Spyware, Viruses, & Security forum

General discussion

VULNERABILITIES \ FIXES - December 16, 2008

New Facebook cross-site scripting vulnerabilities

Published: 2008-12-16,
Last Updated: 2008-12-16 02:02:33 UTC
by Toby Kohlenberg

From XXSed (http://www.xssed.com/news/80/New_highly_critical_Facebook_XSS_vulnerabilities_pose_serious_privacy_risks/) -

"Security researchers Zeitjak, David Wharton, Daimon and p3lo, have recently discovered XSS flaws that affect several Facebook functionalities including the developers page, new users registration page, iphone login page and applications page."

PoC links are on XXSed for anyone who is curious.

http://isc.sans.org/

Discussion is locked
You are posting a reply to: VULNERABILITIES \ FIXES - December 16, 2008
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: VULNERABILITIES \ FIXES - December 16, 2008
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Apple Releases OSX 10.5.6/Security update 2008-008

In reply to: VULNERABILITIES \ FIXES - December 16, 2008

Last Updated: 2008-12-15 18:25:13 UTC
by Toby Kohlenberg

Apple's released an update for OSX, you can now download 10.5.6 through the Software Update app.

It patches a large number of vulns, here are just the CVEs:

More: http://isc.sans.org/diary.html?storyid=5488

Collapse -
Apple Mac OS X Security Update Fixes Multiple Vulnerabilitie

In reply to: Apple Releases OSX 10.5.6/Security update 2008-008

Release Date: 2008-12-16

Critical:
Highly critical
Impact: Security Bypass
Cross Site Scripting
Manipulation of data
Exposure of sensitive information
Privilege escalation
DoS
System access

Where: From remote
Solution Status: Vendor Patch


OS: Apple Macintosh OS X

Description:
Apple has issued a security update for Mac OS X, which fixes multiple vulnerabilities.

Solution:
Update to Mac OS X 10.5.6 or apply Apple Security Update 2008-008.
http://www.apple.com/support/downloads/

Provided and/or discovered by:
1) The vendor credits Michael Samarin and Mikko Vihonen, Futurice Ltd
2, 3, Cool Reported by the vendor.
5) The vendor credits Richard Vaneeden, IOActive, Inc
6) The vendor credits Ben Loer, Princeton University
9) The vendor credits John Barnes of ESRI and Trevor Lalish-Menagh of Tamman Technologies, Inc
10) The vendor credits Alex Rosenberg of Ohmantics and Gary Teter of Paizo Publishing
12) The vendor credits Mauro Notarianni of PCAX Solutions

Original Advisory:
http://support.apple.com/kb/HT3338

Other References:
SA32270:
http://secunia.com/advisories/32270/

Collapse -
New MS SQL Server vulnerability

In reply to: VULNERABILITIES \ FIXES - December 16, 2008

Published: 2008-12-15,
Last Updated: 2008-12-16 01:21:55 UTC
by Toby Kohlenberg

A slightly belated entry to make sure everyone is aware that last week we saw a new vulnerability announced for MS SQL Server 2000, 2005 & 2005 Express Edition by Bernhard Mueller from SEC Consult. Here is the original announcement: http://www.sec-consult.com/files/20081209_mssql-sp_replwritetovarbin_memwrite.txt

The above link does include a simple test script (not a full PoC) for the vulnerability.

More: http://isc.sans.org/diary.html?storyid=5485

Collapse -
SUSE update for clamav

In reply to: VULNERABILITIES \ FIXES - December 16, 2008

Release Date: 2008-12-16

Critical:
Moderately critical
Impact: DoS

Where: From remote
Solution Status: Vendor Patch


OS: openSUSE 10.3
openSUSE 11.0
SUSE Linux Enterprise Server 10
SUSE Linux Enterprise Server 9

Description:
SUSE has issued an update for clamav. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

Description:
SUSE has issued an update for clamav. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

For more information:
SA32926

Solution:
Apply updated packages via YaST Online Update or the SUSE FTP server.

Original Advisory:
SUSE-SR:2008:028:
http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00003.html

Other References:
SA32926:
http://secunia.com/advisories/32926/

Collapse -
SUSE update for IBM Java

In reply to: VULNERABILITIES \ FIXES - December 16, 2008

Release Date: 2008-12-16

Critical:
Moderately critical
Impact: Security Bypass
Exposure of system information
Exposure of sensitive information

Where: From remote
Solution Status: Vendor Patch


OS: SUSE Linux Enterprise Server 10
SUSE Linux Enterprise Server 9

Description:
SUSE has issued an update for IBM Java. This fixes some vulnerabilities, which can be exploited by malicious people to disclose system and potentially sensitive information and bypass certain security restrictions.

Solution:
Apply updated packages via YaST Online Update or the SUSE FTP server.

Original Advisory:
SUSE-SR:2008:028:
http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00003.html

Other References:
SA31010:
http://secunia.com/advisories/31010/

Collapse -
Hitachi JP1/Integrated Management Script Insertion Vulnerabi

In reply to: VULNERABILITIES \ FIXES - December 16, 2008

Release Date: 2008-12-16

Critical:
Moderately critical
Impact: Cross Site Scripting

Where: From remote
Solution Status: Vendor Patch


Software: Hitachi JP1/Integrated Management (IM)

Description:
A vulnerability has been reported in Hitachi JP1/Integrated Management, which can be exploited by malicious people to conduct script insertion attacks.

Input passed via unspecified parameters in JP1/Integrated Management - Service Support is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is viewed.

The vulnerability is reported in the following versions of JP1/Integrated Management - Service Support for Windows:
* 08-10 to 08-10-05
* 08-11 to 08-11-03
* 08-50 to 08-50-03

Solution:
Fixed in version 08-10-06, 08-11-04, 08-50-04, and 08-51 (please contact the Hitachi support for more information).

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
http://www.hitachi.co.jp/Prod/comp/so...ecurity/info/vuls/HS08-023/index.html

Collapse -
Avaya CMS Sun Java JDK / JRE Multiple Vulnerabilities

In reply to: VULNERABILITIES \ FIXES - December 16, 2008

Release Date: 2008-12-16

Critical:
Moderately critical
Impact: Security Bypass
System access

Where: From remote
Solution Status: Unpatched


OS: Avaya Call Management System (CMS)

Description:
Avaya has acknowledged some vulnerabilities in Avaya CMS, which can be exploited by malicious people to bypass certain security restrictions or compromise a vulnerable system.

Solution:
The vendor recommends that local and network access to the affected systems be restricted until an update is available.

Original Advisory:
http://support.avaya.com/elmodocs2/security/ASA-2008-484.htm
http://support.avaya.com/elmodocs2/security/ASA-2008-485.htm

Other References:
SA32991:
http://secunia.com/advisories/32991/

Collapse -
phplist Unspecified Local File Inclusion Vulnerability

In reply to: VULNERABILITIES \ FIXES - December 16, 2008

Release Date: 2008-12-16

Critical:
Moderately critical
Impact: Exposure of system information
Exposure of sensitive information

Where: From remote
Solution Status: Vendor Patch


Software: phplist 2.x

Description:
A vulnerability has been reported in phplist, which can be exploited by malicious people to disclose sensitive information.

Certain unspecified input is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources.

The vulnerability is reported in versions prior to 2.10.8.

Solution:
Update to version 2.10.8.

Provided and/or discovered by:
The vendor credits Paul Myatt.

Original Advisory:
http://www.phplist.com/?lid=273

Collapse -
Realtek Media Player Playlist Processing Buffer Overflow

In reply to: VULNERABILITIES \ FIXES - December 16, 2008

Release Date: 2008-12-16

Critical:
Highly critical
Impact: System access

Where: From remote
Solution Status: Unpatched


Software: Realtek Media Player (RtlRack) 1.x

Description:
shinnai has discovered a vulnerability in Realtek Media Player (RtlRack), which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to a boundary error in the processing of playlist files. This can be exploited to cause a stack-based buffer overflow by tricking the user into loading an overly large playlist.

Successful exploitation allows execution of arbitrary code.

The vulnerability is confirmed in rtlrack.exe version 1.15.0.0. Other versions may also be affected.

Solution:
Do not load untrusted playlist (".pla") files using the application.

Provided and/or discovered by:
shinnai

Original Advisory:
http://www.shinnai.net/xplits/TXT_n7dMz2jBQsDJFtplslYw.html

Collapse -
Red Hat update for kernel

In reply to: VULNERABILITIES \ FIXES - December 16, 2008

Release Date: 2008-12-16

Critical:
Less critical
Impact: Security Bypass
Privilege escalation

Where: Local system
Solution Status: Vendor Patch


OS: Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux Desktop (v. 5 client)

Description:
Red Hat has issued an update for the kernel. This fixes a weakness and a vulnerability, which can be exploited by malicious, local users to bypass certain security restrictions and potentially gain escalated privileges.

Solution:
Updated packages are available via Red Hat Network.
http://rhn.redhat.com

Original Advisory:
RHSA-2008-1017:
https://rhn.redhat.com/errata/RHSA-2008-1017.html

Other References:
SA32320:
http://secunia.com/advisories/32320/

Collapse -
Debian update for linux-2.6

In reply to: VULNERABILITIES \ FIXES - December 16, 2008

Release Date: 2008-12-16

Critical:
Less critical
Impact: Security Bypass
DoS

Where: From remote
Solution Status: Vendor Patch


OS: Debian GNU/Linux 4.0

Description:
Debian has issued an update for linux-2.6. This fixes a weakness and some vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions and cause a DoS (Denial of Service), and by malicious people to cause a DoS.

Solution:
Apply updated packages.

Original Advisory:
DSA-1687-1:
http://lists.debian.org/debian-security-announce/2008/msg00279.html

Other References:
SA32320:
http://secunia.com/advisories/32320/

SA32510:
http://secunia.com/advisories/32510/

SA32719:
http://secunia.com/advisories/32719/

SA32913:
http://secunia.com/advisories/32913/

Collapse -
Red Hat update for enscript

In reply to: VULNERABILITIES \ FIXES - December 16, 2008

Release Date: 2008-12-16

Critical:
Moderately critical
Impact: System access

Where: From remote
Solution Status: Vendor Patch


OS: RedHat Enterprise Linux AS 2.1
RedHat Enterprise Linux AS 3
RedHat Enterprise Linux AS 4
RedHat Enterprise Linux ES 2.1
RedHat Enterprise Linux ES 3
RedHat Enterprise Linux ES 4
RedHat Enterprise Linux WS 2.1
RedHat Enterprise Linux WS 3
RedHat Enterprise Linux WS 4
RedHat Linux Advanced Workstation 2.1 for Itanium

Description:
Red Hat has issued an update for enscript. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a vulnerable system.

Additionally, this fixes boundary errors within the "recognize_eps_file()" function in src/psgen.c and "tilde_subst()" function in src/util.c.

Solution:
Updated packages are available via Red Hat Network.
http://rhn.redhat.com

Original Advisory:
RHSA-2008-1021:
https://rhn.redhat.com/errata/RHSA-2008-1021.html

Other References:
SA32137:
http://secunia.com/advisories/32137/

Collapse -
FlatnuX CMS Multiple Cross-Site Scripting Vulnerabilities

In reply to: VULNERABILITIES \ FIXES - December 16, 2008

Release Date: 2008-12-16

Critical:
Less critical
Impact: Cross Site Scripting

Where: From remote
Solution Status: Unpatched


Software: FlatnuX CMS

Description:
gmda has discovered some vulnerabilities in FlatnuX CMS, which can be exploited by malicious people to conduct cross-site scripting attacks.

Solution:
Edit the source code to ensure that input is properly sanitised.

Provided and/or discovered by:
gmda

Original Advisory:
http://milw0rm.com/exploits/7461

Collapse -
BabbleBoard Cross-Site Request Forgery Vulnerability

In reply to: VULNERABILITIES \ FIXES - December 16, 2008

Release Date: 2008-12-16

Critical:
Less critical
Impact: Cross Site Scripting

Where: From remote
Solution Status: Unpatched


Software: BabbleBoard 1.x

Description:
SirGod has discovered a vulnerability in BabbleBoard, which can be exploited by malicious people to conduct cross-site request forgery attacks.

The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain administrative tasks (e.g. delete categories and user groups, and ban and delete users) by tricking a user with the necessary privileges to perform these tasks into visiting a malicious web site.

This vulnerability is confirmed in version 1.1.6. Other versions may also be affected.

Solution:
Do not visit untrusted sites or follow untrusted links while being logged in to the application.

Provided and/or discovered by:
SirGod

Original Advisory:
http://milw0rm.com/exploits/7475

Collapse -
Barracuda Products Cross-Site Scripting Vulnerabilities

In reply to: VULNERABILITIES \ FIXES - December 16, 2008

Release Date: 2008-12-16

Critical:
Less critical
Impact: Cross Site Scripting

Where: From remote
Solution Status: Vendor Patch


OS: Barracuda IM Firewall
Barracuda Load Balancer
Barracuda Message Archiver
Barracuda Spam Firewall
Barracuda Web Filter

Description:
Dr. Marian Ventuneac has reported some vulnerabilities in various Barracuda products, which can be exploited by malicious people to conduct cross-site scripting attacks.

Input passed to various parameters is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

The vulnerabilities are reported in the following products and versions:
* Barracuda Message Archiver Release 1.1.0.010 (2008-02-15) and earlier
* Barracuda Spam Firewall Release 3.5.11.020 (2008-02-26) and earlier
* Barracuda Web Filter Release 3.3.0.038 (2008-02-19) and earlier
* Barracuda IM Firewall Release 3.0.01.008 (2008-02-05) and earlier
* Barracuda Load Balancer Release 2.2.006 (2008-09-05) and earlier

NOTE: An SQL injection error in Barracuda Spam Firewall within the Users -> Account View page has also been reported and fixed.

Solution:
Update to the latest version.

* Barracuda Message Archiver Release 1.2.1.002 (2008-07-22)
* Barracuda Spam Firewall Release 3.5.12.007 (2008-10-24)
* Barracuda Web Filter Release 3.3.0.052 (2008-08-04)
* Barracuda IM Firewall Release 3.1.01.017 (2008-07-02)
* Barracuda Load Balancer Release 2.3.024 (2008-10-20)

Provided and/or discovered by:
Dr. Marian Ventuneac, Data Communications Security Laboratory, University of Limerick

Original Advisory:
Barracuda Networks:
http://www.barracudanetworks.com/ns/support/tech_alert.php

Dr. Marian Ventuneac:
http://dcsl.ul.ie/advisories/02.htm
http://dcsl.ul.ie/advisories/03.htm

Collapse -
WorkSimple File Inclusion and Information Disclosure

In reply to: VULNERABILITIES \ FIXES - December 16, 2008

Release Date: 2008-12-16

Critical:
Highly critical
Impact: Exposure of sensitive information
System access

Where: From remote
Solution Status: Unpatched


Software: WorkSimple 1.x

Description:
Osirys has discovered some vulnerabilities in WorkSimple, which can be exploited by malicious people to disclose sensitive information and compromise a vulnerable system.

Solution:
Edit the source code to ensure that input is properly verified.
Move the user database out of the web root.

Provided and/or discovered by:
Osirys

Original Advisory:
http://milw0rm.com/exploits/7481

Collapse -
Sun Java Wireless Toolkit for CLDC Buffer Overflow Vulnerabi

In reply to: VULNERABILITIES \ FIXES - December 16, 2008

Release Date: 2008-12-16

Critical:
Less critical
Impact: Security Bypass

Where: From remote
Solution Status: Vendor Patch


Software: Sun Java Wireless Toolkit for CLDC 2.x

Description:
Some vulnerabilities have been reported in Sun Java Wireless Toolkit for CLDC, which can be exploited by malicious people to bypass certain security restrictions.

The vulnerabilities are caused due to unspecified errors within the Sun Java Wireless Toolkit (WTK). These can be exploited to cause buffer overflows and execute arbitrary code with privileges of the WTK when a malicious program is downloaded and executed in the WTK.

The vulnerabilities are reported in Sun Java Wireless Toolkit for CLDC 2.5.2 or earlier.

Solution:
Update to Sun Java Wireless Toolkit for CLDC 2.5.2_01 or later.
http://java.sun.com/products/sjwtoolkit/

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
http://sunsolve.sun.com/search/document.do?assetkey=1-66-247566-1

Collapse -
Sun Netra / Fire Servers IP Spoofing Vulnerability

In reply to: VULNERABILITIES \ FIXES - December 16, 2008

Release Date: 2008-12-16

Critical:
Moderately critical
Impact: Spoofing

Where: From remote
Solution Status: Vendor Patch


OS: Sun Fire Mid-Range Servers ScApp Firmware 5.x
Sun Netra 1280/1290 Server 5.x

Description:
Sun has acknowledged a vulnerability in several Netra and Fire products, which can be exploited by malicious people to conduct spoofing attacks.

The vulnerability is caused due to an unspecified error and can be exploited to gain access to the system console and potentially to the host operating system by spoofing IP packets.

NOTE: The vulnerability only affects System Controller V2 systems without SSH enabled.

The vulnerability is reported in:
* Sun Fire 3800, 4800, 4810, 6800, E2900, E4900, E6900, and V1280
* Netra 1280 and 1290 Servers

Solution:
Apply patches.

Sun Fire 3800/4800/4810/6800/E2900/E4900/E6900/V1280:
Update to firmware (ScApp) version 5.20.11 (included in patch 114527-12) or later.

Netra 1280/1290 Servers:
Update to firmware (ScApp) version 5.20.11 (included in patch 114527-12) or later.

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
http://sunsolve.sun.com/search/document.do?assetkey=1-66-246746-1

Collapse -
Sun Solaris Apache "mod_proxy_http" and "mod_proxy_ftp" Vuln

In reply to: VULNERABILITIES \ FIXES - December 16, 2008

Release Date: 2008-12-16

Critical:
Less critical
Impact: Cross Site Scripting
DoS

Where: From remote
Solution Status: Unpatched


OS: Sun Solaris 10

Description:
Sun has acknowledged two vulnerabilities in Apache 2.0 included in Sun Solaris, which potentially can be exploited by malicious people to cause a DoS (Denial of Service) or to conduct cross-site scripting attacks.

Solution:
The vendor recommends to disable the forward proxy and the "mod_proxy_ftp.so" module in httpd.conf.

A final resolution is pending completion.

Original Advisory:
http://sunsolve.sun.com/search/document.do?assetkey=1-66-247666-1

Other References:
SA30621:
http://secunia.com/advisories/30621/

SA31384:
http://secunia.com/advisories/31384/

Collapse -
ClickAndEmail SQL Injection and Cross-Site Scripting

In reply to: VULNERABILITIES \ FIXES - December 16, 2008

Release Date: 2008-12-16

Critical:
Moderately critical
Impact: Security Bypass
Cross Site Scripting
Manipulation of data

Where: From remote
Solution Status: Unpatched


Software: ClickAndEmail

Description:
AlpHaNiX has reported some vulnerabilities in ClickAndEmail, which can be exploited by malicious people to conduct SQL injection and cross-site scripting attacks.

Solution:
Edit the source code to ensure that input is properly sanitised.

Provided and/or discovered by:
AlpHaNiX

Original Advisory:
http://milw0rm.com/exploits/7485

Collapse -
Click&Rank Multiple SQL Injection Vulnerabilities

In reply to: VULNERABILITIES \ FIXES - December 16, 2008

Release Date: 2008-12-16

Critical:
Moderately critical
Impact: Security Bypass
Manipulation of data

Where: From remote
Solution Status: Unpatched


Software: Click&Rank

Description:
AlpHaNiX has reported some vulnerabilities in Click&Rank, which can be exploited by malicious people to conduct SQL injection attacks.

Solution:
Edit the source code to ensure that input is properly sanitised.

Provided and/or discovered by:
AlpHaNiX

Original Advisory:
http://milw0rm.com/exploits/7486

Collapse -
SUSE update for freeradius

In reply to: VULNERABILITIES \ FIXES - December 16, 2008

Release Date: 2008-12-16

Critical:
Less critical
Impact: Privilege escalation

Where: Local system
Solution Status: Vendor Patch


OS: openSUSE 10.2
openSUSE 10.3
openSUSE 11.0

Description:
SUSE has issued an update for freeradius. This fixes some vulnerabilities, which can be exploited by malicious, local users to perform certain actions with escalated privileges.

Solution:
Apply updated packages via YaST Online Update or the SUSE FTP server.

Original Advisory:
SUSE-SR:2008:028:
http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00003.html

Other References:
SA32170:
http://secunia.com/advisories/32170/

Collapse -
Sun Solaris IPv4 Forwarding Denial of Service

In reply to: VULNERABILITIES \ FIXES - December 16, 2008

Release Date: 2008-12-16

Critical:
Moderately critical
Impact: DoS

Where: From remote
Solution Status: Vendor Patch


OS: Sun Solaris 10

Description:
A vulnerability has been reported in Sun Solaris, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to an unspecified error in IPv4 forwarding, which can be exploited to cause a system panic.

Successful exploitation requires that a system is configured to use IPv4, has a network route with a gateway of 127.0.0.1, and that the route does not have the blackhole flag set.

The vulnerability is reported in Sun Solaris 10 with patch 120011-14 (SPARC) and Sun Solaris 10 with patch 120012-14 (x86).

Solution:
Apply patches.

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
http://sunsolve.sun.com/search/document.do?assetkey=1-66-241126-1

Collapse -
Kerio MailServer WebMail Cross-Site Scripting Vulnerabilitie

In reply to: VULNERABILITIES \ FIXES - December 16, 2008

Release Date: 2008-12-16

Critical:
Less critical
Impact: Cross Site Scripting

Where: From remote
Solution Status: Vendor Patch


Software: Kerio MailServer 6.x

Description:
Some vulnerabilities have been discovered in Kerio MailServer, which can be exploited by malicious people to conduct cross-site scripting attacks.

Solution:
Update to version 6.6.2.

Provided and/or discovered by:
1) Dejan Levaja
2) Ivan Markovic

Original Advisory:
Kerio (KSEC-2008-12-16-01):
http://www.kerio.com/security_advisory.html#0812

Collapse -
Extremely Dangerous Internet Explorer Security Hole - Beware

In reply to: VULNERABILITIES \ FIXES - December 16, 2008

Zero-day exploits are actively targeting an unpatched Internet Explorer vulnerability.

Microsoft recently expanded their Security Advisory 961051 to include all versions of Internet Explorer. The vulnerability was originally thought to only affect IE7.

As you can see, it's now a very long list of related software:


http://www.f-secure.com/weblog/

Collapse -
Security update for Opera

In reply to: VULNERABILITIES \ FIXES - December 16, 2008

16 December 2008

Opera Software have released Opera 9.6.3, a security update for the Opera web browser. Opera 9.6.3 has been released for Windows, Mac OS X, Linux, FreeBSD and Solaris. Apart from updating the Presto rendering engine to version 2.1.1, fixes have been applied to a number of flaws which could allow arbitrary code to be executed. These included an vulnerability manipulating text input contents, a flaw in HTML parsing, a problem with log host names in file: URLs, script injection while previewing news feeds and problems with built in XSLT templates. These problems were rated "Extremely Severe" or "Highly Severe" by Opera, leading them to make Opera 9.6.3 a highly recommended update.

More: http://www.heise-online.co.uk/security/Security-update-for-Opera--/news/112264

Collapse -
Microsoft scrambles on IE zero-day; Can move when it wants t

In reply to: VULNERABILITIES \ FIXES - December 16, 2008

Microsoft scrambles on IE zero-day; Can move when it wants to

December 16th, 2008

Posted by Larry Dignan

Microsoft is planning an out-of-band patch for Internet Explorer browser Wednesday as malware attacks escalate.

Ryan Naraine has the details:

Microsoft is planning to ship an emergency Internet Explorer update tomorrow (December 17) to counter an escalating wave of malware attacks targeting a zero-day browser vulnerability.

The out-of-band update follows the public discovery of password-stealing Trojans exploiting the bug on Chinese-language Web sites. Over the past week, the attacks have expanded with hackers using SQL injection techniques to seed exploits on legitimate Web sites.

Ryan also notes that this is the second out-of-band patch in the last two months. The good news: Microsoft can move on critical patches when it wants to and can be nimble. The bad news: Microsoft is moving on the IE patch because the attacks are escalating. Make sure you patch IE tomorrow.

More: http://blogs.zdnet.com/BTL/?p=11252

Collapse -
Novell dishes up OpenSUSE 11.1 details

In reply to: VULNERABILITIES \ FIXES - December 16, 2008

Tweaks licence, dumps EULA

By Kelly Fiveash
16th December 2008

The next big release of Novell?s community-driven SUSE Linux distro is set to land on Thursday. Ahead of that, the firm has released details about what customers can expect from version 11.1, including a new licence in which the EULA has been ditched.

New features include an improved KDE desktop experience and better synchronisation with Apple's iPod and Android G1 phone, said Novell.

It will also come loaded with GNOME 2.24.1, KDE 4.1.3, OpenOffice.org 3.0 and Firefox 3.0.4 software updates.

The installation media is available in various formats including Live CD images for both GNOME and KDE, each carrying a comprehensive stack with the major components of its own desktop environment.

More: http://www.channelregister.co.uk/2008/12/16/opensuse_11_1_details/

Collapse -
SUSE update for freeradius

In reply to: VULNERABILITIES \ FIXES - December 16, 2008

Release Date: 2008-12-16

Critical:
Less critical
Impact: Privilege escalation
Where: Local system
Solution Status: Vendor Patch

OS: openSUSE 10.2
openSUSE 10.3
openSUSE 11.0

Description:
SUSE has issued an update for freeradius. This fixes some vulnerabilities, which can be exploited by malicious, local users to perform certain actions with escalated privileges.

Solution:
Apply updated packages via YaST Online Update or the SUSE FTP server.

Original Advisory:
SUSE-SR:2008:028:
http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00003.html

Other References:
SA32170:
http://secunia.com/advisories/32170/

Collapse -
Firefox 3.0.5 fixes several securty issues.

In reply to: VULNERABILITIES \ FIXES - December 16, 2008

Published: 2008-12-17,
Last Updated: 2008-12-17 02:09:20 UTC
by donald smith (Version: 1)

FireFox 3.0.5 has been released with several security fixes.

Fixed in Firefox 3.0.5
MFSA 2008-69 XSS vulnerabilities in SessionStore
MFSA 2008-68 XSS and JavaScript privilege escalation
MFSA 2008-67 Escaped null characters ignored by CSS parser
MFSA 2008-66 Errors parsing URLs with leading whitespace and control characters
MFSA 2008-65 Cross-domain data theft via script redirect error message
MFSA 2008-64 XMLHttpRequest 302 response disclosure
MFSA 2008-63 User tracking via XUL persist attribute
MFSA 2008-60 Crashes with evidence of memory corruption (rv:1.9.0.5/1.8.1.19)

Thanks to John and Roseman for bringing this to our attention.

http://isc.sans.org/

Popular Forums

icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

SMART HOME

This one tip will help you sleep better tonight

A few seconds are all you need to get a better night's rest.