Spyware, Viruses, & Security forum

General discussion

VULNERABILITIES \ FIXES - April 2, 2009

by Marianna Schmudlach / April 2, 2009 12:03 AM PDT

Atlassian JIRA Charting Plugin Cross-Site Scripting Vulnerability

Release Date: 2009-04-02

Critical:
Less critical
Impact: Cross Site Scripting
Where: From remote
Solution Status: Vendor Patch

Software: Atlassian JIRA Charting Plugin 1.x

Description:
A vulnerability has been reported in the Charting plugin for Atlassian JIRA, which can be exploited by malicious people to conduct cross-site scripting attacks.

Certain unspecified input passed to the "view actions" functionality is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

The vulnerability is reported in versions prior to 1.4.1.

http://secunia.com/advisories/34569/

Discussion is locked
You are posting a reply to: VULNERABILITIES \ FIXES - April 2, 2009
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: VULNERABILITIES \ FIXES - April 2, 2009
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
XOOPS Cube Legacy Cross-Site Scripting Vulnerabilities
by Marianna Schmudlach / April 2, 2009 12:04 AM PDT

Release Date: 2009-04-02

Critical:
Less critical
Impact: Cross Site Scripting
Where: From remote
Solution Status: Vendor Patch

Software: XOOPS Cube Legacy 2.x

Description:
Some vulnerabilities have been reported in XOOPS Cube Legacy, which can be exploited by malicious people to conduct cross-site scripting attacks.

http://secunia.com/advisories/34565/

Collapse -
Atlassian JIRA Two Vulnerabilities
by Marianna Schmudlach / April 2, 2009 12:05 AM PDT

Release Date: 2009-04-02

Critical:
Less critical
Impact: Cross Site Scripting
Where: From remote
Solution Status: Vendor Patch

Software: Atlassian JIRA Enterprise Edition 3.x

Description:
Some vulnerabilities have been reported in Atlassian JIRA, which can be exploited by malicious people to conduct HTTP header injection and cross-site scripting attacks.


http://secunia.com/advisories/34556/

Collapse -
pam_ssh Password Prompt User Enumeration Security Issue
by Marianna Schmudlach / April 2, 2009 12:06 AM PDT

Release Date: 2009-04-02

Critical:
Not critical
Impact: Exposure of sensitive information
Where: From remote
Solution Status: Unpatched

Software: pam_ssh 1.x


Description:
A security issue has been reported in pam_ssh, which can be exploited by malicious people to disclose potentially sensitive information.

The security issue is caused due to pam_ssh returning different password prompts depending on whether or not a valid user name is supplied, which can be exploited to enumerate valid user names.

The security issue is reported in version 1.92. Other versions may also be affected.

http://secunia.com/advisories/34536/

Collapse -
Nokia Siemens Flexi ISN Security Bypass Vulnerability
by Marianna Schmudlach / April 2, 2009 12:07 AM PDT

Release Date: 2009-04-02

Critical:
Less critical
Impact: Security Bypass
Where: From local network
Solution Status: Unpatched

OS: Nokia Siemens Flexi ISN 3.x

Description:
TaMBarUS has reported a vulnerability in Nokia Siemens Flexi ISN, which can be exploited by malicious people to bypass certain security restrictions.

The vulnerability is caused due the web interface allowing unrestricted access to the "cgi-bin/aaa.tcl", "cgi-bin/aggr_config.tcl", "opt/cgi-bin/ggsn/cgi.tcl", and "opt/cgi-bin/services.tcl" scripts. This can be exploited to bypass authentication and modify various configuration settings by directly accessing the affected scripts.

The vulnerability is reported in version 3.1. Other versions may also be affected.

http://secunia.com/advisories/34535/

Collapse -
Ghostscript "pdf_base_font_alloc()" Buffer Overflow
by Marianna Schmudlach / April 2, 2009 12:08 AM PDT

Release Date: 2009-04-02

Critical:
Moderately critical
Impact: System access
Where: From remote
Solution Status: Vendor Patch

Software: Ghostscript 8.x

Description:
A vulnerability has been reported in Ghostscript, which can be exploited by malicious people to potentially compromise a user's system.

The vulnerability is caused due to a boundary error in the "pdf_base_font_alloc()" function in src/gdevpdtb.c. This can be exploited to cause a stack-based buffer overflow by tricking a user into converting a specially crafted Postscript file to PDF.

Successful exploitation may allow execution of arbitrary code.

http://secunia.com/advisories/34534/

Collapse -
MyioSoft Ajax Portal "page" SQL Injection Vulnerability
by Marianna Schmudlach / April 2, 2009 12:09 AM PDT

Release Date: 2009-04-02

Critical:
Moderately critical
Impact: Manipulation of data
Where: From remote
Solution Status: Vendor Patch

Software: MyioSoft Ajax Portal 3.x

Description:
A vulnerability has been reported in MyioSoft Ajax Portal, which can be exploited by malicious people to conduct SQL injection attacks.

Input passed to the "page" parameter in ajaxp_backend.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

The vulnerability is reported in version 3.0. Other versions may also be affected.

http://secunia.com/advisories/34529/

Collapse -
OpenX Multiple Vulnerabilities
by Marianna Schmudlach / April 2, 2009 12:10 AM PDT

Release Date: 2009-04-02

Critical:
Moderately critical
Impact: Cross Site Scripting
Manipulation of data
Where: From remote
Solution Status: Vendor Patch

Software: OpenX (formerly Openads and phpAdsNew) 2.x


Description:
Some vulnerabilities have been reported in OpenX, which can be exploited by malicious people to conduct cross-site scripting or SQL injection attacks, and to manipulate certain data.

http://secunia.com/advisories/34507/

Collapse -
HP-UX update for OpenSSL
by Marianna Schmudlach / April 2, 2009 12:11 AM PDT

Release Date: 2009-04-02

Critical:
Moderately critical
Impact: Spoofing
Where: From remote
Solution Status: Vendor Patch

OS: HP-UX 11.x

Description:
HP has issued an update for OpenSSL. This fixes a vulnerability, which can be exploited by malicious people to conduct spoofing attacks.

http://secunia.com/advisories/34211/

Collapse -
Ingate patches holes in firewall firmware
by Marianna Schmudlach / April 2, 2009 12:15 AM PDT

2 April 2009

Ingate has released a firmware update (to version 4.7.1) for its firewall and SIParator products, which includes several major fixes. These include issues such as crafted packets provoking system crashes and ways to bypass certain security features.

Since mid-2008 a number of known errors have existed in SNMPv3 protocol authentication, which according to the release notes are now fixed. The update also contains many enhancements and Ingate recommends that all users upgrade to the new release.

More: http://www.h-online.com/security/Ingate-patches-holes-in-firewall-firmware--/news/112986

Collapse -
Security update for image tool UltraISO
by Marianna Schmudlach / April 2, 2009 12:16 AM PDT

2 April 2009

Three vulnerabilities have been fixed in the 9.3.3.2685 release of UltraISO that could have allowed an attacker to compromise a users system. UltraISO from EZB Systems is a tool to create, edit and convert CD and DVD ISO image files.

According to the security service provider Secunia, vulnerabilities in the parsing of CIF, C2D and GI files can be exploited in previous versions of UltraISO to cause a buffer overflow that could allow for the execution of malicious code. In order for an attack to be successful, the attacker must first convince the user to open one of the specially crafted files on their system.

More: http://www.h-online.com/security/Security-update-for-image-tool-UltraISO--/news/112985

Collapse -
VMWare ESX Server patches
by Marianna Schmudlach / April 2, 2009 12:17 AM PDT

2 April 2009

VMWare has released security updates for the ESX Server service console, which close security vulnerabilities in OpenSSL, BIND and vim. The SSL error can be exploited to allow a forged certificate to skip validation checks, while the BIND error allowed a malicious zone to present a malformed DSA certificate and also bypass proper certificate validation.

Patches are available for ESX version 3.0.2 and 3.0.3 and links can be found in the original advisory. According to the manufacturer, patches for version 3.5 and 2.5.5 are still in the works.

More: http://www.h-online.com/security/VMWare-ESX-Server-patches--/news/112988

Collapse -
OpenSSL 1.0.0 beta1 published
by Marianna Schmudlach / April 2, 2009 12:18 AM PDT

2 April 2009

Although the version number and date might suggest this was an April Fool's joke, it is not. The OpenSSL developers have released version 1.0.0 (beta1) and are looking for users to test it. After more than ten years, this is the first release to have a number 1 at the start of the version number. The developers have in the past been very conservative with their version numbers resulting for example, in recent versions 0.9.8i and 0.9.8k.

The list of modifications and enhancements is, at first sight, extensive, but not ground breaking. For example, it is no longer necessary at the command line to indicate whether a registered algorithm acts as a cipher or a digest; it is sufficient to say just openssl sha256 example.txt.

The OpenSSL developers tend to prioritise stability and reliability which is probably why OpenSSL is the world's most widely used implementation of SSL/TLS protocol. It offers a number of cryptographic functions and methods for certificate management ? even the Conficker C worm uses encryption functions from the OpenSSL library.

More: http://www.h-online.com/security/OpenSSL-1-0-0-beta1-published--/news/112990

Collapse -
JavaScript insertion and log deletion attack tools
by Marianna Schmudlach / April 2, 2009 12:23 AM PDT

Published: 2009-04-02,
Last Updated: 2009-04-02 00:39:28 UTC
by Bojan Zdrnja (Version: 1)

The main goal of attackers was to inject malicious JavaScript tags pointing to their own servers, which then served malware to all visitors of the compromised web page. When successful, the attackers used ARP poisoning in order to virtually attack all other servers in the local network.

However, in cases where they couldn?t do this (for one reason or the other), they used a very simple file injection named JS.exe, which you can see disassembled below:

More: http://isc.sans.org/?utm_source=web-sans&utm_medium=text-ad&utm_content=Featured_Links_Homepage_ISC_feat_links_homepage&utm_campaign=ISC

Collapse -
Microsoft's latest open-source release catches a wrinkle
by Marianna Schmudlach / April 2, 2009 9:21 AM PDT

.NET architecture pattern goes wild

By Gavin Clarke in San Francisco

2nd April 2009

Microsoft has published its .NET architectural pattern under an OSI-approved open-source license to a mixed reception.

The company's ASP.NET Model View Controller (MVC), released at Mix 09 just last month, has been published under the Microsoft Public License (MS-PL).

ASP.NET author and vice president of the .NET development platform Scott Guthrie blogged about it here.

More: http://www.theregister.co.uk/2009/04/02/microsoft_asp_open_source/

Collapse -
Microsoft Security Advisory (969136)
by Marianna Schmudlach / April 2, 2009 11:12 AM PDT

Vulnerability in Microsoft Office PowerPoint Could Allow Remote Code Execution
Published: April 2, 2009

Version: 1.0

Microsoft is investigating new reports of a vulnerability in Microsoft Office PowerPoint that could allow remote code execution if a user opens a specially crafted PowerPoint file. At this time, we are aware only of limited and targeted attacks that attempt to use this vulnerability.

We are actively working with partners in our Microsoft Active Protections Program (MAPP) and our Microsoft Security Response Alliance (MSRA) program to provide information that they can use to provide broader protections to customers.

Microsoft will take the appropriate action to protect our customers, which may include providing a solution through our monthly security update release process, or an out-of-cycle security update, depending on customer needs.

Customers in the U.S. and Canada who believe they are affected can receive technical support from Security Support or 1-866-PCSAFETY. There is no charge for support calls that are associated with security updates. For more information about available support options, see Microsoft Help and Support.

More: http://www.microsoft.com/technet/security/advisory/969136.mspx

Popular Forums
icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

CNET FORUMS TOP DISCUSSION

Help, my PC with Windows 10 won't shut down properly

Since upgrading to Windows 10 my computer won't shut down properly. I use the menu button shutdown and the screen goes blank, but the system does not fully shut down. The only way to get it to shut down is to hold the physical power button down till it shuts down. Any suggestions?