Spyware, Viruses, & Security forum

General discussion

VULNERABILITIES \ FIXES - July 18, 2008

by Marianna Schmudlach / July 18, 2008 12:57 AM PDT

Fedora update for python-formencode


Secunia Advisory: SA31163
Release Date: 2008-07-18


Critical:
Moderately critical
Impact: Security Bypass

Where: From remote

Solution Status: Vendor Patch


OS: Fedora 9

Description:
Fedora has issued an update for python-formencode. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions.

Solution:
Apply updated packages via the yum utility ("yum update python-formencode").

Original Advisory:
https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00607.html

Other References:
SA31081:
http://secunia.com/advisories/31081/

Discussion is locked
You are posting a reply to: VULNERABILITIES \ FIXES - July 18, 2008
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: VULNERABILITIES \ FIXES - July 18, 2008
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Vim configure.in Insecure Temporary Files
by Marianna Schmudlach / July 18, 2008 12:58 AM PDT

Secunia Advisory: SA31159
Release Date: 2008-07-18


Critical:
Less critical
Impact: Privilege escalation

Where: Local system

Solution Status: Unpatched


Software: Vim 6.x
Vim 7.x

Description:
A security issue has been reported in Vim, which can be exploited by malicious, local users to gain escalated privileges.

The security issue is caused due to the src/configure.in file handling temporary files in an insecure manner. This can be exploited to overwrite arbitrary files or to run arbitrary code with the privileges of the user configuring Vim via symlink and race condition attacks.

Successful exploitation requires that Vim is configured with the "--enable-pythoninterp" option.

The security issue is reported in versions 5.0 through 7.1. Other versions may also be affected.

Solution:
Restrict local access to trusted users only.

Provided and/or discovered by:
Jan Minar

Original Advisory:
http://seclists.org/fulldisclosure/2008/Jul/0312.html

Collapse -
Fedora update for firefox
by Marianna Schmudlach / July 18, 2008 1:00 AM PDT

Secunia Advisory: SA31157
Release Date: 2008-07-18


Critical:
Highly critical
Impact: Security Bypass
Exposure of sensitive information
System access

Where: From remote

Solution Status: Vendor Patch


OS: Fedora 8
Fedora 9

Description:
Fedora has issued an update for firefox. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, disclose sensitive information, and compromise a vulnerable system.

Original Advisory:
https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00679.html
https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00656.html

Other References:
SA30761:
http://secunia.com/advisories/30761/

SA31120:
http://secunia.com/advisories/31120/

Collapse -
Sun Solaris System Management Agent SNMP Daemon Buffer Overf
by Marianna Schmudlach / July 18, 2008 1:02 AM PDT

Secunia Advisory: SA31155
Release Date: 2008-07-18


Critical:
Moderately critical
Impact: DoS
System access

Where: From local network

Solution Status: Unpatched


OS: Sun Solaris 10

Description:
A vulnerability has been reported in Sun Solaris, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.

The vulnerability is caused due to a boundary error in the System Management Agent (SMA) SNMP daemon (snmpd(1M)) and can be exploited to cause a buffer overflow.

Solution:
A final resolution is pending completion for Solaris 10.

-- SPARC platform --

OpenSolaris:
Fixed in builds snv_93 or later.


-- x86 platform --

OpenSolaris:
Fixed in builds snv_93 or later.

Provided and/or discovered by:
Originally reported by John Kortink via a Net-snmp bug report.

Original Advisory:
http://sunsolve.sun.com/search/document.do?assetkey=1-66-239785-1

Other References:
SA30187:
http://secunia.com/advisories/30187/

Collapse -
Fedora update for seamonkey
by Marianna Schmudlach / July 18, 2008 1:03 AM PDT

Secunia Advisory: SA31154
Release Date: 2008-07-18


Critical:
Highly critical
Impact: System access

Where: From remote

Solution Status: Vendor Patch


OS: Fedora 8
Fedora 9

Description:
Fedora has issued an update for seamonkey. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.

Original Advisory:
https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00667.html
https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00672.html

Other References:
SA30761:
http://secunia.com/advisories/30761/

Collapse -
IBM WebSphere Application Server Unspecified Vulnerability
by Marianna Schmudlach / July 18, 2008 1:05 AM PDT

Secunia Advisory: SA31149
Release Date: 2008-07-18


Critical:
Moderately critical
Impact: Unknown

Where: From remote

Solution Status: Vendor Patch


Software: IBM WebSphere Application Server 5.x

Description:
A vulnerability with an unknown impact has been reported in IBM WebSphere Application Server.

The vulnerability is caused due to an unspecified error within the "PropFilePasswordEncoder" utility. No further information is currently available.

NOTE: An issue in "Wsadmin", which may leave some previously encrypted properties unencrypted has also been reported.

Solution:
Apply Fix Pack 19 (5.1.1.19).

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
IBM (PK61436):
http://www-1.ibm.com/support/docview.wss?uid=swg27006879

Collapse -
Slackware update for mozilla-firefox
by Marianna Schmudlach / July 18, 2008 1:07 AM PDT

Secunia Advisory: SA31145
Release Date: 2008-07-18


Critical:
Highly critical
Impact: Security Bypass
Exposure of sensitive information
System access

Where: From remote

Solution Status: Vendor Patch


OS: Slackware Linux 11.0

Description:
Slackware has issued an update for mozilla-firefox. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, disclose sensitive information, and compromise a vulnerable system.

Solution:
Apply updated packages.

Original Advisory:
http://www.slackware.org/security/vie...=2008&m=slackware-security.380974

Other References:
SA30761:
http://secunia.com/advisories/30761/

SA31120:
http://secunia.com/advisories/31120/

Collapse -
Slackware update for seamonkey
by Marianna Schmudlach / July 18, 2008 1:08 AM PDT

Secunia Advisory: SA31144
Release Date: 2008-07-18


Critical:
Highly critical
Impact: System access

Where: From remote

Solution Status: Vendor Patch


OS: Slackware Linux 11.0

Description:
Slackware has issued an update for seamonkey. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.

Solution:
Apply updated packages.

Original Advisory:
http://www.slackware.org/security/vie...=2008&m=slackware-security.380767

Other References:
SA30761:
http://secunia.com/advisories/30761/

Collapse -
OpenLink Virtuoso Denial of Service Vulnerabilities
by Marianna Schmudlach / July 18, 2008 1:10 AM PDT

Secunia Advisory: SA31140
Release Date: 2008-07-18


Critical:
Moderately critical
Impact: DoS

Where: From remote

Solution Status: Vendor Patch


Software: OpenLink Virtuoso (Open-Source Edition) 5.x

Description:
Some vulnerabilities have been reported in OpenLink Virtuoso, which can be exploited by malicious people to cause a DoS (Denial of Service).

Solution:
Update to version 5.0.7.
http://sourceforge.net/project/showfiles.php?group_id=161622

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
http://sourceforge.net/project/shownotes.php?release_id=614029

Collapse -
Arctic "filter" SQL Injection Vulnerability
by Marianna Schmudlach / July 18, 2008 1:12 AM PDT

Secunia Advisory: SA31139
Release Date: 2008-07-18


Critical:
Moderately critical
Impact: Manipulation of data

Where: From remote

Solution Status: Unpatched


Software: Arctic 2.x

Description:
QTRinux has discovered a vulnerability in Arctic, which can be exploited by malicious people to conduct SQL injection attacks.

Input passed to the "filter" parameter in index.php is not properly sanitised before being used in an SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

The vulnerability is confirmed in version 2.0.0. Other versions may also be affected.

Solution:
Filter malicious characters and character sequences using a web proxy.

Provided and/or discovered by:
QTRinux

Original Advisory:
http://milw0rm.com/exploits/6097

Collapse -
Problem resolution.
by arctictracker / July 20, 2008 4:35 AM PDT

This issue has been addressed in Arctic version 2.0.1 released 7/18/2008.

Collapse -
preCMS "id" SQL Injection Vulnerability
by Marianna Schmudlach / July 18, 2008 1:25 AM PDT

Secunia Advisory: SA31138
Release Date: 2008-07-18


Critical:
Moderately critical
Impact: Manipulation of data
Exposure of sensitive information

Where: From remote

Solution Status: Unpatched


Software: preCMS 1.x



Description:
Mr.SQL has discovered a vulnerability in preCMS, which can be exploited by malicious people to conduct SQL injection attacks.

Input passed to the "id" parameter in index.php (when "page" is set to "UserProfil") is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

Successful exploitation allows e.g. retrieval of administrator usernames and passwords, but requires that "magic_quotes_gpc" is disabled.

The vulnerability is confirmed in version 1. Other versions may also be affected.

Solution:
Edit the source code to ensure that input is properly sanitised.

Provided and/or discovered by:
Mr.SQL

Original Advisory:
http://milw0rm.com/exploits/6096

Collapse -
AlstraSoft Video Share Enterprise "UID" SQL Injection
by Marianna Schmudlach / July 18, 2008 1:26 AM PDT

Secunia Advisory: SA31134
Release Date: 2008-07-18


Critical:
Moderately critical
Impact: Manipulation of data

Where: From remote

Solution Status: Unpatched


Software: AlstraSoft Video Share Enterprise 4.x

Description:
Hussin X has reported a vulnerability in AlstraSoft Video Share Enterprise, which can be exploited by malicious people to conduct SQL injection attacks.

Input passed to the "UID" parameter in album.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

The vulnerability is reported in version 4.51. Other versions may also be affected.

Solution:
Edit the source code to ensure that input is properly sanitised.

Provided and/or discovered by:
Hussin X

Original Advisory:
http://milw0rm.com/exploits/6092

Collapse -
phpHoo3 "viewCat" SQL Injection Vulnerability
by Marianna Schmudlach / July 18, 2008 1:27 AM PDT

Secunia Advisory: SA31130
Release Date: 2008-07-18


Critical:
Moderately critical
Impact: Manipulation of data

Where: From remote

Solution Status: Unpatched


Software: phpHoo3

Description:
Mr.SQL has discovered a vulnerability in phpHoo3, which can be exploited by malicious people to conduct SQL injection attacks.

Input passed to the "viewCat" parameter in phpHoo3.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

Solution:
Edit the source code to ensure that input is properly sanitised.

Provided and/or discovered by:
Mr.SQL

Original Advisory:
http://milw0rm.com/exploits/6091

Collapse -
Ubuntu update for firefox
by Marianna Schmudlach / July 18, 2008 1:28 AM PDT

Secunia Advisory: SA31129
Release Date: 2008-07-18


Critical:
Highly critical
Impact: Security Bypass
Exposure of sensitive information
System access

Where: From remote

Solution Status: Vendor Patch


OS: Ubuntu Linux 6.06
Ubuntu Linux 7.04
Ubuntu Linux 7.10

Description:
Ubuntu has issued an update for firefox. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, disclose sensitive information, and compromise a vulnerable system.

Solution:
Apply updated packages.

Original Advisory:
https://lists.ubuntu.com/archives/ubuntu-security-announce/2008-July/000729.html

Other References:
SA30761:
http://secunia.com/advisories/30761/

SA31120:
http://secunia.com/advisories/31120/

Collapse -
tplSoccerSite Multiple SQL Injection Vulnerabilities
by Marianna Schmudlach / July 18, 2008 1:29 AM PDT

Secunia Advisory: SA31111
Release Date: 2008-07-18


Critical:
Moderately critical
Impact: Manipulation of data

Where: From remote

Solution Status: Vendor Patch


Software: tplSoccerSite 1.x

Description:
Mr.SQL has reported some vulnerabilities in tplSoccerSite, which can be exploited by malicious people to conduct SQL injection attacks.

Input passed to the "id" parameter in index.php, player.php, opponent.php, matchdetails.php, and additionalpage.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

Solution:
Update to version 1.01.

Provided and/or discovered by:
Mr.SQL

Original Advisory:
http://milw0rm.com/exploits/6088

Collapse -
Fedora update for phpMyAdmin
by Marianna Schmudlach / July 18, 2008 1:31 AM PDT

Secunia Advisory: SA31097
Release Date: 2008-07-18


Critical:
Less critical
Impact: Cross Site Scripting

Where: From remote

Solution Status: Vendor Patch


OS: Fedora 8
Fedora 9

Description:
Fedora has issued an update for phpMyAdmin. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site request forgery attacks.

Solution:
Apply updated packages via the yum utility ("yum update phpMyAdmin").

Original Advisory:
https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00590.html
https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00652.html

Other References:
SA31115:
http://secunia.com/advisories/31115/

Collapse -
Fedora update for clamav
by Marianna Schmudlach / July 18, 2008 1:32 AM PDT

Secunia Advisory: SA31091
Release Date: 2008-07-18


Critical:
Moderately critical
Impact: DoS

Where: From remote

Solution Status: Vendor Patch


OS: Fedora 8
Fedora 9

Description:
Fedora has issued an update for clamav. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

Solution:
Apply updated packages via the yum utility ("yum update clamav").

Original Advisory:
https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00606.html
https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00617.html

Other References:
SA30657:
http://secunia.com/advisories/30657/

Collapse -
FormEncode "chained_validators" Security Bypass Vulnerabilit
by Marianna Schmudlach / July 18, 2008 1:33 AM PDT

Secunia Advisory: SA31081
Release Date: 2008-07-18


Critical:
Moderately critical
Impact: Security Bypass

Where: From remote

Solution Status: Vendor Patch


Software: FormEncode 1.x

Description:
A vulnerability has been reported in FormEncode, which can be exploited by malicious people to bypass certain security restrictions.

The vulnerability is caused due to the application not calling the "chained_validators" validator class, which can be exploited to bypass the intended filtering steps.

The vulnerability is reported in version 1.0. Other versions may also be affected.

Solution:
Update to version 1.0.1.

Provided and/or discovered by:
Petter Urkedal

Original Advisory:
http://sourceforge.net/tracker/index....64&group_id=91231&atid=596416

http://www.formencode.org/news.html#id1

Collapse -
Berkley Yacc Denial of Service Security Issue
by Marianna Schmudlach / July 18, 2008 1:34 AM PDT

Secunia Advisory: SA31073
Release Date: 2008-07-18


Critical:
Less critical
Impact: DoS

Where: From remote

Solution Status: Unpatched


Software: Berkley Yacc

Description:
A security issue has been reported in Berkley Yacc, which potentially can be exploited by malicious people to cause a DoS (Denial of Service).

The security issue is caused due to an error in the generated "yyparse()" function and can be exploited to cause an out-of-bounds memory read when reducing a parsed rule with an empty right hand side.

Solution:
Do not parse untrusted input using Berkley Yacc generated code.

Provided and/or discovered by:
Otto Moerbeck

Original Advisory:
http://marc.info/?l=openbsd-cvs&m=121553004431393&w=2

Collapse -
MRO Maximo Information Disclosure and Cross-Site Scripting
by Marianna Schmudlach / July 18, 2008 1:35 AM PDT

Secunia Advisory: SA31046
Release Date: 2008-07-18


Critical:
Less critical
Impact: Cross Site Scripting
Exposure of system information

Where: From remote

Solution Status: Unpatched


Software: MRO Maximo 4.x
MRO Maximo 5.x

Description:
Deniz Cevik has reported some vulnerabilities and a security issue in MRO Maximo, which can be exploited by malicious people to disclose system information and conduct cross-site scripting attacks.

Solution:
Edit the source code to ensure that input is properly sanitised.

Restrict access to the jsp/common/system/debug.jsp script.

Provided and/or discovered by:
Deniz Cevik

Changelog:
2008-07-18: Added CVE reference.

Original Advisory:
http://lists.grok.org.uk/pipermail/full-disclosure/2008-July/063171.html

Collapse -
LunarNight Laboratory WebProxy Cross-Site Scripting
by Marianna Schmudlach / July 18, 2008 1:36 AM PDT

Secunia Advisory: SA31042
Release Date: 2008-07-18


Critical:
Less critical
Impact: Cross Site Scripting

Where: From remote

Solution Status: Vendor Patch


Software: LunarNight Laboratory WebProxy 1.x

Description:
A vulnerability has been reported in LunarNight Laboratory WebProxy, which can be exploited by malicious people to conduct cross-site scripting attacks.

Certain input is not properly sanitised before being returned to a user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

The vulnerability is reported in version 1.7.8 and prior.

Solution:
Update to version 1.7.9.

Provided and/or discovered by:
Reported via JVN.

Original Advisory:
JVN#49704543:
http://jvn.jp/jp/JVN49704543/index.html

LunarNight Laboratory:
http://www.ln-lab.net/lunar-night.lab/page-dl_webproxy/design-whiteecuni

Collapse -
DoS vulnerability in F-Prot eliminated
by Marianna Schmudlach / July 18, 2008 1:39 AM PDT

18 July 2008

The security services provider n.runs says that in late April this year Frisk, the Icelandic vendor of F-Prot antivirus software, eliminated a vulnerability in its scan engine for Windows that could have allowed attackers to make the scanner crash. Frisk had previously been advised of the problem by n.runs, but apparently there were problems with further communications, leaving n.runs uncertain of the outcome. Normally, n.runs doesn't publish its reports until a vulnerability has been eliminated.

http://www.heise-online.co.uk/security/DoS-vulnerability-in-F-Prot-eliminated--/news/111123

Collapse -
BlackBerry Security Advisory
by Marianna Schmudlach / July 18, 2008 8:44 AM PDT

updated July 18, 2008

Research In Motion has released a Security Advisory to address a vulnerability in the BlackBerry Enterprise Server. This vulnerability is due to the improper processing of PDF files within the distiller component of the BlackBerry Attachment Service. By convincing a user to open a maliciously crafted PDF attachment on a BlackBerry smartphone, an attacker may be able to execute arbitrary code on the system running the BlackBerry Attachment Service.

US-CERT encourages users to review BlackBerry Security Advisory KB15766 and apply the resolution or implement the workarounds listed in the document to help mitigate the risk.

US-CERT will provide additional information as it becomes available.

http://www.us-cert.gov/current/current_activity.html#blackberry_security_advisory

Popular Forums
icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

GIVEAWAY

Turn up the volume with our Apple Byte sweeps!

Two lucky winners will take home the coveted smart speaker that lets Siri help you around your connected house. This sweepstake ends Feb. 25, 2018.