Spyware, Viruses, & Security forum

General discussion

VULNERABILITIES - April 2, 2007

by Marianna Schmudlach / April 2, 2007 1:18 AM PDT

TITLE:
SUSE update for gpg

SECUNIA ADVISORY ID:
SA24734

VERIFY ADVISORY:
http://secunia.com/advisories/24734/

CRITICAL:
Moderately critical

IMPACT:
Security Bypass

WHERE:
From remote

OPERATING SYSTEM:
UnitedLinux 1.0
http://secunia.com/product/2003/
SuSE Linux Standard Server 8
http://secunia.com/product/2526/
SuSE Linux Openexchange Server 4.x
http://secunia.com/product/2001/
SUSE Linux Enterprise Server 9
http://secunia.com/product/4118/
SuSE Linux Enterprise Server 8
http://secunia.com/product/1171/
SUSE Linux Enterprise Server 10
http://secunia.com/product/12192/
SuSE Linux Desktop 1.x
http://secunia.com/product/2002/
SUSE Linux 9.3
http://secunia.com/product/4933/
SUSE Linux 10.1
http://secunia.com/product/10796/
SUSE Linux 10
http://secunia.com/product/6221/
openSUSE 10.2
http://secunia.com/product/13375/

DESCRIPTION:
SUSE has issued an update for gpg. This fixes a vulnerability, which
can be exploited by malicious people to bypass certain security
restrictions when applications use GnuPG in an insecure manner.

For more information:
SA24412

SOLUTION:
Apply updated packages.

ORIGINAL ADVISORY:
http://lists.suse.com/archive/suse-security-announce/2007-Mar/0008.html

OTHER REFERENCES:
SA24412:
http://secunia.com/advisories/24412/

Discussion is locked
You are posting a reply to: VULNERABILITIES - April 2, 2007
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: VULNERABILITIES - April 2, 2007
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
America Online SuperBuddy ActiveX Control "LinkSBIcons()" Vu
by Marianna Schmudlach / April 2, 2007 1:19 AM PDT

TITLE:
America Online SuperBuddy ActiveX Control "LinkSBIcons()"
Vulnerability

SECUNIA ADVISORY ID:
SA24714

VERIFY ADVISORY:
http://secunia.com/advisories/24714/

CRITICAL:
Highly critical

IMPACT:
System access

WHERE:
From remote

SOFTWARE:
AOL 9.x
http://secunia.com/product/6840/

DESCRIPTION:
TippingPoint Security Research Team has discovered a vulnerability in
America Online, which can be exploited by malicious people to
compromise a user's system.

The vulnerability is caused due to the SuperBuddy ActiveX control
(sb.dll) accepting a user-controlled object pointer as argument to
the "LinkSBIcons()" method.

Successful exploitation allows execution of arbitrary code when
visiting a malicious website.

The vulnerability is confirmed in AOL 9.0 Revision 4156.910. Other
versions may also be affected.

SOLUTION:
Updates are automatically available for AOL 9.x users when logging
into the AOL service.

Set the kill-bit on the affected ActiveX control.

PROVIDED AND/OR DISCOVERED BY:
Cody Pierce, TippingPoint Security Research Team.

ORIGINAL ADVISORY:
TippingPoint:
http://www.tippingpoint.com/security/advisories/TSRT-07-03.html

Collapse -
SUSE update for gpg
by Marianna Schmudlach / April 2, 2007 1:20 AM PDT

TITLE:
SUSE update for gpg

SECUNIA ADVISORY ID:
SA24734

VERIFY ADVISORY:
http://secunia.com/advisories/24734/

CRITICAL:
Moderately critical

IMPACT:
Security Bypass

WHERE:
From remote

OPERATING SYSTEM:
UnitedLinux 1.0
http://secunia.com/product/2003/
SuSE Linux Standard Server 8
http://secunia.com/product/2526/
SuSE Linux Openexchange Server 4.x
http://secunia.com/product/2001/
SUSE Linux Enterprise Server 9
http://secunia.com/product/4118/
SuSE Linux Enterprise Server 8
http://secunia.com/product/1171/
SUSE Linux Enterprise Server 10
http://secunia.com/product/12192/
SuSE Linux Desktop 1.x
http://secunia.com/product/2002/
SUSE Linux 9.3
http://secunia.com/product/4933/
SUSE Linux 10.1
http://secunia.com/product/10796/
SUSE Linux 10
http://secunia.com/product/6221/
openSUSE 10.2
http://secunia.com/product/13375/

DESCRIPTION:
SUSE has issued an update for gpg. This fixes a vulnerability, which
can be exploited by malicious people to bypass certain security
restrictions when applications use GnuPG in an insecure manner.

For more information:
SA24412

SOLUTION:
Apply updated packages.

ORIGINAL ADVISORY:
http://lists.suse.com/archive/suse-security-announce/2007-Mar/0008.html

OTHER REFERENCES:
SA24412:
http://secunia.com/advisories/24412/

Collapse -
Symantec Norton Personal Firewall Hooked Functions Denial of
by Marianna Schmudlach / April 2, 2007 1:22 AM PDT

TITLE:
Symantec Norton Personal Firewall Hooked Functions Denial of Service

SECUNIA ADVISORY ID:
SA24677

VERIFY ADVISORY:
http://secunia.com/advisories/24677/

CRITICAL:
Not critical

IMPACT:
DoS

WHERE:
Local system

SOFTWARE:
Symantec Norton Personal Firewall 2006
http://secunia.com/product/6638/

DESCRIPTION:
Matousec has discovered a vulnerability in Symantec Norton Personal
Firewall 2006, which can be exploited by malicious, local users to
cause a DoS (Denial of Service).

The vulnerability is caused due to an input validation error in
SPBBCDrv.sys when handling parameters of certain hooked functions.
This can be exploited to crash the system by calling NtCreateMutant
or NtOpenEvent with specially crafted parameters.

The vulnerability is confirmed in version 9.0.0.73 and also reported
in versions 9.1.1.7 and 9.1.0.33. Other versions may also be
affected.

SOLUTION:
Restrict access to trusted users only.

PROVIDED AND/OR DISCOVERED BY:
Matousec Transparent Security

ORIGINAL ADVISORY:
Matousec Transparent Security:
http://www.matousec.com/info/advisories/Norton-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php

Collapse -
HP Mercury Quality Center Unspecified ActiveX Control Vulner
by Marianna Schmudlach / April 2, 2007 1:23 AM PDT

TITLE:
HP Mercury Quality Center Unspecified ActiveX Control Vulnerability

SECUNIA ADVISORY ID:
SA24692

VERIFY ADVISORY:
http://secunia.com/advisories/24692/

CRITICAL:
Highly critical

IMPACT:
System access

WHERE:
From remote

SOFTWARE:
HP Mercury Quality Center 8.x
http://secunia.com/product/13826/
HP Mercury Quality Center 9.x
http://secunia.com/product/13827/

DESCRIPTION:
A vulnerability has been reported in HP Mercury Quality Center, which
can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to an unspecified error within a
certain HP Mercury Quality Center ActiveX control and can be
exploited to execute arbitrary code.

The vulnerability reportedly affects version 8.2 SP1 and 9.0.

SOLUTION:
Apply patches.

Mercury Quality Center 8.2 Sp1 (Patch 32):
http://webnotes.merc-int.com/patches.nsf/c4d68388a23535dc422567d0004bbae2/7a0f7f0efc7905fdc225729f004cf387?OpenDocument


Mercury Quality Center 9.0 (Patch 12.1):
http://webnotes.merc-int.com/patches.nsf/c4d68388a23535dc422567d0004bbae2/cf109e434c7765eac22572a4006c6e94?OpenDocument

PROVIDED AND/OR DISCOVERED BY:
The vendor credits:
* Eric Detoisien
* An anonymous person via iDefense Labs.

ORIGINAL ADVISORY:
HP:
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00901872

Collapse -
Apache Tomcat Directory Traversal Security Issue
by Marianna Schmudlach / April 2, 2007 1:24 AM PDT

TITLE:
Apache Tomcat Directory Traversal Security Issue

SECUNIA ADVISORY ID:
SA24732

VERIFY ADVISORY:
http://secunia.com/advisories/24732/

CRITICAL:
Less critical

IMPACT:
Security Bypass

WHERE:
From remote

SOFTWARE:
Apache Tomcat 5.x
http://secunia.com/product/3571/

DESCRIPTION:
D. Matscheko has reported a security issue in Apache Tomcat, which
can be exploited by malicious people to bypass certain security
restrictions.

If Tomcat is running behind a proxy with context restriction, an
error within the handling of certain path delimiters in requests
('2F', '%5C', and '\') can be exploited to bypass the context
restrictions and may allow access to non-proxied contexts.

The security issue is reported in versions 5.5.0 to 5.5.21, 5.0.0 to
5.5.0.30, and 6.0.0 to 6.0.9.

SOLUTION:
Update to version 5.5.22 or 6.0.10.

Configure Apache Tomcat so that you don't have to rely on context
restricting proxies.

PROVIDED AND/OR DISCOVERED BY:
D. Matscheko

ORIGINAL ADVISORY:
http://www.sec-consult.com/287.html

http://tomcat.apache.org/security-5.html
http://tomcat.apache.org/security-6.html

Collapse -
Gentoo update for cups
by Marianna Schmudlach / April 2, 2007 1:25 AM PDT

TITLE:
Gentoo update for cups

SECUNIA ADVISORY ID:
SA24660

VERIFY ADVISORY:
http://secunia.com/advisories/24660/

CRITICAL:
Less critical

IMPACT:
DoS

WHERE:
From local network

OPERATING SYSTEM:
Gentoo Linux 1.x
http://secunia.com/product/339/

DESCRIPTION:
Gentoo has issued an update for cups. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

For more information:
SA24517

SOLUTION:
Update to "net-print/cups-1.2.9" or later.

ORIGINAL ADVISORY:
http://www.gentoo.org/security/en/glsa/glsa-200703-28.xml

OTHER REFERENCES:
SA24517:
http://secunia.com/advisories/24517/

Collapse -
Sun Solaris Mozilla 1.7 Vulnerability
by Marianna Schmudlach / April 2, 2007 1:27 AM PDT

TITLE:
Sun Solaris Mozilla 1.7 Vulnerability

SECUNIA ADVISORY ID:
SA24624

VERIFY ADVISORY:
http://secunia.com/advisories/24624/

CRITICAL:
Highly critical

IMPACT:
DoS, System access

WHERE:
From remote

OPERATING SYSTEM:
Sun Solaris 8
http://secunia.com/product/94/
Sun Solaris 9
http://secunia.com/product/95/
Sun Solaris 10
http://secunia.com/product/4813/

DESCRIPTION:
Sun has acknowledged a vulnerability in Mozilla 1.7 for Sun Solaris,
which potentially can be exploited by malicious people to compromise
a user's system.

For more information:
SA19873

The vulnerability is reported in Mozilla 1.7 for Sun Solaris 8, 9,
and 10 for both the x86 and SPARC platform. Mozilla 1.4 may also be
affected.

SOLUTION:
-- SPARC Platform --
Mozilla 1.7 (for Solaris 10):
Apply patch 119115-25 or later.

-- x86 Platform --
Mozilla 1.7 (for Solaris 10):
Apply patch 119116-25 or later.

Mozilla 1.7 (for Solaris 8 and Solaris 9):
Reportedly, a final resolution is pending completion. The vendor
recommends disabling JavaScript as a workaround.

ORIGINAL ADVISORY:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102865-1

OTHER REFERENCES:
SA19873:
http://secunia.com/advisories/19873/

Collapse -
Gentoo update for file
by Marianna Schmudlach / April 2, 2007 1:28 AM PDT

TITLE:
Gentoo update for file

SECUNIA ADVISORY ID:
SA24608

VERIFY ADVISORY:
http://secunia.com/advisories/24608/

CRITICAL:
Less critical

IMPACT:
DoS, System access

WHERE:
From remote

OPERATING SYSTEM:
Gentoo Linux 1.x
http://secunia.com/product/339/

DESCRIPTION:
Gentoo has issued an update for file. This fixes a vulnerability,
which can be exploited by malicious people to compromise a vulnerable
system.

For more information:
SA24548

SOLUTION:
Update to "sys-apps/file-4.20" or later.

ORIGINAL ADVISORY:
http://www.gentoo.org/security/en/glsa/glsa-200703-26.xml

OTHER REFERENCES:
SA24548:
http://secunia.com/advisories/24548/

Collapse -
Hitachi Products Cosminexus Component Container Improper Ses
by Marianna Schmudlach / April 2, 2007 1:30 AM PDT

TITLE:
Hitachi Products Cosminexus Component Container Improper Session
Information Usage

SECUNIA ADVISORY ID:
SA24683

VERIFY ADVISORY:
http://secunia.com/advisories/24683/

CRITICAL:
Less critical

IMPACT:
Security Bypass, Exposure of sensitive information

WHERE:
From local network

SOFTWARE:
uCosminexus Application Server
http://secunia.com/product/13819/
uCosminexus Developer
http://secunia.com/product/13820/
uCosminexus Service Architect
http://secunia.com/product/13821/
uCosminexus Service Platform
http://secunia.com/product/13823/

DESCRIPTION:
A security issue has been reported in Hitachi products, which
potentially can be exploited by malicious people to disclose certain
sensitive information or bypass certain security restrictions.

The security issue is caused due to an unspecified error within the
Cosminexus Component Container when handling sessions, which may
cause session information to be used by other sessions.

The vulnerability is reported in the following products:
* uCosminexus Application Server Enterprise
* uCosminexus Application Server Standard
* uCosminexus Service Platform
* uCosminexus Developer Standard
* uCosminexus Developer Professional
* uCosminexus Service Architect
* Electronic Form Workflow - Standard Set
* Electronic Form Workflow - Professional Library Set
* Electronic Form Workflow - Developer Client Set
* uCosminexus ERP Integrator

SOLUTION:
Please see the vendor's advisory for fix details.

PROVIDED AND/OR DISCOVERED BY:
Reported by the vendor.

ORIGINAL ADVISORY:
http://www.hitachi-support.com/security_e/vuls_e/HS07-006_e/index-e.html

Collapse -
Gentoo update for squid
by Marianna Schmudlach / April 2, 2007 1:31 AM PDT

TITLE:
Gentoo update for squid

SECUNIA ADVISORY ID:
SA24662

VERIFY ADVISORY:
http://secunia.com/advisories/24662/

CRITICAL:
Moderately critical

IMPACT:
DoS

WHERE:
From remote

OPERATING SYSTEM:
Gentoo Linux 1.x
http://secunia.com/product/339/

DESCRIPTION:
Gentoo has issued an update for squid. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

For more information:
SA24611

SOLUTION:
Update to "net-proxy/squid-2.6.12" or later.

ORIGINAL ADVISORY:
http://www.gentoo.org/security/en/glsa/glsa-200703-27.xml

OTHER REFERENCES:
SA24611:
http://secunia.com/advisories/24611/

Collapse -
No Safe Place for Office Documents?
by Marianna Schmudlach / April 2, 2007 1:59 AM PDT

April 2nd, 2007 by Jhoevine Capicio
If you?re updated with the news in the security industry, then you know that there have been a lot of vulnerabilities in MS Office Applications that are being exploited. Because of this, it has been a common advice to use safer document formats like RTF. What didn?t cross my mind is that RTF files can still be embedded with an object, and if this can be done there?s no reason why I malware can?t be embedded to an RTF file as well. With good social engineering, which for most cases is the downfall of good security, a malware infection can start from an RTF file. That may be the case with this RTF file detected by trend as TROJ_DLOADER.MC?
Upon opening of the file, it fools users into thinking that an error has just occurred and that they need to double click the embedded file to load the original document.

http://blog.trendmicro.com/

Collapse -
Exploit code surfaces for CA vulnerability
by Marianna Schmudlach / April 2, 2007 3:34 PM PDT

Successful exploit could offer system-level access

Shaun Nichols in California, vnunet.com 02 Apr 2007

Companies that use Computer Associates storage software are being warned to update their systems after exploit code surfaced for a recently-patched vulnerability.

The US Computer Emergency Response Team (US-Cert) reported that exploit code has been posted for a vulnerability in the CA Brightstor ARCserve Backup Media application. The exploit targets the 'mediasvr' component in the software.

SecurityFocus said that the vulnerability is known to exist in at least nine of CA's server security and backup applications.

Users can mitigate the vulnerability by installing a vendor patch released in January, according to SecurityFocus.

More: http://www.vnunet.com/vnunet/news/2186940/ca-becomes-newest-attack-target

Popular Forums

icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

FALL TV PREMIERES

Your favorite shows are back!

Don’t miss your dramas, sitcoms and reality shows. Find out when and where they’re airing!