Spyware, Viruses, & Security forum

General discussion

VULNERABILITIES \FIXES - January 29, 2009

by Marianna Schmudlach / January 28, 2009 11:57 PM PST

Sun Solaris IP-in-IP Processing Denial of Service Vulnerability

Release Date: 2009-01-29

Critical:
Not critical
Impact: DoS

Where: Local system
Solution Status: Vendor Patch


OS: Sun Solaris 10
Sun Solaris 9

Description:
Sun has acknowledged a vulnerability in Sun Solaris, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

The vulnerability is caused due to an unspecified error when processing IP-in-IP packets and can be exploited to cause a system panic.

Solution:
Apply patches.

Provided and/or discovered by:
The vendor credits Evgeny Sonyagin.

Original Advisory:
http://sunsolve.sun.com/search/document.do?assetkey=1-66-240086-1

Discussion is locked
You are posting a reply to: VULNERABILITIES \FIXES - January 29, 2009
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: VULNERABILITIES \FIXES - January 29, 2009
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Sun Fire X2100 / X2200 Embedded Lights Out Manager Security
by Marianna Schmudlach / January 28, 2009 11:59 PM PST

Release Date: 2009-01-29

Critical:
Moderately critical
Impact: Security Bypass

Where: From local network
Solution Status: Vendor Patch


OS: Sun Fire X2100/X2200 Series

Description:
A vulnerability has been reported in Sun Fire X2100 and X2200 M2 Server, which can be exploited by malicious people to bypass certain security restrictions.

The vulnerability is caused due to an unspecified error within the Embedded Lights Out Manager (ELOM), which can be exploited to gain administrative access to the ELOM or execute arbitrary commands on the Service Processor (SP).

Solution:
-- x86 Platform --

Sun Fire X2100 M2 Server:
Update to firmware version 3.20 from the 1.7 "Tools and Drivers" CD (or later).
http://www.sun.com/servers/entry/x2100/downloads.jsp

Sun Fire X2200 M2 Server:
Update to firmware version 3.20 from the 2.1 "Tools and Drivers" CD (or later).
http://www.sun.com/servers/x64/x2200/downloads.jsp

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
http://sunsolve.sun.com/search/document.do?assetkey=1-66-239886-1

Collapse -
Sun Solaris mod_perl Denial of Service Vulnerability
by Marianna Schmudlach / January 29, 2009 12:00 AM PST

Release Date: 2009-01-29

Critical:
Less critical
Impact: DoS

Where: From remote
Solution Status: Vendor Patch


OS: Sun Solaris 10

Description:
Sun has acknowledged a vulnerability in Sun Solaris, which can potentially be exploited by malicious people to cause a DoS (Denial of Service).

Solution:
-- SPARC Platform --

Solaris 10:
Apply patch 122911-14 or later

OpenSolaris:
Fixed in builds snv_100 or later

-- x86 Platform --

Solaris 10:
Apply patch 122912-14 or later

OpenSolaris:
Fixed in builds snv_100 or later

Original Advisory:
http://sunsolve.sun.com/search/document.do?assetkey=1-66-248386-1

Other References:
SA24678:
http://secunia.com/advisories/24678/

Collapse -
Sun Solaris "libxml2" XML Processing Vulnerability
by Marianna Schmudlach / January 29, 2009 12:01 AM PST

Release Date: 2009-01-29

Critical:
Moderately critical
Impact: DoS
System access

Where: From remote
Solution Status: Vendor Patch


OS: Sun Solaris 10
Sun Solaris 9

Description:
Sun has acknowledged a vulnerability in libxml2 in Solaris, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.

Solution:
Apply patches.

Original Advisory:
http://sunsolve.sun.com/search/document.do?assetkey=1-66-247346-1

Other References:
SA31558:
http://secunia.com/advisories/31558/

Collapse -
Sun Solaris mod_perl Denial of Service Vulnerability
by Marianna Schmudlach / January 29, 2009 12:02 AM PST

Release Date: 2009-01-29

Critical:
Less critical
Impact: DoS

Where: From remote
Solution Status: Unpatched


OS: Sun Solaris 8
Sun Solaris 9

Description:
Sun has acknowledged a vulnerability in Sun Solaris, which can potentially be exploited by malicious people to cause a DoS (Denial of Service).

Solution:
Ensure that the mod_perl(3) (PerlRun.pm) component is not configured in the Apache 1.3 configuration file.

A final resolution is pending completion.

Original Advisory:
http://sunsolve.sun.com/search/document.do?assetkey=1-66-248386-1

Other References:
SA24678:
http://secunia.com/advisories/24678/

Collapse -
Debian update for moin
by Marianna Schmudlach / January 29, 2009 12:04 AM PST

Release Date: 2009-01-29

Critical:
Less critical
Impact: Cross Site Scripting

Where: From remote
Solution Status: Vendor Patch


OS: Debian GNU/Linux 4.0
Debian GNU/Linux unstable alias sid

Description:
Debian has issued an update for moin. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks.

Solution:
Apply updated packages.

Original Advisory:
DSA-1715-1:
http://lists.debian.org/debian-security-announce/2009/msg00023.html

Other References:
SA33593:
http://secunia.com/advisories/33593/

Collapse -
Avaya CMS Solaris "libxml2" XML Processing Vulnerability
by Marianna Schmudlach / January 29, 2009 12:05 AM PST

Release Date: 2009-01-29

Critical:
Moderately critical
Impact: DoS
System access

Where: From remote
Solution Status: Unpatched


OS: Avaya Call Management System (CMS)

Description:
Avaya has acknowledged a vulnerability in Avaya CMS, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.

Solution:
The vendor recommends that local and network access to the affected systems be restricted until an update is available.

Original Advisory:
http://support.avaya.com/elmodocs2/security/ASA-2009-025.htm

Other References:
SA33722:
http://secunia.com/advisories/33722/

Collapse -
HP MPE/iX DNS Cache Poisoning Vulnerability
by Marianna Schmudlach / January 29, 2009 12:06 AM PST

Release Date: 2009-01-29

Critical:
Moderately critical
Impact: Spoofing

Where: From remote
Solution Status: Unpatched


OS: HP MPE/iX 6.5
HP MPE/iX 7.0
HP MPE/iX 7.5

Description:
HP has acknowledged a vulnerability in MPE/iX, which can be exploited by malicious people to poison the DNS cache.

Solution:
The vendor recommends to discontinue the use of BIND/iX and migrate DNS services to another platform.

Original Advisory:
HPSBMP02404 SSRT090014:
http://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01660723

Other References:
SA30973:
http://secunia.com/advisories/30973/

Collapse -
HP Select Access Cross-Site Scripting Vulnerability
by Marianna Schmudlach / January 29, 2009 12:07 AM PST

Release Date: 2009-01-29

Critical:
Less critical
Impact: Cross Site Scripting

Where: From remote
Solution Status: Vendor Patch


Software: HP Select Access 6.x

Description:
A vulnerability has been reported in HP Select Access, which can be exploited by malicious people to conduct cross-site scripting attacks.

Input passed via unspecified parameters is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

The vulnerability is reported in HP Select Access version 6.1 and 6.2 running on HP-UX, Linux, Solaris, and Windows.

Solution:
Apply the hotfixes (please see the vendor advisory for details).

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
HPSBMA02403 SSRT090007:
https://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01658614

Collapse -
FFmpeg 4xm Processing Memory Corruption Vulnerability
by Marianna Schmudlach / January 29, 2009 12:08 AM PST

Release Date: 2009-01-29

Critical:
Highly critical
Impact: DoS
System access

Where: From remote
Solution Status: Vendor Workaround


Software: FFmpeg 0.x

Description:
Tobias Klein has reported a vulnerability in FFmpeg, which potentially can be exploited by malicious people to compromise an application using the library.

The vulnerability is caused due to a signedness error within the "fourxm_read_header()" function in libavformat/4xm.c. This can be exploited to corrupt arbitrary memory via a specially crafted 4xm file.

Successful exploitation may allow execution of arbitrary code.

Solution:
Fixed in the SVN repository at revision 16846.
http://svn.mplayerhq.hu/ffmpeg?view=rev&revision=16846

Provided and/or discovered by:
Tobias Klein

Original Advisory:
Tobias Klein:
http://www.trapkit.de/advisories/TKADV2009-004.txt

Collapse -
SUSE update for IBMJava5-JRE and java-1_5_0-ibm
by Marianna Schmudlach / January 29, 2009 12:10 AM PST

Release Date: 2009-01-29

Critical:
Highly critical
Impact: Security Bypass
Exposure of system information
Exposure of sensitive information
DoS
System access

Where: From remote
Solution Status: Vendor Patch


OS: SUSE Linux Enterprise Server 10
SUSE Linux Enterprise Server 9



Software: Novell Open Enterprise Server 1.x

Description:
SUSE has issued an update for IBMJava5-JRE and java-1_5_0-ibm. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, disclose sensitive information, cause a DoS (Denial of service), or compromise a vulnerable system.

Solution:
Apply updated packages.

Original Advisory:
SUSE-SA:2009:007:
http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00009.html

Other References:
SA32991:
http://secunia.com/advisories/32991/

Collapse -
Ubuntu update for openjdk-6
by Marianna Schmudlach / January 29, 2009 12:11 AM PST

Release Date: 2009-01-29

Critical:
Highly critical
Impact: Security Bypass
Exposure of system information
Exposure of sensitive information
DoS
System access

Where: From remote
Solution Status: Vendor Patch


OS: Ubuntu Linux 8.10

Description:
Ubuntu has issued an update for openjdk-6. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, disclose sensitive information, cause a DoS (Denial of service), or compromise a vulnerable system.

Solution:
Apply updated packages.

Original Advisory:
USN-713-1:
https://lists.ubuntu.com/archives/ubu...ity-announce/2009-January/000832.html

Other References:
SA32991:
http://secunia.com/advisories/32991/

Collapse -
Avaya CMS Solaris Pseudo-Terminal Driver Denial of Service
by Marianna Schmudlach / January 29, 2009 12:12 AM PST

Release Date: 2009-01-29

Critical:
Not critical
Impact: DoS

Where: Local system
Solution Status: Unpatched


OS: Avaya Call Management System (CMS)

Description:
Avaya has acknowledged a vulnerability in Avaya CMS, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

Solution:
The vendor recommends that local and network access to the affected systems be restricted until an update is available.

Original Advisory:
http://support.avaya.com/elmodocs2/security/ASA-2009-034.htm

Other References:
SA33662:
http://secunia.com/advisories/33662/

Collapse -
Ubuntu update for kernel
by Marianna Schmudlach / January 29, 2009 12:14 AM PST

Release Date: 2009-01-29

Critical:
Less critical
Impact: DoS

Where: Local system
Solution Status: Vendor Patch


OS: Ubuntu Linux 6.06
Ubuntu Linux 7.10
Ubuntu Linux 8.04

Description:
Ubuntu has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users and malicious people to cause a DoS (Denial of Service).

Solution:
Apply updated packages.

Original Advisory:
USN-714-1:
https://lists.ubuntu.com/archives/ubu...ity-announce/2009-January/000833.html

Other References:
SA32510:
http://secunia.com/advisories/32510/

SA32913:
http://secunia.com/advisories/32913/

Collapse -
Avaya CMS Solaris "lpadmin" and "ppdmgr" Denial of Service V
by Marianna Schmudlach / January 29, 2009 12:16 AM PST

Release Date: 2009-01-29

Critical:
Not critical
Impact: DoS

Where: Local system
Solution Status: Unpatched


OS: Avaya Call Management System (CMS)

Description:
Avaya has acknowledged some vulnerabilities in Amaya CMS, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

Solution:
The vendor recommends that local and network access to the affected systems be restricted until an update is available.

Original Advisory:
http://support.avaya.com/elmodocs2/security/ASA-2009-026.htm

Other References:
SA33488:
http://secunia.com/advisories/33488/

Collapse -
Avaya CMS Solaris "libike" Library Denial of Service
by Marianna Schmudlach / January 29, 2009 12:17 AM PST

Release Date: 2009-01-29

Critical:
Moderately critical
Impact: DoS

Where: From remote
Solution Status: Unpatched


OS: Avaya Call Management System (CMS)

Description:
Avaya has acknowledged a vulnerability in Avaya CMS, which can be exploited by malicious people to cause a DoS (Denial of Service).


Solution:
The vendor recommends that local and network access to the affected systems be restricted until an update is available.

Original Advisory:
http://support.avaya.com/elmodocs2/security/ASA-2009-032.htm

Other References:
SA33644:
http://secunia.com/advisories/33644/

Collapse -
SocialEngine "category_id" SQL Injection Vulnerability
by Marianna Schmudlach / January 29, 2009 12:18 AM PST

Release Date: 2009-01-29

Critical:
Moderately critical
Impact: Manipulation of data

Where: From remote
Solution Status: Unpatched


Software: SocialEngine 3.x

Description:
Snakespc has discovered a vulnerability in SocialEngine, which can be exploited by malicious people to conduct SQL injection attacks.

Input passed to the "category_id" parameter in blog.php (when "user" is set to a valid user name) is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

Successful exploitation of this vulnerability requires that the blog plugin is enabled.

This vulnerability is confirmed in version 3.06 trial. Other versions may also be affected.

Solution:
Edit the source code to ensure that input is properly sanitised.

Provided and/or discovered by:
Snakespc

Original Advisory:
http://milw0rm.com/exploits/7900

Collapse -
Sun Solaris Samba "receive_smb_raw()" Buffer Overflow Vulner
by Marianna Schmudlach / January 29, 2009 12:19 AM PST
Collapse -
Red Hat Certificate Server Information Disclosure and Securi
by Marianna Schmudlach / January 29, 2009 12:21 AM PST

Release Date: 2009-01-29

Critical:
Less critical
Impact: Security Bypass
Exposure of sensitive information

Where: Local system
Solution Status: Vendor Patch


Software: Red Hat Directory Server 7.x

Description:
Red Hat has acknowledged some security issues in Red Hat Certificate Server, which can be exploited by malicious, local users to bypass certain security restrictions and to disclose potentially sensitive information.

Solution:
Updated packages are available via Red Hat Network.
http://rhn.redhat.com

Original Advisory:
RHSA-2009-0007:
https://rhn.redhat.com/errata/RHSA-2009-0007.html

Collapse -
No-IP Dynamic Update Client Information Disclosure
by Marianna Schmudlach / January 29, 2009 12:22 AM PST

Release Date: 2009-01-29

Critical:
Less critical
Impact: Exposure of sensitive information

Where: From remote
Solution Status: Unpatched


Software: No-IP Linux Dynamic Update Client 2.x

Description:
A security issue has been reported in No-IP Dynamic Update Client, which can be exploited by malicious people to disclose sensitive information.

The security issue is caused due to the application submitting user credentials over HTTP when sending a status update to the hosted service.

The security issue is confirmed in No-IP Linux Dynamic Update Client 2.1.9. Other versions may also be affected.

Solution:
No solution is currently available.

Provided and/or discovered by:
Fabio Pinheiro

Collapse -
Max.Blog "username" SQL Injection Vulnerability
by Marianna Schmudlach / January 29, 2009 12:23 AM PST

Release Date: 2009-01-29

Critical:
Moderately critical
Impact: Manipulation of data

Where: From remote
Solution Status: Unpatched


Software: Max.Blog 1.x

Description:
A vulnerability has been discovered in Max.Blog, which can be exploited by malicious people to conduct SQL injection attacks.

Input passed to the "username" parameter in offline_auth.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

This vulnerability is confirmed in version 1.0.6 (Build 122208-1144_106_fin). Other versions may also be affected.

Solution:
Edit the source code to ensure that input is properly sanitised.

Provided and/or discovered by:
Salvatore "drosophila" Fresta

Original Advisory:
http://milw0rm.com/exploits/7899

Collapse -
htmLawed Unspecified Cross-Site Scripting Vulnerabilities
by Marianna Schmudlach / January 29, 2009 12:26 AM PST

Release Date: 2009-01-29

Critical:
Less critical
Impact: Cross Site Scripting

Where: From remote
Solution Status: Vendor Patch


Software: htmLawed 1.x


Description:
Some vulnerabilities have been reported in htmLawed, which can be exploited by malicious people to conduct cross-site scripting attacks.

Input passed to unspecified parameters is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in the context of an affected site via specially crafted CSS expressions.

These vulnerabilities are reported in versions prior to 1.1.4.

Solution:
Update to version 1.1.4.

Provided and/or discovered by:
Reported by vendor.

Original Advisory:
http://www.bioinformatics.org/phplabw...ies/htmLawed/htmLawed_README.htm#s4.3
http://freshmeat.net/projects/htmlawed/?branch_id=74760&release_id=293026
http://freshmeat.net/projects/htmlawed/?branch_id=74760&release_id=293090

http://secunia.com/advisories/33655/

Collapse -
Red Hat update for ntp
by Marianna Schmudlach / January 29, 2009 12:27 AM PST

Release Date: 2009-01-29

Critical:
Less critical
Impact: Spoofing

Where: From remote
Solution Status: Vendor Patch


OS: Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux Desktop (v. 5 client)
RedHat Enterprise Linux AS 4
RedHat Enterprise Linux ES 4
RedHat Enterprise Linux WS 4

Description:
Red Hat has issued an update for ntp. This fixes a vulnerability, which can be exploited by malicious people to conduct spoofing attacks.

Solution:
Updated packages are available via Red Hat Network.
http://rhn.redhat.com

Original Advisory:
RHSA-2009-0046:
https://rhn.redhat.com/errata/RHSA-2009-0046.html

Other References:
SA33406:
http://secunia.com/advisories/33406/

Collapse -
Sony Ericsson Phones WAP Push Denial of Service Vulnerabilit
by Marianna Schmudlach / January 29, 2009 12:28 AM PST

Release Date: 2009-01-29

Critical:
Moderately critical
Impact: DoS

Where: From remote
Solution Status: Unpatched


OS: Sony Ericsson K530i
Sony Ericsson K610i
Sony Ericsson K618i
Sony Ericsson K660i
Sony Ericsson K810i
Sony Ericsson W660i
Sony Ericsson W880i
Sony Ericsson W910i
Sony Ericsson Z610i

Description:
A vulnerability has been reported in various Sony Ericsson phones, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to an error in the processing of WAP Push packets, which can be exploited to reboot or crash an affected device e.g. via a specially crafted SMS or a specially crafted UDP packet to port 2948.

The vulnerability is reported in the following products:
W910i
W660i
K618i
K610i
Z610i
K810i
K660i
W880i
K530i

Solution:
No valid solution is currently available.

Provided and/or discovered by:
Mobile Security Lab

Original Advisory:
http://www.mseclab.com/index.php?page_id=123
http://www.mseclab.com/?p=128

Collapse -
Debian update for rt2400, rt2500, and rt2570
by Marianna Schmudlach / January 29, 2009 12:30 AM PST

Release Date: 2009-01-29

Critical:
Moderately critical
Impact: DoS
System access

Where: From remote
Solution Status: Vendor Patch


OS: Debian GNU/Linux 4.0
Debian GNU/Linux unstable alias sid

Description:
Debian has issued an update for rt2400, rt2500, and rt2570. This fixes a vulnerability, which can be exploited to cause a DoS (Denial of Service) or compromise a vulnerable system.

Solution:
Apply updated packages.

Original Advisory:
DSA-1712-1:
http://lists.debian.org/debian-security-announce/2009/msg00020.html

DSA-1713-1:
http://lists.debian.org/debian-security-announce/2009/msg00021.html

DSA-1714-1:
http://lists.debian.org/debian-security-announce/2009/msg00022.html

Other References:
SA33592:
http://secunia.com/advisories/33592/

Collapse -
Sun Java System Application Server Information Disclosure
by Marianna Schmudlach / January 29, 2009 12:32 AM PST

Release Date: 2009-01-29

Critical:
Moderately critical
Impact: Exposure of system information
Exposure of sensitive information

Where: From remote
Solution Status: Vendor Patch


Software: Sun Java System Application Server 8.x

Description:
Sun has acknowledged a security issue in Sun Java System Application Server, which can be exploited by malicious people to disclose sensitive information.

The security issue is caused due to an unspecified error, which can be exploited to read web application configuration files in the "WEB-INF" and "META-INF" directories.

This security issue is reported in Sun Java System Application Server versions 8.1 and 8.2.

Solution:
Apply patches.

Provided and/or discovered by:
Reported by vendor.

Changelog:
2009-01-29: Added CVE reference.

Original Advisory:
http://sunsolve.sun.com/search/document.do?assetkey=1-66-245446-1

Collapse -
Vulnerability found in FFmpeg library
by Marianna Schmudlach / January 29, 2009 12:36 AM PST

29 January 2009

A vulnerability has been found in FFmpeg that may be exploited by a (remote) attacker to execute arbitrary code in the context of FFmpeg or an application using the FFmpeg library. FFmpeg is a free tool and library collection which is used to record, convert and stream audio and video. It is used by several popular open source software projects including VLC media player, MPlayer, Perian, and others.

More: http://www.heise-online.co.uk/security/Vulnerability-found-in-FFmpeg-library--/news/112517

Collapse -
Nokia releases "Curse of Silence" SMS cure
by Marianna Schmudlach / January 29, 2009 12:38 AM PST

29 January 2009

Nokia has released SMS Cleaner for Nokia S60 3rd Edition (Initial or Feature Pack 1) based devices, which may have received a so called ?Curse of Silence? SMS message. The "Curse of Silence" SMS message that blocks reception of further SMS's or MMS's on many current Nokia mobile phones was originally announced at the 25th Chaos Communication Congress (25C3) in Berlin by Tobias Engel, a member of the Chaos Computer Club (CCC). The CCC had also provided a video to demonstrate the "Curse of Silence" SMS on it's website.

More: http://www.heise-online.co.uk/security/Nokia-releases-Curse-of-Silence-SMS-cure--/news/112516

Collapse -
Popular browsers continue to be vulnerable to clickjacking a
by Marianna Schmudlach / January 29, 2009 12:40 AM PST

Popular browsers continue to be vulnerable to clickjacking attacks - Updated

29 January 2009

A demo released by security expert Aditya K Sood shows once again that the browser manufacturers still haven't found a cure for the type of attack that became known as clickjacking last year. The term clickjacking refers to attacks where malformed web pages place items like a transparent iFrame under the mouse pointer. Thinking they are clicking on some item on the page, users click on the elements contained in the iFrame instead, for example on the buttons of a router's web interface that change settings or initiate actions.

Sood's demo, which was originally only intended to demonstrate that Google's Chrome browser is vulnerable to clickjacking, works in a similar way. However, the demo also functions in the current version of Firefox. It demonstrates how the browser initially shows the correct URL, in this case yahoo.com, in the status bar when the mouse hovers over a link, but how clicking on the link actually calls xxsed.com, a cross-site scripting database. This could be exploited for phishing attacks.

More: http://www.heise-online.co.uk/security/Popular-browsers-continue-to-be-vulnerable-to-clickjacking-attacks-Updated--/news/112518

Collapse -
Linux also affected by hole in Ralink's Wi-fi driver
by Marianna Schmudlach / January 29, 2009 12:41 AM PST

29 January 2009

The flaw discovered in Ralink's Wi-fi drivers for Windows last weekend also affects the Linux drivers ? as already suspected. Attackers can exploit the hole to crash a computer remotely or possibly even inject and execute arbitrary code. Debian has released new packages for the rt2400, rt2500 and rt2570 models, but the packages need to be compiled by the user for the time being.


The hole is caused by an integer overflow when receiving probe requests that a long SSID of between 128 and 256 bytes in length. The card or stick has to run in the less frequently used ad-hoc mode for the hole to appear. Other Linux distributions aside from Debian are also likely to be affected, especially those who use the manufacturer's drivers rather than drivers they developed for the Wi-fi card and stick as part of the distributions.

More: http://www.heise-online.co.uk/security/Linux-also-affected-by-hole-in-Ralink-s-Wi-fi-driver--/news/112520

Popular Forums

icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

FALL TV PREMIERES

Your favorite shows are back!

Don’t miss your dramas, sitcoms and reality shows. Find out when and where they’re airing!