0621.html

http://secunia.com/advisories/52574/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

WordPress Click to Copy Grab Box Plugin ZeroClipboard Two

by Carol~ Moderator - 3/12/13 4:53 AM

In Reply to: VULNERABILITIES / FIXES - March 12, 2013 by Carol~ Moderator

WordPress Click to Copy Grab Box Plugin ZeroClipboard Two Cross-Site Scripting Vulnerabilities

Release Date : 2013-03-12

Criticality level : Less critical
Impact: Cross Site Scripting
Where : From remote
Solution Status : Unpatched

Software: WordPress Click to Copy Grab Box Plugin 0.x

Description:
Henri Salo has discovered two vulnerabilities in the Click to Copy Grab Box plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.

Input passed via the "id" parameter to wp-content/plugins/click-to-copy-grab-box/lib/ZeroClipboard.swf and wp-content/plugins/click-to-copy-grab-box/lib/ZeroClipboard10.swf is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

The vulnerabilities are confirmed in version 0.1.1. Other versions may also be affected.

Solution:
No official solution is currently available.

Provided and/or discovered by:
Henri Salo

Original Advisory:
Henri Salo:
http://www.openwall.com/lists/oss-security/2013/03/10/2

http://secunia.com/advisories/52482/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Squid "strHdrAcptLangGetItem()" Denial of Service

by Carol~ Moderator - 3/12/13 4:53 AM

In Reply to: VULNERABILITIES / FIXES - March 12, 2013 by Carol~ Moderator

Squid "strHdrAcptLangGetItem()" Denial of Service Vulnerability

Release Date : 2013-03-12

Criticality level : Moderately critical
Impact : DoS
Where : From remote
Solution Status : Vendor Workaround

Software: Squid 3.x

Description"
A vulnerability has been reported in Squid, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to an error within the "strHdrAcptLangGetItem()" function (errorpage.cc) when handling the "Accept-Language" header. This can be exploited to trigger an infinite loop and consume CPU resources.

The vulnerability is reported in versions 3.3.2 and prior and versions 3.2.8 and prior.

Solution:
Apply patch.

Provided and/or discovered by:
22733db72ab3ed94b5f8a1ffcde850251fe6f466, c8e74ebd8392fda4788179f9a02bb49337638e7b, and AKAT-1

Original Advisory:
http://archives.neohapsis.com/archives/bugtraq/2013-03/0025.html
http://archives.neohapsis.com/archives/bugtraq/2013-03/0069.html

http://secunia.com/advisories/52588/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Red Hat update for thunderbird

by Carol~ Moderator - 3/12/13 4:54 AM

In Reply to: VULNERABILITIES / FIXES - March 12, 2013 by Carol~ Moderator

Release Date : 2013-03-12

Criticality level : Highly critical
Impact : System access
Where : From remote
Solution Status : Vendor Patch

Operating System : Red Hat Enterprise Linux Desktop 5
Red Hat Enterprise Linux Desktop 6
Red Hat Enterprise Linux Server 6
Red Hat Enterprise Linux Workstation 6

Software: RHEL Optional Productivity Applications (v. 5 server)

Description:
Red Hat has issued an update for thunderbird. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.

Solution:
Updated packages are available via Red Hat Network.

Original Advisory:
RHSA-2013:0627-1:
http://rhn.redhat.com/errata/RHSA-2013-0627.html

http://secunia.com/advisories/52571/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

GroundWork Monitor Enterprise Multiple Vulnerabilities

by Carol~ Moderator - 3/12/13 4:58 AM

In Reply to: VULNERABILITIES / FIXES - March 12, 2013 by Carol~ Moderator

Release Date : 2013-03-12

Criticality level : Less critical
Impact : Security Bypass
Cross Site Scripting
Where : From remote
Solution Status : Partial Fix

Software: GroundWork Monitor Enterprise 6.x

Description:
Johannes Greil has reported multiple vulnerabilities in GroundWork Monitor Enterprise, which can be exploited by malicious people to conduct cross-site scripting and request forgery attacks and bypass certain security restrictions.

1) The application does not properly verify user authorization in Foundation, Performance View, Cacti, NeDi, Configuration, and Nagios components. This can be exploited to bypass the intended security checks and e.g. manipulate certain application settings or disclose certain sensitive information.

2) Certain unspecified input related to NeDi and NoMa components is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in the context of an affected site.

3) The application allows users to perform certain actions via HTTP requests without performing proper validity checks to verify the requests. This can be exploited to perform certain actions when a logged-in user visits a specially crafted web page.

The vulnerabilities are reported in version 6.7.0-br287-gw1571. Other versions may also be affected.

Solution:
No official solution is currently available. Apply the vendor workaround, which mitigates vulnerability #1.

Provided and/or discovered by:
Johannes Greil, SEC Consult

Original Advisory:
SEC Consult (SA-20130308-0, SA-20130308-1):
https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20130308-0_GroundWork_Monitoring_Multiple_critical_vulnerabilities_wo_poc_v10.txt
https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20130308-1_GroundWork_Monitoring_Multiple_high_risk_vulnerabilities_part2_wo_poc_v10.txt

http://secunia.com/advisories/51035/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Red Hat update for kernel-rt

by Carol~ Moderator - 3/12/13 6:27 AM

In Reply to: VULNERABILITIES / FIXES - March 12, 2013 by Carol~ Moderator

Release Date : 2013-03-12

Criticality level : Less critical
Impact : Manipulation of data
Privilege escalation
DoS
Where: Local system
Solution Status : Vendor Patch

Software: Red Hat Enterprise MRG v2 for Red Hat Enterprise Linux (version 6)

Description:
Red Hat has issued an update for kernel-rt. This fixes a weakness and multiple vulnerabilities, which can be exploited by malicious, local users in a guest virtual machine to manipulate certain data and by malicious, local users to gain escalated privileges and to cause a DoS (Denial of Service).

Solution:
Updated packages are available via Red Hat Network.

Original Advisory:
RHSA-2013:0622-1:
http://rhn.redhat.com/errata/RHSA-2013-0622.html

http://secunia.com/advisories/52576/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

WordPress BP Code Snippets Plugin ZeroClipboard Cross-Site

by Carol~ Moderator - 3/12/13 7:19 AM

In Reply to: VULNERABILITIES / FIXES - March 12, 2013 by Carol~ Moderator

WordPress BP Code Snippets Plugin ZeroClipboard Cross-Site Scripting Vulnerability

Release Date : 2013-03-12

Criticality level : Less critical
Impact: Cross Site Scripting
Where : From remote
Solution Status : Unpatched

Software: WordPress BP Code Snippets Plugin 2.x

Description:
Henri Salo has discovered a vulnerability in the BP Code Snippets plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.

Input passed via the "id" parameter to wp-content/plugins/bp-code-snippets/js/ZeroClipboard.swf is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

The vulnerability is confirmed in version 2.0. Other versions may also be affected.

Solution:
No official solution is currently available.

Provided and/or discovered by:
Henri Salo

Original Advisory:
Henri Salo:
http://www.openwall.com/lists/oss-security/2013/03/10/2

http://secunia.com/advisories/52530/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

SUSE update for MozillaFirefox, MozillaThunderbird,

by Carol~ Moderator - 3/12/13 7:21 AM

In Reply to: VULNERABILITIES / FIXES - March 12, 2013 by Carol~ Moderator

SUSE update for MozillaFirefox, MozillaThunderbird, and seamonkey

Release Date : 2013-03-12

Criticality level : Highly critical
Impact : System access
Where : From remote
Solution Status : Vendor Patch

Operating System : openSUSE 11.4

Description:
SUSE has issued an update for MozillaFirefox, MozillaThunderbird, and seamonkey. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.

Solution:
Apply updated packages via the zypper package manager.

Original Advisory:
openSUSE-SU-2013:0431-1:
http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00010.html

http://secunia.com/advisories/52537/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

SUSE update for java-1_6_0-openjdk

by Carol~ Moderator - 3/12/13 7:50 AM

In Reply to: VULNERABILITIES / FIXES - March 12, 2013 by Carol~ Moderator

Release Date : 2013-03-12

Criticality level : Highly critical
Impact : System access
Where : From remote
Solution Status : Vendor Patch

Operating System : openSUSE 12.1

Description:
SUSE has issued an update for java-1_6_0-openjdk. This fixes two vulnerabilities, which can be exploited by malicious people to compromise a user's system.

Solution:
Apply updated packages via the zypper package manager.

Original Advisory:
openSUSE-SU-2013:0430-1:
http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00009.html

http://secunia.com/advisories/52533/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

389 Directory Server LDAP Control Data Handling Denial

by Carol~ Moderator - 3/12/13 11:33 AM

In Reply to: VULNERABILITIES / FIXES - March 12, 2013 by Carol~ Moderator

389 Directory Server LDAP Control Data Handling Denial of Service Vulnerability

Release Date : 2013-03-12

Criticality level : Less critical
Impact : DoS
Where : From local network
Solution Status : Vendor Patch

Software: 389 Directory Server (formerly known as Fedora Directory Server) 1.x

Description:
A vulnerability has been reported in 389 Directory Server, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to an error when handling LDAP control data, which can be exploited to crash the server by sending a specially crafted LDAP control sequence.

The vulnerability is reported in versions prior to 1.3.0.4.

Solution:
Update to version 1.3.0.4.

Provided and/or discovered by:
The vendor credits Thierry Bordaz, Red Hat.

Original Advisory:
https://fedorahosted.org/389/ticket/571
https://bugzilla.redhat.com/show_bug.cgi?id=912964

http://secunia.com/advisories/52279/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Red Hat update for 389-ds-base

by Carol~ Moderator - 3/12/13 11:33 AM

In Reply to: VULNERABILITIES / FIXES - March 12, 2013 by Carol~ Moderator

Release Date : 2013-03-12

Criticality level : Less critical
Impact : DoS
Where : From local network
Solution Status : Vendor Patch

Operating System :
Red Hat Enterprise Linux Desktop 6
Red Hat Enterprise Linux HPC Node 6
Red Hat Enterprise Linux Server 6
Red Hat Enterprise Linux Workstation 6

Description:
Red Hat has issued an update for 389-ds-base. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

Solution:
Updated packages are available via Red Hat Network.

Original Advisory:
RHSA-2013:0628-1:
https://rhn.redhat.com/errata/RHSA-2013-0628.html

http://secunia.com/advisories/52568/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

WordPress CMS Tree Page View Plugin Cross-Site Request

by Carol~ Moderator - 3/12/13 11:33 AM

In Reply to: VULNERABILITIES / FIXES - March 12, 2013 by Carol~ Moderator

WordPress CMS Tree Page View Plugin Cross-Site Request Forgery Vulnerability

Release Date: 2013-03-12

Criticality level : Less critical
Impact : Cross Site Scripting
Where : From remote
Solution Status : Vendor Patch

Software: WordPress CMS Tree Page View Plugin 1.x

Description:
A vulnerability has been discovered in the CMS Tree Page View plugin for WordPress, which can be exploited by malicious people to conduct cross-site request forgery attacks.

The application allows users to perform certain actions via HTTP requests without performing proper validity checks to verify the requests. This can be exploited to e.g. create arbitrary pages when a logged-in user visits a specially crafted web page.

The vulnerability is confirmed in version 1.2.4. Prior versions may also be affected.

Solution:
Update to version 1.2.5.

Provided and/or discovered by:
The vendor credits Julio Potier.

Original Advisory:
CMS Tree Page View:
http://wordpress.org/extend/plugins/cms-tree-page-view/changelog/
http://plugins.trac.wordpress.org/changeset/679833/cms-tree-page-view

http://secunia.com/advisories/52581/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Dolphin swfupload Two Cross-Site Scripting Vulnerabilities

by Carol~ Moderator - 3/12/13 11:33 AM

In Reply to: VULNERABILITIES / FIXES - March 12, 2013 by Carol~ Moderator

Release Date: 2013-03-12

Criticality level : Less critical
Impact : Cross Site Scripting
Where : From remote
Solution Status : Unpatched

Software: Dolphin 7.x

Description:
Two vulnerabilities have been reported in Dolphin, which can be exploited by malicious people to conduct cross-site scripting attacks.

The vulnerabilities are caused due to a bundled vulnerable version of swfupload.

The vulnerabilities are reported in version 7.1. Other versions may also be affected.

Solution:
No official solution is currently available.

Original Advisory:
MustLive:
http://websecurity.com.ua/6365/
http://packetstormsecurity.com/files/120746/SWFUpload-Content-Spoofing-Cross-Site-Scripting.html

http://secunia.com/advisories/52535/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Dotclear swfupload Two Cross-Site Scripting Vulnerabilities

by Carol~ Moderator - 3/12/13 12:19 PM

In Reply to: VULNERABILITIES / FIXES - March 12, 2013 by Carol~ Moderator

Release Date: 2013-03-12

Criticality level : Less critical
Impact : Cross Site Scripting
Where : From remote
Solution Status : Unpatched

Software: Dotclear 2.x

Description:
Two vulnerabilities have been discovered in Dotclear, which can be exploited by malicious people to conduct cross-site scripting attacks.

The vulnerabilities are caused due to a bundled vulnerable version of swfupload.

The vulnerabilities are confirmed in version 2.4.4. Other versions may also be affected.

Solution:
No official solution is currently available.

Original Advisory:
MustLive:
http://websecurity.com.ua/6365/
http://packetstormsecurity.com/files/120746/SWFUpload-Content-Spoofing-Cross-Site-Scripting.html

http://secunia.com/advisories/52540/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Forum Icon Legend

  • UnreadUnread
  • ReadRead
  • Locked threadLocked thread
  •   
  •   
  •   
  •   
  •   
  •   
  •   
  • ModeratorModerator
  • CNET StaffCNET Staff
  • Samsung StaffSamsung Staff
  • Norton Authorized Support TeamNorton Authorized Support Team
  • AVG StaffAVG Staff
  • avast! Staffavast! Staff
  • Webroot Support TeamWebroot Support Team
  • Acer Customer Experience TeamAcer Customer Experience Team
  • Windows Outreach TeamWindows Outreach Team
  • DISH staffDISH staff
  • Dell StaffDell Staff
  • Intel StaffIntel Staff
  • QuestionQuestion
  • Resolved questionResolved question
  • General discussionGeneral discussion
  • TipTip
  • Alert or warningAlert or warning
  • PraisePraise
  • RantRant

You are e-mailing the following post: Post Subject

Your e-mail address is used only to let the recipient know who sent the e-mail and in case of transmission error. Neither your address nor the recipient's address will be used for any other purpose.

Sorry, there was a problem emailing this post. Please try again.

Submit Email Cancel

Thank you. Sent email to

Close

Thank you. Sent email to

Close

You are reporting the following post: Post Subject

If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.

Offensive: Sexually explicit or offensive language

Spam: Advertisements or commercial links

Disruptive posting: Flaming or offending other users

Illegal activities: Promote cracked software, or other illegal content

Sorry, there was a problem submitting your post. Please try again.

Submit Report Cancel

Your message has been submitted and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.

Close

Your message has been submitted and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.

Close

You are posting a reply to: Post Subject

The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to the CNET Forums policies for details. All submitted content is subject to CBS Interactive Site Terms of Use.

You are currently tracking this discussion. Click here to manage your tracked discussions.

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

Sorry, there was a problem submitting your post. Please try again.

Sorry, there was a problem generating the preview. Please try again.

Duplicate posts are not allowed in the forums. Please edit your post and submit again.

Submit Reply Preview Cancel

Thank you, , your post has been submitted.

> Click here to view your post. > Manage your tracked discussions. > Track this discussion. Close

Thank you, , your post has been submitted and will appear on our site shortly.

Close