Spyware, Viruses, & Security forum

General discussion

VULNERABILITIES \ FIXES - January 15, 2009

by Marianna Schmudlach / January 15, 2009 12:46 AM PST

TFTPUtil Directory Traversal Vulnerability

Release Date: 2009-01-15

Critical:
Less critical
Impact: Exposure of system information
Exposure of sensitive information

Where: From local network
Solution Status: Unpatched


Software: TFTPUtil 1.x

Description:
Rob Kraus has discovered a vulnerability in TFTPUtil, which can be exploited by malicious people to bypass certain security restrictions.

The vulnerability is caused due to an input validation error when processing TFTP GET requests. This can be exploited to download files from arbitrary locations outside the TFTP root via specially crafted directory traversal sequences.

The vulnerability is confirmed in versions 1.3.0 and 1.4.0. Other versions may also be affected.

Solution:
Restrict access to trusted users only.

Provided and/or discovered by:
Rob Kraus (princeofnigeria)

Original Advisory:
http://www.princeofnigeria.org/blogs/...tftputil-gui-tftp-directory-traversal

Discussion is locked
You are posting a reply to: VULNERABILITIES \ FIXES - January 15, 2009
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: VULNERABILITIES \ FIXES - January 15, 2009
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Slackware update for bind
by Marianna Schmudlach / January 15, 2009 12:48 AM PST

Release Date: 2009-01-15

Critical:
Less critical
Impact: Spoofing

Where: From remote
Solution Status: Vendor Patch


OS: Slackware Linux 10.0
Slackware Linux 11.0
Slackware Linux 8.x
Slackware Linux 9.0
Slackware Linux 9.1

Description:
Slackware has issued an update for bind. This fixes a vulnerability, which can be exploited by malicious people to conduct spoofing attacks.

Solution:
Apply updated packages.

Original Advisory:
SSA:2009-014-02:
http://slackware.com/security/viewer....=2009&m=slackware-security.540362

Other References:
SA33404:
http://secunia.com/advisories/33404/

Collapse -
Slackware update for ntp
by Marianna Schmudlach / January 15, 2009 12:49 AM PST

Release Date: 2009-01-15

Critical:
Less critical
Impact: Spoofing

Where: From remote
Solution Status: Vendor Patch


OS: Slackware Linux 10.0
Slackware Linux 11.0
Slackware Linux 8.x
Slackware Linux 9.0
Slackware Linux 9.1


Description:
Slackware has issued an update for ntp. This fixes a vulnerability, which can be exploited by malicious people to conduct spoofing attacks.

Solution:
Apply updated packages.

Original Advisory:
SSA:2009-014-03:
http://slackware.com/security/viewer....=2009&m=slackware-security.531177

Other References:
SA33406:
http://secunia.com/advisories/33406/

Collapse -
Slackware update for openssl
by Marianna Schmudlach / January 15, 2009 12:50 AM PST
Collapse -
Red Hat update for kernel
by Marianna Schmudlach / January 15, 2009 12:52 AM PST

Release Date: 2009-01-15

Critical:
Less critical
Impact: DoS

Where: From remote
Solution Status: Vendor Patch


OS: RedHat Enterprise Linux AS 4
RedHat Enterprise Linux ES 4
RedHat Enterprise Linux WS 4

Description:
Red Hat has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users and malicious people to cause a DoS (Denial of Service).

Solution:
Updated packages available via Red Hat Network.
http://rhn.redhat.com

Original Advisory:
RHSA-2009-0014
http://rhn.redhat.com/errata/RHSA-2009-0014.html

Other References:
SA31366:
http://secunia.com/advisories/31366/

SA32510:
http://secunia.com/advisories/32510/

SA32719:
http://secunia.com/advisories/32719/

SA32913:
http://secunia.com/advisories/32913/

Collapse -
Sun Java System Access Manager Privilege Escalation Vulnerab
by Marianna Schmudlach / January 15, 2009 12:53 AM PST

Release Date: 2009-01-15

Critical:
Less critical
Impact: Privilege escalation

Where: From remote
Solution Status: Vendor Patch


Software: Sun Java System Access Manager 7.x

Description:
A vulnerability has been reported in Sun Java System Access Manager, which can be exploited by malicious users to gain escalated privileges.

The vulnerability is caused due to an unspecified error and can be exploited by sub-realm administrators to gain administrative access to the root realm.

Solution:
Apply patches.

Sun Java System Access Manager 7.1 WAR file-based installation (all platforms):
Apply patch 140504-02 or later.

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
http://sunsolve.sun.com/search/document.do?assetkey=1-66-249106-1

Collapse -
Sun Java System Access Manager Password Disclosure Security
by Marianna Schmudlach / January 15, 2009 12:54 AM PST

Release Date: 2009-01-15

Critical:
Less critical
Impact: Exposure of sensitive information

Where: From remote
Solution Status: Vendor Patch


Software: Sun Java System Access Manager 6.x
Sun Java System Access Manager 7.x

Description:
A security issue has been reported in Sun Java System Access Manager, which can be exploited by malicious users to disclose sensitive information.

The security issue is caused due to an unspecified error and can be exploited to disclose certain passwords.

Successful exploitation requires access to the administration console.

Solution:
Apply patches.

Sun Java System Access Manager 7.1 WAR file-based installation (all platforms):
Apply patch 140504-02 or later.

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
http://sunsolve.sun.com/search/document.do?assetkey=1-66-242166-1

Collapse -
OpenBSD update for named
by Marianna Schmudlach / January 15, 2009 12:55 AM PST

Release Date: 2009-01-15

Critical:
Less critical
Impact: Spoofing

Where: From remote
Solution Status: Vendor Patch


OS: OpenBSD 4.3
OpenBSD 4.4

Description:
OpenBSD has issued an update for named. This fixes a vulnerability, which can be exploited by malicious people to conduct spoofing attacks.

Solution:
Apply patch.

OpenBSD 4.4:
ftp://ftp.openbsd.org/pub/OpenBSD/patches/4.4/common/008_bind.patch

OpenBSD 4.3:
ftp://ftp.openbsd.org/pub/OpenBSD/patches/4.3/common/008_bind.patch

Original Advisory:
http://www.openbsd.org/errata44.html#008_bind

Collapse -
Drupal Content Translation Module Security Bypass Vulnerabil
by Marianna Schmudlach / January 15, 2009 12:56 AM PST

Release Date: 2009-01-15

Critical:
Less critical
Impact: Security Bypass

Where: From remote
Solution Status: Vendor Patch


Software: Drupal 6.x

Description:
A vulnerability has been reported in the Content Translation module for Drupal, which can be exploited by malicious users to bypass certain security restrictions.

The vulnerability is caused due to an unspecified error, which can be exploited to bypass normal viewing access restrictions and e.g. view the content of unpublished nodes without requiring any additional permissions to do so.

Successful exploitation of this vulnerability requires the "translate content" permission.

This vulnerability is reported in Drupal 6.x.

Solution:
Update to version 6.9.

Provided and/or discovered by:
The vendor credits Wolfgang Ziegler.

Original Advisory:
SA-CORE-2009-001:
http://drupal.org/node/358957

Collapse -
Drupal Internationalization (i18n) Translation Module Securi
by Marianna Schmudlach / January 15, 2009 12:57 AM PST

Release Date: 2009-01-15

Critical:
Less critical
Impact: Security Bypass

Where: From remote
Solution Status: Vendor Patch


Software: Drupal Internationalization Module 5.x



Description:
A vulnerability has been reported in the Internationalization (i18n) Translation module for Drupal, which can be exploited by malicious users to bypass certain security restrictions.

The vulnerability is caused due to an unspecified error, which can be exploited to view the content of unpublished nodes without requiring any additional permissions to do so.

Successful exploitation of this vulnerability requires the "translate node" permission.

This vulnerability is reported in versions prior to 5.x-2.5.

Solution:
Update to version 5.x-2.5.

Provided and/or discovered by:
The vendor credits Wolfgang Ziegler and Nat Catchpole of the Drupal security team.

Original Advisory:
SA-CONTRIB-2009-003:
http://drupal.org/node/358958

Collapse -
Debian update for xulrunner
by Marianna Schmudlach / January 15, 2009 12:59 AM PST

Release Date: 2009-01-15

Critical:
Highly critical
Impact: Security Bypass
Cross Site Scripting
Exposure of sensitive information
System access

Where: From remote
Solution Status: Vendor Patch


OS: Debian GNU/Linux 4.0
Debian GNU/Linux unstable alias sid

Description:
Debian has issued an update for xulrunner. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, disclose sensitive information, conduct cross-site scripting attacks, or potentially compromise a user's system.

Solution:
Apply updated packages.

Original Advisory:
DSA-1704-1:
http://lists.debian.org/debian-security-announce/2009/msg00011.html

Other References:
SA33184:
http://secunia.com/advisories/33184/

Collapse -
Fedora update for bind
by Marianna Schmudlach / January 15, 2009 1:00 AM PST

Release Date: 2009-01-15

Critical:
Less critical
Impact: Spoofing

Where: From remote
Solution Status: Vendor Patch


OS: Fedora 9

Description:
Fedora has issued an update for bind. This fixes a vulnerability, which can be exploited by malicious people to conduct spoofing attacks.

Solution:
Apply updated packages using the yum utility ("yum update bind").

Original Advisory:
FEDORA-2009-0350:
https://www.redhat.com/archives/fedor...e-announce/2009-January/msg00393.html

Other References:
SA33404:
http://secunia.com/advisories/33404/

Collapse -
Fedora update for nfs-utils
by Marianna Schmudlach / January 15, 2009 1:01 AM PST

Release Date: 2009-01-15

Critical:
Less critical
Impact: Security Bypass

Where: Local system
Solution Status: Vendor Patch


OS: Fedora 9

Description:
Fedora has acknowledged a weakness in nfs-utils, which can be exploited by malicious people to bypass certain security restrictions.

The weakness is caused due to the nfs-utils package being build without support for TCP wrappers, which can be exploited to e.g. bypass intended security restrictions relying on TCP wrappers.

Solution:
Apply updated packages using the yum utility ("yum updates nfs-utils").

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
FEDORA-2009-0297:
https://www.redhat.com/archives/fedor...e-announce/2009-January/msg00526.html

Collapse -
Fedora update for tqsllib
by Marianna Schmudlach / January 15, 2009 1:02 AM PST

Release Date: 2009-01-15

Critical:
Less critical
Impact: Spoofing

Where: From remote
Solution Status: Vendor Patch


OS: Fedora 9

Description:
Fedora has issued an update for tqsllib. This fixes a vulnerability, which can be exploited by malicious people to conduct spoofing attacks.

The vulnerability is caused due to the library incorrectly verifying the return value of the "EVP_VerifyFinal()" OpenSSL function.

Solution:
Apply updated packages via the yum utility ("yum update tqsllib").

Original Advisory:
FEDORA-2009-0543:
https://www.redhat.com/archives/fedor...e-announce/2009-January/msg00557.html

Other References:
SA33338:
http://secunia.com/advisories/33338/

Collapse -
Drupal Notify Module Privilege Escalation Security Issue
by Marianna Schmudlach / January 15, 2009 1:03 AM PST

Release Date: 2009-01-15

Critical:
Less critical
Impact: Privilege escalation

Where: From remote
Solution Status: Vendor Patch


Software: Drupal Notify Module 5.x

Description:
A security issue has been reported in the Notify module for Drupal, which can be exploited by malicious users to gain escalated privileges.

The security issue is caused due to an unspecified error when a user triggers the cron processing. This can lead to a user being logged in as another user with higher privileges when Notify operations do not complete successfully.

This security issue is reported in versions prior to 5.x-1.2.

Solution:
Update to version 5.x-1.2.

Provided and/or discovered by:
The vendor credits Philippe Jadin and Bill Kennedy.

Original Advisory:
SA-CONTRIB-2009-004:
http://drupal.org/node/359144

Collapse -
Avira Antivir RAR Processing Denial of Service Vulnerabiliti
by Marianna Schmudlach / January 15, 2009 1:04 AM PST

Release Date: 2009-01-15

Critical:
Moderately critical
Impact: DoS

Where: From remote
Solution Status: Vendor Patch


Software: Avira AntiVir Personal Edition Classic 7.x
Avira AntiVir Personal Edition Classic 8.x
Avira AntiVir Personal Edition Premium 7.x
Avira AntiVir Personal Edition Premium 8.x
Avira AntiVir Premium Security Suite 7.x
Avira AntiVir Server 6.x
Avira AntiVir UNIX MailGate 2.x
Avira AntiVir Workstation 7.x
Avira AntiVir Workstation 8.x
Avira Premium Security Suite 7.x

Description:
Thierry Zoller has reported some vulnerabilities in Avira Antivir, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerabilities are caused due to errors in the handling of RAR files. These can be exploited to crash an affected program via a specially crafted RAR archive.

Solution:
Update the scanning engine to versions 7.9.0.54, 8.2.0.54, or later.

Provided and/or discovered by:
Thierry Zoller

Original Advisory:
Avira:
http://forum.avira.com/wbb/index.php?page=Thread&threadID=81148

Thierry Zoller:
http://blog.zoller.lu/2009/01/advisory-tzo-2009-1-avira-antivir-rar.html

Collapse -
Red Hat Certificate Server Information Disclosure
by Marianna Schmudlach / January 15, 2009 1:06 AM PST

Release Date: 2009-01-15

Critical:
Less critical
Impact: Exposure of sensitive information

Where: Local system
Solution Status: Vendor Patch


Software: Red Hat Certificate System 7.x

Description:
Red Hat has acknowledged some security issues in Red Hat Certificate Server, which can be exploited by malicious, local users to disclose potentially sensitive information.

Solution:
Updated packages are available via Red Hat Network.
http://rhn.redhat.com

Original Advisory:
RHSA-2009-0006:
https://rhn.redhat.com/errata/RHSA-2009-0006.html

Collapse -
AAA EasyGrid ActiveX Control "DoSaveFile()" Insecure Method
by Marianna Schmudlach / January 15, 2009 1:07 AM PST

Release Date: 2009-01-15

Critical:
Less critical
Impact: Manipulation of data

Where: From remote
Solution Status: Unpatched


Software: AAA EasyGrid ActiveX 3.x

Description:
Houssamix has discovered a vulnerability in AAA EasyGrid ActiveX, which can be exploited by malicious people to overwrite arbitrary files.

The vulnerability is caused due to the EasyGrid.SGCtrl.32 ActiveX control (EasyGrid.ocx) containing the insecure "DoSaveFile()" method. This can be exploited to corrupt arbitrary files in the context of the currently logged-on user.

The vulnerability is confirmed in version 3.51 (EasyGrid.ocx version 1.0.0.1). Other versions may also be affected.

Solution:
Set the kill-bit for the affected ActiveX control.

Provided and/or discovered by:
Houssamix

Original Advisory:
http://milw0rm.com/exploits/7779

Collapse -
phpList "_SERVER[ConfigFile]" Local File Inclusion Vulnerabi
by Marianna Schmudlach / January 15, 2009 1:08 AM PST

Release Date: 2009-01-15

Critical:
Moderately critical
Impact: Exposure of sensitive information

Where: From remote
Solution Status: Unpatched


Software: phplist 2.x

Description:
AmnPardaz Security Research Team has discovered a vulnerability in phpList, which can be exploited by malicious people to disclose sensitive information.

Input passed to the "_SERVER[ConfigFile]" parameter in admin/index.php is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources.

Successful exploitation requires that "register_globals" is disabled.

The vulnerability is confirmed in version 2.10.8. Other versions may also be affected.

Solution:
Edit the source code to ensure that input is properly verified.

Provided and/or discovered by:
AmnPardaz Security Research Team

Original Advisory:
http://www.bugreport.ir/index_60.htm

Collapse -
IBM HMC Unspecified Vulnerability
by Marianna Schmudlach / January 15, 2009 1:09 AM PST

Release Date: 2009-01-15

Critical:
Moderately critical
Impact: Unknown

Where: From remote
Solution Status: Vendor Patch


OS: IBM Hardware Management Console (HMC)

Description:
A vulnerability with an unknown impact has been reported in IBM Hardware Management Console (HMC).

The vulnerability is caused due to an unspecified error. No further information is currently available.

The vulnerability is reported in IBM HMC Version 7 Release 3.2.0 SP1.

Solution:
HMC V7R3.2.0 Service Pack 1:
Install PTF MH01160.

NOTE: HMC V7R3.2.0 Service Pack 1 (MH01084), MH01101, and MH01133 must be installed before installing this fix.

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
IBM (MH01160, MB02834)
http://www14.software.ibm.com/webapp/...criptions/pqvcmjd?mode=18&ID=4521

Collapse -
Gentoo update for gnutls
by Marianna Schmudlach / January 15, 2009 1:10 AM PST

Release Date: 2009-01-15

Critical:
Moderately critical
Impact: Security Bypass
Spoofing

Where: From remote
Solution Status: Vendor Patch


OS: Gentoo Linux 1.x

Description:
Gentoo has issued an update for gnutls. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions.

Solution:
Update to version "net-libs/gnutls-2.4.1-r2" or later.

Original Advisory:
GLSA 200901-10:
http://www.gentoo.org/security/en/glsa/glsa-200901-10.xml

Other References:
SA32619:
http://secunia.com/advisories/32619/

Collapse -
FreeBSD update for bind
by Marianna Schmudlach / January 15, 2009 1:11 AM PST

Release Date: 2009-01-15

Critical:
Less critical
Impact: Spoofing

Where: From remote
Solution Status: Vendor Patch


OS: FreeBSD 6.x



Description:
FreeBSD has issued an update for bind. This fixes a vulnerability, which can be exploited by malicious people to conduct spoofing attacks.

Solution:
Update FreeBSD or apply patches.

Fixed versions:
2009-01-10 03:00:21 UTC (RELENG_7, 7.1-STABLE)
2009-01-13 21:19:27 UTC (RELENG_7_1, 7.1-RELEASE-p2)
2009-01-13 21:19:27 UTC (RELENG_7_0, 7.0-RELEASE-p9)
2009-01-10 04:30:27 UTC (RELENG_6, 6.4-STABLE)
2009-01-13 21:19:27 UTC (RELENG_6_4, 6.4-RELEASE-p3)
2009-01-13 21:19:27 UTC (RELENG_6_3, 6.3-RELEASE-p9)

Patch:
http://security.FreeBSD.org/patches/SA-09:04/bind.patch

Original Advisory:
FreeBSD-SA-09:04.bind:
http://security.freebsd.org/advisories/FreeBSD-SA-09:04.bind.asc

Other References:
SA33404:
http://secunia.com/advisories/33404/

Collapse -
AN Guestbook "country" Script Insertion Vulnerability
by Marianna Schmudlach / January 15, 2009 1:12 AM PST

Release Date: 2009-01-15

Critical:
Moderately critical
Impact: Cross Site Scripting

Where: From remote
Solution Status: Vendor Patch


Software: AN Guestbook (ANG) 0.x

Description:
A vulnerability has been discovered in AN Guestbook, which can be exploited by malicious people to conduct script insertion attacks.

Input passed to the "country" parameter in sign1.php is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in the context of an affected site when the malicious post is viewed (e.g. in manage.php and trash.php).

This vulnerability is confirmed in version 0.7.6. Other versions may also be affected.

Solution:
Update to version 0.7.7.

Provided and/or discovered by:
Reported by vendor.

Original Advisory:
http://sourceforge.net/project/shownotes.php?release_id=653720

Collapse -
DMXReady SDK "download_link.asp" Security Bypass Vulnerabili
by Marianna Schmudlach / January 15, 2009 1:13 AM PST

Release Date: 2009-01-15

Critical:
Moderately critical
Impact: Security Bypass
Exposure of system information
Exposure of sensitive information

Where: From remote
Solution Status: Unpatched


Software: DMXReady SDK 1.x

Description:
ajann has reported a vulnerability in DMXReady SDK, which can be exploited by malicious people to bypass certain security restrictions.

The vulnerability is caused due to the application not properly restricting access to the "download_link.asp" script. This can be exploited to download source code files without authentication.

This vulnerability is reported in version 1.1. Other versions may also be affected.

Solution:
Edit the source code to ensure that proper access restrictions are implemented.

Provided and/or discovered by:
ajann

Original Advisory:
http://www.milw0rm.com/exploits/7789

Collapse -
Sun Solaris "lpadmin" and "ppdmgr" Denial of Service Vulnera
by Marianna Schmudlach / January 15, 2009 1:15 AM PST

Release Date: 2009-01-15

Critical:
Not critical
Impact: DoS

Where: Local system
Solution Status: Vendor Patch


OS: Sun Solaris 10

Description:
Some vulnerabilities have been reported in Sun Solaris, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

The vulnerabilities are caused due to unspecified errors within the "lpadmin" and "ppdmgr" print utilities and can potentially be exploited to cause a DoS to certain system services or to the complete system.

Solution:
Apply patches.

Provided and/or discovered by:
The vendor credits Mike Gerdts.

Original Advisory:
http://sunsolve.sun.com/search/document.do?assetkey=1-66-249306-1

Collapse -
libmikmod Denial of Service Vulnerabilities
by Marianna Schmudlach / January 15, 2009 1:16 AM PST

Release Date: 2009-01-15

Critical:
Less critical
Impact: DoS

Where: From remote
Solution Status: Unpatched


Software: libmikmod 3.x

Description:
Some vulnerabilities have been reported in libmikmod, which can be exploited by malicious people to cause a DoS (Denial of Service).

Solution:
Do not open untrusted files.

Provided and/or discovered by:
1) blank_axolotl and Brandon (aka Winter Knight)
2) Brandon (aka Winter Knight)

Original Advisory:
1) http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=461519
http://sourceforge.net/tracker/index....58&group_id=40531&atid=428227

2) http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=476339

http://secunia.com/advisories/33485/

Collapse -
DMXReady Multiple Products "cid" SQL Injection Vulnerability
by Marianna Schmudlach / January 15, 2009 1:17 AM PST

Release Date: 2009-01-15

Critical:
Moderately critical
Impact: Manipulation of data

Where: From remote
Solution Status: Unpatched


Software: Classified Listings Manager 1.x
Member Directory Manager 1.x
Secure Document Library 1.x

Description:
ajann has reported a vulnerability in multiple DMXReady products, which can be exploited by malicious people to conduct SQL injection attacks.

Input passed to the "cid" parameter in upload_image_category.asp is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

This vulnerability is reported in the following products:
- Classified Listings Manager, version 1.1
- Member Directory Manager, version 1.1
- Secure Document Library, version 1.1

Solution:
Edit the source code to ensure that input is properly sanitised.

Provided and/or discovered by:
ajann

Original Advisory:
http://milw0rm.com/exploits/7767
http://milw0rm.com/exploits/7773
http://milw0rm.com/exploits/7787

Collapse -
Cisco IronPort Products Multiple Vulnerabilities
by Marianna Schmudlach / January 15, 2009 1:18 AM PST

Release Date: 2009-01-15

Critical:
Moderately critical
Impact: Cross Site Scripting
Exposure of sensitive information

Where: From remote
Solution Status: Vendor Patch


OS: Cisco IronPort Encryption Appliance 6.x



Software: Cisco IronPort PostX 6.x

Description:
Some vulnerabilities have been reported in Cisco IronPort products, which can be exploited by malicious people to disclose sensitive information or conduct cross-site request forgery attacks.

Solution:
The vendor has released patches. Please contact the IronPort technical support.
http://www.ironport.com/support/contact_support.html

Provided and/or discovered by:
2) The vendor credits J.B. Snyder of Brintech

Original Advisory:
Cisco (cisco-sa-20090114-ironport):
http://www.cisco.com/en/US/products/p...curity_advisory09186a0080a5c4f7.shtml

http://secunia.com/advisories/33479/

Collapse -
Gentoo update for avahi
by Marianna Schmudlach / January 15, 2009 1:19 AM PST

Release Date: 2009-01-15

Critical:
Less critical
Impact: DoS

Where: From local network
Solution Status: Vendor Patch


OS: Gentoo Linux 1.x

Description:
Gentoo has issued an update for avahi. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

Solution:
Update to version "net-dns/avahi-0.6.24" or later.

Original Advisory:
GLSA 200901-11:
http://www.gentoo.org/security/en/glsa/glsa-200901-11.xml

Other References:
SA33153:
http://secunia.com/advisories/33153/

Collapse -
Cisco ONS Products Denial of Service Vulnerability
by Marianna Schmudlach / January 15, 2009 1:20 AM PST

Release Date: 2009-01-15

Critical:
Less critical
Impact: DoS

Where: From local network
Solution Status: Vendor Patch


OS: Cisco ONS 15000 Series
Cisco ONS 15454 Series

Description:
A vulnerability has been reported in several Cisco ONS products, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to an unspecified error while processing TCP packets. This can be exploited to reset a control card via a specially crafted TCP data stream sent to an open card port.

Successful exploitation allows the disruption of synchronous data channels for all platforms except Cisco ONS 15600, and the temporary interruption of the management functionality.

The vulnerability is reported in the following hardware platforms:
* Cisco ONS 15310-CL Series
* Cisco ONS 15327 Series
* Cisco ONS 15454 MSPP
* Cisco ONS 15454 MSTP
* Cisco ONS 15600 Series

Solution:
Update to a fixed version. Please see vendor advisory for a patch matrix.

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
http://www.cisco.com/warp/public/707/cisco-sa-20090114-ons.shtml

Collapse -
Cisco IOS HTTP Server Two Cross-Site Scripting Vulnerabiliti
by Marianna Schmudlach / January 15, 2009 1:22 AM PST

Release Date: 2009-01-15

Critical:
Less critical
Impact: Cross Site Scripting

Where: From remote
Solution Status: Vendor Patch


OS: Cisco IOS 12.x
Cisco IOS R12.x

Description:
Two vulnerabilities have been reported in Cisco IOS, which can be exploited by malicious people to conduct cross-site scripting attacks.

Solution:
Update to a fixed version (please see the vendor's advisory for details).

Provided and/or discovered by:
1) Adrian Pastor and Richard J. Brain of ProCheckUp.
2) Nobuhiro Tsuji of NTT Data Security Corporation, reported via JVN.

Original Advisory:
Cisco:
http://www.cisco.com/warp/public/707/cisco-sr-20090114-http.shtml

ProCheckUp:
http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr08-19

JVN:
http://jvn.jp/en/jp/JVN28344798/index.html

Popular Forums
icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

The Samsung RF23M8090SG

One of the best French door fridges we've tested

A good-looking fridge with useful features like an auto-filling water pitcher and a temperature-adjustable "FlexZone" drawer. It was a near-flawless performer in our cooling tests.