HolidayBuyer's Guide

Spyware, Viruses, & Security forum

General discussion

VULNERABILITIES \ FIXES - April 24, 2008

by Marianna Schmudlach / April 24, 2008 12:32 AM PDT

Drupal Internationalization and Localizer Cross-Site Scripting and Request Forgery

Secunia Advisory: SA29961
Release Date: 2008-04-24


Critical:
Less critical
Impact: Cross Site Scripting

Where: From remote

Solution Status: Vendor Patch


Software: Drupal Internationalization Module 5.x
Drupal Localizer Module 5.x

Description:
Some vulnerabilities have been reported in the Internationalization and Localizer modules for Drupal, which can be exploited by malicious people to conduct cross-site scripting and request forgery attacks.

Solution:
Internationalization 5.x-2.x:
Update to Internationalization 5.x-2.3

Internationalization 5.x-1.x:
Update to Internationalization 5.x-1.1

Localizer 5.x-3.x:
Update to Localizer 5.x-3.4

Localizer 5.x-2.x:
Update to Localizer 5.x-2.1

Localizer 5.x-1.x:
Update to Localizer 5.x-1.11

Provided and/or discovered by:
St

Discussion is locked
You are posting a reply to: VULNERABILITIES \ FIXES - April 24, 2008
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: VULNERABILITIES \ FIXES - April 24, 2008
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Drupal E-Publish Module Cross-Site Scripting and Request For
by Marianna Schmudlach / April 24, 2008 12:33 AM PDT

Drupal E-Publish Module Cross-Site Scripting and Request Forgery

Secunia Advisory: SA29960
Release Date: 2008-04-24


Critical:
Less critical
Impact: Cross Site Scripting

Where: From remote

Solution Status: Vendor Patch


Software: Drupal E-Publish Module 5.x

Description:
Some vulnerabilities have been reported in the E-Publish module for Drupal, which can be exploited by malicious people to conduct cross-site scripting and cross-site request forgery attacks.

Solution:
Update to version 5.x-1.1.

Provided and/or discovered by:
St

Collapse -
Realtek HD Audio Codec Driver Vulnerabilities
by Marianna Schmudlach / April 24, 2008 12:34 AM PDT

Secunia Advisory: SA29953
Release Date: 2008-04-24


Critical:
Less critical
Impact: Manipulation of data
Exposure of system information
Exposure of sensitive information
Privilege escalation

Where: Local system

Solution Status: Vendor Patch


Software: Realtek HD Audio Codec Driver 6.x

Description:
Ruben Santamarta has reported some vulnerabilities in Realtek HD Audio Codec drivers, which can be exploited by malicious, local users to disclose certain information, manipulate certain data, or gain escalated privileges.

The vulnerabilities are caused due to input validation errors when handling certain IOCTL requests and can be exploited to create, read, or write arbitrary registry keys or to execute arbitrary code with kernel privileges.

The vulnerabilities are reported in RTKVHDA.sys and RTKVHDA64.sys versions prior to 6.0.1.5605.

Solution:
Update to the latest versions.

Provided and/or discovered by:
Ruben Santamarta, Wintercore

Original Advisory:
http://www.wintercore.com/advisories/advisory_W010408.html

Collapse -
Drupal Ubercart Module Script Insertion Vulnerability
by Marianna Schmudlach / April 24, 2008 12:35 AM PDT

Secunia Advisory: SA29950
Release Date: 2008-04-24


Critical:
Less critical
Impact: Cross Site Scripting

Where: From remote

Solution Status: Vendor Patch


Software: Drupal Ubercart Module 5.x

Description:
A vulnerability has been reported in the Ubercart module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.

Input passed when editing certain unspecified product features is not properly sanitised before being stored. This can be exploited to insert arbitrary HTML and script code, which is executed in e.g. an administrator's browser session in context of an affected site when the malicious data is viewed.

The vulnerability is reported in version 5.x prior to 5.x-1.0-rc3.

Solution:
Update to version 5.x-1.0-rc3.

Provided and/or discovered by:
Drupal security team

Original Advisory:
http://drupal.org/node/250343

Collapse -
Advanced Electron Forum "beg" Cross-Site Scripting
by Marianna Schmudlach / April 24, 2008 12:36 AM PDT

Secunia Advisory: SA29923
Release Date: 2008-04-24


Critical:
Less critical
Impact: Cross Site Scripting

Where: From remote

Solution Status: Unpatched


Software: Advanced Electron Forum (AEF) 1.x

Description:
ZoRLu has discovered a vulnerability in Advanced Electron Forum (AEF), which can be exploited by malicious people to conduct cross-site scripting attacks.

Input passed to the "beg" parameter in index.php (when "act" is set to "members") is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

Successful exploitation requires that the target user has valid user credentials.

The vulnerability is confirmed in version 1.0.6. Other versions may also be affected.

Solution:
Edit the source code to ensure that input is properly sanitised.

Provided and/or discovered by:
ZoRLu

Collapse -
Flip4Mac WMV Processing Unspecified Vulnerability
by Marianna Schmudlach / April 24, 2008 12:37 AM PDT

Secunia Advisory: SA29922
Release Date: 2008-04-24


Critical:
Moderately critical
Impact: DoS
System access

Where: From remote

Solution Status: Vendor Patch


Software: Flip4Mac Windows Media Components for QuickTime 2.x



Description:
A vulnerability has been reported in Flip4Mac, which can potentially be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to an unspecified error and can be exploited via a specially crafted WMV file.

Successful exploitation potentially allows execution of arbitrary code.

The vulnerability is reported in versions prior to 2.2.0.49.

Solution:
Update to version 2.2.0.49

Provided and/or discovered by:
The vendor credits Drew Yao.

Original Advisory:
http://www.flip4mac.com/downloads/wmv_components/rel_Flip4mac_WMV_2.2.0.49.pdf

Collapse -
Kronolith "addevent.php" Cross-Site Scripting Vulnerability
by Marianna Schmudlach / April 24, 2008 12:38 AM PDT

Secunia Advisory: SA29920
Release Date: 2008-04-24


Critical:
Less critical
Impact: Cross Site Scripting

Where: From remote

Solution Status: Unpatched


Software: Kronolith 2.x (Horde module)

Description:
Aria-Security Team has discovered a vulnerability in Kronolith, which can be exploited by malicious people to conduct cross-site scripting attacks.

Input passed to the "url" parameter in addevent.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

The vulnerability is confirmed in version 2.1.7. Other versions may also be affected.

Solution:
Edit the source code to ensure that input is properly sanitised.

Provided and/or discovered by:
Aria-Security Team

Original Advisory:
http://forum.aria-security.com/showthread.php?t=49

Collapse -
E-RESERV "ID_loc" SQL Injection
by Marianna Schmudlach / April 24, 2008 12:40 AM PDT

Secunia Advisory: SA29914
Release Date: 2008-04-24


Critical:
Moderately critical
Impact: Manipulation of data

Where: From remote

Solution Status: Unpatched


Software: E-RESERV 2.x

Description:
JIKI Team has reported a vulnerability in E-RESERV, which can be exploited by malicious people to conduct SQL injection attacks.

Input passed to the "ID_loc" parameter in index.php is not properly sanitised before being used in an SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

The vulnerability is reported in version 2.1. Other versions may also be affected.

Solution:
Edit the source code to ensure that input is properly sanitised.

Provided and/or discovered by:
JIKI Team

Original Advisory:
http://milw0rm.com/exploits/5487

Collapse -
Debian update for iceweasel
by Marianna Schmudlach / April 24, 2008 12:41 AM PDT

Secunia Advisory: SA29911
Release Date: 2008-04-24


Critical:
Highly critical
Impact: DoS
System access

Where: From remote

Solution Status: Vendor Patch


OS: Debian GNU/Linux 4.0
Debian GNU/Linux unstable alias sid

Description:
Debian has issued an update for iceweasel. This fixes a vulnerability, which can potentially be exploited by malicious people to compromise a user's system.

Solution:
Apply updated packages.

Original Advisory:
http://lists.debian.org/debian-security-announce/2008/msg00126.html

Other References:
SA29787:
http://secunia.com/advisories/29787/

Collapse -
Gentoo update for openfire
by Marianna Schmudlach / April 24, 2008 12:42 AM PDT

Secunia Advisory: SA29901
Release Date: 2008-04-24


Critical:
Moderately critical
Impact: DoS

Where: From remote

Solution Status: Vendor Patch


OS: Gentoo Linux 1.x

Description:
Gentoo has issued an update for openfire. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

Solution:
Update to "net-im/openfire-3.5.0" or later.

Original Advisory:
http://www.gentoo.org/security/en/glsa/glsa-200804-26.xml

Other References:
SA29751:
http://secunia.com/advisories/29751/

Collapse -
Safari Address Bar URL Spoofing Security Issue
by Marianna Schmudlach / April 24, 2008 12:44 AM PDT

Secunia Advisory: SA29900
Release Date: 2008-04-24


Critical:
Less critical
Impact: Spoofing

Where: From remote

Solution Status: Unpatched


Software: Safari 3.x
Safari for Windows 3.x

Description:
Juan Pablo Lopez Yacubian has discovered a security issue in Safari, which can be exploited by malicious people to display a fake URL in the address bar.

The problem is that it is possible to hide the actual location of a page in the address bar via a specially crafted URL containing a number of certain special characters in the "user" field before the "@" character.

The security issue is confirmed in version 3.1.1 on Mac OS X and Vista. Other versions may also be affected.

Solution:
Do not browse untrusted websites or follow untrusted links.

Provided and/or discovered by:
Juan Pablo Lopez Yacubian

Original Advisory:
http://es.geocities.com/jplopezy/pruebasafari3.html

Collapse -
CA Secure Content Manager eCSqdmn Denial of Service Vulnerab
by Marianna Schmudlach / April 24, 2008 12:45 AM PDT

Secunia Advisory: SA29895
Release Date: 2008-04-24


Critical:
Less critical
Impact: DoS

Where: From local network

Solution Status: Unpatched


Software: eTrust Secure Content Manager (SCM)



Description:
Luigi Auriemma has reported two vulnerabilities in CA Secure Content Manager, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerabilities are caused due to input validation errors within the eTrust Common Services (Transport) Daemon (eCSqdmn). These can be exploited to cause the service to crash or to consume large amounts of CPU resources via specially crafted packets sent to default port 1882/TCP.

The vulnerabilities are reported in eCSqdmn version 8.0.28000.511. Other versions may also be affected.

Solution:
Restrict network access to the service.

Provided and/or discovered by:
Luigi Auriemma

Original Advisory:
http://aluigi.altervista.org/adv/ecsqdamn-adv.txt

Collapse -
CA ARCserve Backup Discovery Service Denial of Service
by Marianna Schmudlach / April 24, 2008 12:46 AM PDT

Secunia Advisory: SA29855
Release Date: 2008-04-24


Critical:
Less critical
Impact: DoS

Where: From local network

Solution Status: Unpatched


Software: CA ARCserve Backup 12.x

Description:
Luigi Auriemma has reported a vulnerability in CA ARCserve Backup, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to an input validation error in the Discovery Service and can be exploited to crash the service by sending a specially crafted packet to port 41523/TCP.

The vulnerability is reported in version 12.0.5454.0. Other versions may also be affected.

Solution:
Restrict network access to the affected service.

Provided and/or discovered by:
Luigi Auriemma

Original Advisory:
http://aluigi.altervista.org/adv/carcbackazz-adv.txt

Collapse -
Gentoo update for vlc
by Marianna Schmudlach / April 24, 2008 12:48 AM PDT

Secunia Advisory: SA29800
Release Date: 2008-04-24


Critical:
Highly critical
Impact: System access

Where: From remote

Solution Status: Vendor Patch


OS: Gentoo Linux 1.x

Description:
Gentoo has issued an update for vlc. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system.

Solution:
Update to "media-video/vlc-0.8.6f" or later.

Original Advisory:
http://www.gentoo.org/security/en/glsa/glsa-200804-25.xml

Other References:
SA28233:
http://secunia.com/advisories/28233/

SA29503:
http://secunia.com/advisories/29503/

Collapse -
Vulnerability in Foxit PDF Reader
by Marianna Schmudlach / April 24, 2008 12:50 AM PDT

Javier Vicente Vallejo has discovered vulnerabilities in Foxit Reader, and alternative PDF reader for Windows that could enable attackers to smuggle in and execute harmful code. Users of the software need only open a manipulated PDF file to suffer damage.

According to Vallejo's vulnerability reports, Foxit Reader 2.2 malfunctions while parsing manipulated PDF files that contain a /Font folder in an /ExtGState structure. Vallejo says manipulated /XObject resources in a PDF file can also cause interposed code to be executed if, for example, they are rotated using a /Rotate field in the PDF.

Foxit Software has not yet published an updated version to plug the security hole. For the time being, users of Foxit Reader 2.2 and older versions should therefore avoid PDF files from non-trustworthy sources, or else switch over to external Adobe Reader.

http://www.heise-online.co.uk/security/Vulnerability-in-Foxit-PDF-Reader--/news/110602

Collapse -
Mass SQL injection
by Marianna Schmudlach / April 24, 2008 12:52 AM PDT

There's another round of mass SQL injections going on which has infected hundreds of thousands of websites.

Performing a Google search results in over 510,000 modified pages.


More: http://www.f-secure.com/weblog/

Popular Forums
icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

The Samsung RF23M8090SG

One of the best French door fridges we've tested

A good-looking fridge with useful features like an auto-filling water pitcher and a temperature-adjustable "FlexZone" drawer. It was a near-flawless performer in our cooling tests.