Spyware, Viruses, & Security forum

General discussion

VULNERABILITIES \ FIXES - July 31, 2007

Hitachi JP1/Cm2/Hierarchical Viewer Remote Denial of Service Vulnerability

Advisory ID : FrSIRT/ADV-2007-2722
CVE ID : GENERIC-MAP-NOMATCH
Rated as : Low Risk
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-07-31
Technical Description

A vulnerability has been identified in Hitachi JP1/Cm2/Hierarchical Viewer, which could be exploited by attackers to cause a denial of service. This issue is caused by an unspecified error in the web-based interface when processing malformed data, which could be exploited by remote attackers to cause a vulnerable application to stop responding, creating a denial of service condition.

Affected Products

Hitachi JP1/Cm2/Hierarchical Viewer versions 06-00 through 06-71-/B

Solution

Upgrade to version 07-00 :
http://www.hitachi-support.com/security_e/vuls_e/HS07-021_e/index-e.html

References

http://www.frsirt.com/english/advisories/2007/2722
http://www.hitachi-support.com/security_e/vuls_e/HS07-021_e/index-e.html

Credits

Vulnerability reported by the vendor.

Discussion is locked
You are posting a reply to: VULNERABILITIES \ FIXES - July 31, 2007
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: VULNERABILITIES \ FIXES - July 31, 2007
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Hitachi Groupmax Collaboration Schedule Information Disclosu

In reply to: VULNERABILITIES \ FIXES - July 31, 2007

Advisory ID : FrSIRT/ADV-2007-2723
CVE ID : GENERIC-MAP-NOMATCH
Rated as : Low Risk
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-07-31
Technical Description

A vulnerability has been identified in various Hitachi products, which could be exploited to gain knowledge of sensitive information. This issue is caused by an error when a secretary or facility manager changes schedule data, which could cause the schedule data to be assigned to an unintended member, leading to an information disclosure condition.

Affected Products

Hitachi Groupmax Collaboration Portal versions 07-32 through 07-32-/B
Hitachi uCosminexus Collaboration Portal versions 06-32 through 06-32-/B
Hitachi Groupmax Collaboration Web Client - Mail/Schedule versions 07-32 through 07-32-/A

Solution

Upgrade to Groupmax Collaboration Portal version 07-32-/C, uCosminexus Collaboration Portal version 06-32-/C and Groupmax Collaboration Web Client - Mail/Schedule version 07-32-/B :
http://www.hitachi-support.com/security_e/vuls_e/HS07-022_e/index-e.html

References

http://www.frsirt.com/english/advisories/2007/2723
http://www.hitachi-support.com/security_e/vuls_e/HS07-022_e/index-e.html

Credits

Vulnerability reported by the vendor.

Collapse -
Hitachi Groupmax Groupware Server Scheduler_Facilities Tool

In reply to: VULNERABILITIES \ FIXES - July 31, 2007

Hitachi Groupmax Groupware Server Scheduler_Facilities Tool Vulnerability

Advisory ID : FrSIRT/ADV-2007-2724
CVE ID : GENERIC-MAP-NOMATCH
Rated as : Low Risk
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-07-31
Technical Description

A vulnerability has been identified in Hitachi Groupmax Groupware Server, which could be exploited to gain knowledge of sensitive information. This issue is caused due to the schedule server configuration data being overwritten with previous values when using the Groupmax Scheduler_Facilities management tool, leading to an information disclosure condition.

Affected Products

Hitachi Groupmax Groupware Server versions 7.x

Solution

Apply patches :
http://www.hitachi-support.com/security_e/vuls_e/HS07-023_e/index-e.html

References

http://www.frsirt.com/english/advisories/2007/2724
http://www.hitachi-support.com/security_e/vuls_e/HS07-023_e/index-e.html

Credits

Vulnerability reported by the vendor.

Collapse -
Hitachi Cosminexus Component Container Module Session Handli

In reply to: VULNERABILITIES \ FIXES - July 31, 2007

Hitachi Cosminexus Component Container Module Session Handling Vulnerability

Advisory ID : FrSIRT/ADV-2007-2725
CVE ID : GENERIC-MAP-NOMATCH
Rated as : Low Risk
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-07-31
Technical Description

A vulnerability has been identified in various Hitachi products, which could be exploited to gain knowledge of sensitive information. This issue is caused by an error within the handling of session data, which could cause the session data of one user to be used as the session data of another user, leading to an information disclosure condition.

Affected Products

Hitachi uCosminexus Application Server Enterprise
Hitachi uCosminexus Application Server Standard
Hitachi uCosminexus Service Platform
Hitachi uCosminexus Developer Standard
Hitachi uCosminexus Developer Professional
Hitachi uCosminexus Developer Light
Hitachi uCosminexus Service Architect
Hitachi Cosminexus Application Server Enterprise version 6
Hitachi Cosminexus Application Server Standard version 6
Hitachi Cosminexus Developer Standard version 6
Hitachi Cosminexus Developer Professional version 6
Hitachi Cosminexus Developer Light version 6
Hitachi Electronic Form Workflow - Standard Set
Hitachi Electronic Form Workflow - Professional Library Set
Hitachi Electronic Form Workflow - Developer Client Set
Hitachi uCosminexus ERP Integrator
Hitachi Cosminexus ERP Integrator
Hitachi uCosminexus Collaboration - Server
Hitachi Cosminexus Collaboration - Server
Hitachi Groupmax Collaboration - Server
Hitachi uCosminexus/OpenTP1 Web Front-end Set
Hitachi Cosminexus/OpenTP1 Web Front-end Set

Solution

Apply patches :
http://www.hitachi-support.com/security_e/vuls_e/HS07-024_e/index-e.html

References

http://www.frsirt.com/english/advisories/2007/2725
http://www.hitachi-support.com/security_e/vuls_e/HS07-024_e/index-e.html

Credits

Vulnerability reported by the vendor.

Collapse -
Xpdf "StreamPredictor::StreamPredictor()" Function Integer O

In reply to: VULNERABILITIES \ FIXES - July 31, 2007

Xpdf "StreamPredictor::StreamPredictor()" Function Integer Overflow Vulnerability

Advisory ID : FrSIRT/ADV-2007-2704
CVE ID : CVE-2007-3387
Rated as : High Risk
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-07-31
Technical Description

A vulnerability has been identified in Xpdf, which could be exploited by remote attackers to cause a denial of service or compromise an affected system. This issue is caused by an integer overflow error in the "StreamPredictor::StreamPredictor()" [xpdf/Stream.cc] function when processing malformed data, which could be exploited by attackers to crash a vulnerable application or execute arbitrary code by tricking a user into opening a specially crafted PDF file.

Affected Products

xpdf version 3.02 and prior

Solution

Apply patch :
ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl1.patch

References

http://www.frsirt.com/english/advisories/2007/2704

Credits

Vulnerability reported by Maurycy Prodeus (iSEC).

Collapse -
KDE Products "StreamPredictor::StreamPredictor()" Integer Ov

In reply to: VULNERABILITIES \ FIXES - July 31, 2007

KDE Products "StreamPredictor::StreamPredictor()" Integer Overflow Vulnerability

Advisory ID : FrSIRT/ADV-2007-2705
CVE ID : CVE-2007-3387
Rated as : High Risk
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-07-31
Technical Description

A vulnerability has been identified in KDE and KOffice, which could be exploited by remote attackers to cause a denial of service or compromise an affected system. This issue is caused by an integer overflow error in the "StreamPredictor::StreamPredictor()" [xpdf/Stream.cc] function when processing malformed data, which could be exploited by attackers to crash a vulnerable application or execute arbitrary code by tricking a user into opening a specially crafted PDF file.

Affected Products

KDE versions 3.x
KOffice versions 1.x

Solution

Apply patch for KOffice 1.x :
ftp://ftp.kde.org/pub/kde/security_patches/koffice-xpdf-CVE-2007-3387.diff

Apply patch for KDE 3.x :
ftp://ftp.kde.org/pub/kde/security_patches/post-3.5.7-kdegraphics-CVE-2007-3387.diff

References

http://www.frsirt.com/english/advisories/2007/2705
http://www.kde.org/info/security/advisory-20070730-1.txt

Credits

Vulnerability reported by Maurycy Prodeus (iSEC).

Collapse -
Joomla! Multiple Cross Site Scripting and HTTP Response Spli

In reply to: VULNERABILITIES \ FIXES - July 31, 2007

Joomla! Multiple Cross Site Scripting and HTTP Response Splitting Vulnerabilities

Advisory ID : FrSIRT/ADV-2007-2719
CVE ID : GENERIC-MAP-NOMATCH
Rated as : Moderate Risk
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-07-31
Technical Description

Multiple vulnerabilities have been identified in Joomla!, which could be exploited to conduct cross site scripting, HTTP response splitting and session hijacking attacks. These issues are caused by input validation errors in various components when processing user-supplied data, which could be exploited by attackers to hijack a user's session or cause arbitrary headers and scripting code to be executed by the user's browser in the security context of an affected Web site.

Affected Products

Joomla! versions prior to 1.0.13

Solution

Upgrade to Joomla! version 1.0.13 :
http://joomlacode.org/gf/project/joomla/frs/

References

http://www.frsirt.com/english/advisories/2007/2719
http://www.joomla.org/content/view/3670/78/

Credits

Vulnerabilities reported by the vendor.

Collapse -
Debian Security Update Fixes X.Org XFS Script Privilege Esca

In reply to: VULNERABILITIES \ FIXES - July 31, 2007

Debian Security Update Fixes X.Org XFS Script Privilege Escalation Vulnerability

Advisory ID : FrSIRT/ADV-2007-2703
CVE ID : CVE-2007-3103
Rated as : Moderate Risk
Remotely Exploitable : No
Locally Exploitable : Yes
Release Date : 2007-07-31
Technical Description

A vulnerability has been identified in Debian, which could be exploited by local attackers to obtain elevated privileges. This issue is caused by a race condition in the way temporary files are handled when executing the XFS script, which could be exploited by malicious users manipulate certain files and gain root privileges when a vulnerable system (or XFS) is rebooted.

Affected Products

Debian GNU/Linux etch
Debian GNU/Linux sid

Solution

Debian GNU/Linux etch - Upgrade to xfs version 1.0.1-6
Debian GNU/Linux sid - Upgrade to xfs version 1.0.4-2

References

http://www.frsirt.com/english/advisories/2007/2703
http://lists.debian.org/debian-security-announce/debian-security-announce-2007/msg00104.html

Collapse -
Redhat Security Update Fixes CUPS PDF Handling Integer Overf

In reply to: VULNERABILITIES \ FIXES - July 31, 2007

Redhat Security Update Fixes CUPS PDF Handling Integer Overflow Vulnerability

Advisory ID : FrSIRT/ADV-2007-2706
CVE ID : CVE-2007-3387
Rated as : High Risk
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-07-31
Technical Description

A vulnerability has been identified in various Redhat products, which could be exploited by remote attackers to cause a denial of service or compromise an affected system. This issue is caused by an error in CUPS. For additional information, see : FrSIRT/ADV-2007-2704

Affected Products

RHEL Desktop Workstation (v. 5 client)
Red Hat Desktop (v. 3)
Red Hat Desktop (v. 4)
Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux AS (v. 3)
Red Hat Enterprise Linux AS (v. 4)
Red Hat Enterprise Linux Desktop (v. 5 client)
Red Hat Enterprise Linux ES (v. 3)
Red Hat Enterprise Linux ES (v. 4)
Red Hat Enterprise Linux WS (v. 3)
Red Hat Enterprise Linux WS (v. 4)

Solution

Upgrade the affected packages :
http://rhn.redhat.com/

References

http://www.frsirt.com/english/advisories/2007/2706
http://rhn.redhat.com/errata/RHSA-2007-0720.html

Collapse -
Redhat Security Update Fixes kdegraphics PDF Handling Intege

In reply to: VULNERABILITIES \ FIXES - July 31, 2007

Redhat Security Update Fixes kdegraphics PDF Handling Integer Overflow Issue

Advisory ID : FrSIRT/ADV-2007-2707
CVE ID : CVE-2007-3387
Rated as : High Risk
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-07-31
Technical Description

A vulnerability has been identified in various Redhat products, which could be exploited by remote attackers to cause a denial of service or compromise an affected system. This issue is caused by an error in kdegraphics. For additional information, see : FrSIRT/ADV-2007-2705

Affected Products

RHEL Desktop Workstation (v. 5 client)
RHEL Optional Productivity Applications (v. 5 server)
Red Hat Desktop (v. 4)
Red Hat Enterprise Linux AS (v. 4)
Red Hat Enterprise Linux Desktop (v. 5 client)
Red Hat Enterprise Linux ES (v. 4)
Red Hat Enterprise Linux WS (v. 4)

Solution

Upgrade the affected packages :
http://rhn.redhat.com/

References

http://www.frsirt.com/english/advisories/2007/2707
http://rhn.redhat.com/errata/RHSA-2007-0729.html

Collapse -
Redhat Security Update Fixes gpdf PDF Handling Integer Overf

In reply to: VULNERABILITIES \ FIXES - July 31, 2007

Redhat Security Update Fixes gpdf PDF Handling Integer Overflow Vulnerability

Advisory ID : FrSIRT/ADV-2007-2708
CVE ID : CVE-2007-3387
Rated as : High Risk
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-07-31
Technical Description

A vulnerability has been identified in various Redhat products, which could be exploited by remote attackers to cause a denial of service or compromise an affected system. This issue is caused by an error in gpdf. For additional information, see : FrSIRT/ADV-2007-2704

Affected Products

Red Hat Desktop (v. 4)
Red Hat Enterprise Linux AS (v. 4)
Red Hat Enterprise Linux ES (v. 4)
Red Hat Enterprise Linux WS (v. 4)

Solution

Upgrade the affected packages :
http://rhn.redhat.com/

References

http://www.frsirt.com/english/advisories/2007/2708
http://rhn.redhat.com/errata/RHSA-2007-0730.html

Collapse -
Redhat Security Update Fixes poppler PDF Handling Integer Ov

In reply to: VULNERABILITIES \ FIXES - July 31, 2007

Redhat Security Update Fixes poppler PDF Handling Integer Overflow Vulnerability

Advisory ID : FrSIRT/ADV-2007-2709
CVE ID : CVE-2007-3387
Rated as : High Risk
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-07-31
Technical Description

A vulnerability has been identified in various Redhat products, which could be exploited by remote attackers to cause a denial of service or compromise an affected system. This issue is caused by an error in poppler. For additional information, see : FrSIRT/ADV-2007-2704

Affected Products

RHEL Desktop Workstation (v. 5 client)
Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux Desktop (v. 5 client)

Solution

Upgrade the affected packages :
http://rhn.redhat.com/

References

http://www.frsirt.com/english/advisories/2007/2709
http://rhn.redhat.com/errata/RHSA-2007-0732.html

Collapse -
Redhat Security Update Fixes Xpdf PDF Handling Integer Overf

In reply to: VULNERABILITIES \ FIXES - July 31, 2007

Redhat Security Update Fixes Xpdf PDF Handling Integer Overflow Vulnerability

Advisory ID : FrSIRT/ADV-2007-2710
CVE ID : CVE-2007-3387
Rated as : High Risk
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-07-31
Technical Description

A vulnerability has been identified in various Redhat products, which could be exploited by remote attackers to cause a denial of service or compromise an affected system. This issue is caused by an error in Xpdf. For additional information, see : FrSIRT/ADV-2007-2704

Affected Products

Red Hat Desktop (v. 3)
Red Hat Desktop (v. 4)
Red Hat Enterprise Linux AS (v. 2.1)
Red Hat Enterprise Linux AS (v. 3)
Red Hat Enterprise Linux AS (v. 4)
Red Hat Enterprise Linux ES (v. 2.1)
Red Hat Enterprise Linux ES (v. 3)
Red Hat Enterprise Linux ES (v. 4)
Red Hat Enterprise Linux WS (v. 2.1)
Red Hat Enterprise Linux WS (v. 3)
Red Hat Enterprise Linux WS (v. 4)
Red Hat Linux Advanced Workstation 2.1 (Itanium)

Solution

Upgrade the affected packages :
http://rhn.redhat.com/

References

http://www.frsirt.com/english/advisories/2007/2710
http://rhn.redhat.com/errata/RHSA-2007-0735.html

Collapse -
Fedora Security Update Fixes GraphicsMagick Code Execution V

In reply to: VULNERABILITIES \ FIXES - July 31, 2007

Fedora Security Update Fixes GraphicsMagick Code Execution Vulnerabilities

Advisory ID : FrSIRT/ADV-2007-2711
CVE ID : CVE-2005-4601 - CVE-2006-0082 - CVE-2006-4144 - CVE-2006-5456 - CVE-2007-1797
Rated as : High Risk
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-07-31
Technical Description

Multiple vulnerabilities have been identified in Fedora, which could be exploited by attackers to execute arbitrary code or cause a denial of service. These issues are caused by errors in GraphicsMagick. For additional information, see : FrSIRT/ADV-2006-0333 - FrSIRT/ADV-2006-4170 - FrSIRT/ADV-2007-1200 - FrSIRT/ADV-2006-3279

Affected Products

Fedora 7

Solution

Upgrade the affected packages

References

http://www.frsirt.com/english/advisories/2007/2711
https://www.redhat.com/archives/fedora-package-announce/2007-July/msg00526.html

Collapse -
Fedora Security Update Fixes Lighttpd Denial of Service and

In reply to: VULNERABILITIES \ FIXES - July 31, 2007

Fedora Security Update Fixes Lighttpd Denial of Service and Security Bypass

Advisory ID : FrSIRT/ADV-2007-2712
CVE ID : GENERIC-MAP-NOMATCH
Rated as : Moderate Risk
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-07-31
Technical Description

Multiple vulnerabilities have been identified in Fedora, which could be exploited by attackers to cause a denial of service or bypass security restrictions. These issues are caused by errors in Lighttpd. For additional information, see : FrSIRT/ADV-2007-2585

Affected Products

Fedora 7

Solution

Upgrade the affected packages

References

http://www.frsirt.com/english/advisories/2007/2712
https://www.redhat.com/archives/fedora-package-announce/2007-July/msg00500.html

Collapse -
Fedora Security Update Fixes Drupal Cross Site Request Forge

In reply to: VULNERABILITIES \ FIXES - July 31, 2007

Fedora Security Update Fixes Drupal Cross Site Request Forgery Vulnerability

Advisory ID : FrSIRT/ADV-2007-2713
CVE ID : GENERIC-MAP-NOMATCH
Rated as : Low Risk
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-07-31
Technical Description

A vulnerability has been identified in Fedora, which could be exploited to conduct cross site request forgery attacks. This issue is caused by an error in Drupal. For additional information, see : FrSIRT/ADV-2007-2697

Affected Products

Fedora 7

Solution

Upgrade the affected packages :

9b843aee5b68f670cd12c42404064273bb0388fa drupal-5.2-1.fc7.noarch.rpm
0be569a56c645ebc9ea5dec573a0eceaa6e50937 drupal-5.2-1.fc7.src.rpm

References

http://www.frsirt.com/english/advisories/2007/2713
https://www.redhat.com/archives/fedora-package-announce/2007-July/msg00489.html

Collapse -
Fedora Security Update Fixes Bind Query ID Generation DNS Ca

In reply to: VULNERABILITIES \ FIXES - July 31, 2007

Fedora Security Update Fixes Bind Query ID Generation DNS Cache Poisoning

Advisory ID : FrSIRT/ADV-2007-2714
CVE ID : CVE-2007-2926
Rated as : Moderate Risk
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-07-31
Technical Description

A vulnerability has been identified in Fedora, which could be exploited by attackers to gain knowledge of sensitive information. For additional information, see : FrSIRT/ADV-2007-2627

Affected Products

Fedora Core 6

Solution

Upgrade the affected packages

References

http://www.frsirt.com/english/advisories/2007/2714
https://www.redhat.com/archives/fedora-package-announce/2007-July/msg00487.html

Collapse -
rPath Security Update Fixes Libvorbis Code Execution and DoS

In reply to: VULNERABILITIES \ FIXES - July 31, 2007

rPath Security Update Fixes Libvorbis Code Execution and DoS Vulnerabilities

Advisory ID : FrSIRT/ADV-2007-2715
CVE ID : CVE-2007-3106 - CVE-2007-4029
Rated as : Moderate Risk
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-07-31
Technical Description

Multiple vulnerabilities have been identified in rPath Linux, which could be exploited by attackers to execute arbitrary code or cause a denial of service. These issues are caused by errors in Libvorbis. For additional information, see : FrSIRT/ADV-2007-2698

Affected Products

rPath Linux 1

Solution

Upgrade the affected package :
libvorbis=/conary.rpath.com at rpl:devel//1/1.2.0-0.1-1

References

http://www.frsirt.com/english/advisories/2007/2715
http://lists.rpath.com/pipermail/security-announce/2007-July/000218.html

Collapse -
rPath Security Update Fixes Vim "helptags_one()" Code Execut

In reply to: VULNERABILITIES \ FIXES - July 31, 2007

rPath Security Update Fixes Vim "helptags_one()" Code Execution Vulnerability

Advisory ID : FrSIRT/ADV-2007-2716
CVE ID : CVE-2007-2953
Rated as : Low Risk
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-07-31
Technical Description

A vulnerability has been identified in rPath Linux, which could be exploited by attackers to execute arbitrary code. This issue is caused by an error in Vim. For additional information, see : FrSIRT/ADV-2007-2687

Affected Products

rPath Linux 1

Solution

Upgrade the affected packages :
gvim=/conary.rpath.com at rpl:devel//1/6.3.90-2.6-1
vim=/conary.rpath.com at rpl:devel//1/6.3.90-2.6-1
vim-minimal=/conary.rpath.com at rpl:devel//1/6.3.90-2.6-1

References

http://www.frsirt.com/english/advisories/2007/2716
http://lists.rpath.com/pipermail/security-announce/2007-July/000219.html

Collapse -
Ubuntu Security Update Fixes Tcpdump Remote Integer Overflow

In reply to: VULNERABILITIES \ FIXES - July 31, 2007

Ubuntu Security Update Fixes Tcpdump Remote Integer Overflow Vulnerability

Advisory ID : FrSIRT/ADV-2007-2717
CVE ID : CVE-2007-3798
Rated as : High Risk
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-07-31
Technical Description

A vulnerability has been identified in Ubuntu, which could be exploited by attackers to execute arbitrary code. This issue is caused by an error in Tcpdump. For additional information, see : FrSIRT/ADV-2007-2578

Affected Products

Ubuntu 6.06 LTS
Ubuntu 6.10
Ubuntu 7.04

Solution

Ubuntu 6.06 LTS - Upgrade to tcpdump 3.9.4-2ubuntu0.2
Ubuntu 6.10 - Upgrade to tcpdump 3.9.4-4ubuntu0.2
Ubuntu 7.04 - Upgrade to tcpdump 3.9.5-2ubuntu1

References

http://www.frsirt.com/english/advisories/2007/2717
http://www.ubuntu.com/usn/usn-492-1

Collapse -
Sun Solaris DTrace Denial of Service

In reply to: VULNERABILITIES \ FIXES - July 31, 2007

Secunia Advisory: SA26280
Release Date: 2007-07-31


Critical:
Not critical
Impact: DoS

Where: Local system

Solution Status: Vendor Patch


OS: Sun Solaris 10

Description:
A vulnerability has been reported in Solaris, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

The vulnerability is caused due to an unspecified error in the DTrace dynamic tracing framework and can be exploited to cause the system to panic or become unresponsive via certain DTrace programs.

Successful exploitation requires at least "PRIV_DTRACE_USER" privileges.

The vulnerability affects Solaris 10 for SPARC platform and may also occur on x86 based systems.

Solution:
Apply patches.

-- SPARC platform --

Solaris 10:
Apply patch 125100-10 or later.
http://sunsolve.sun.com/search/docume...setkey=urn:cds:docid:1-21-125100-10-1

-- x86 platform --

Solaris 10:
Apply patch 125101-10 or later.
http://sunsolve.sun.com/search/docume...setkey=urn:cds:docid:1-21-125101-10-1

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103021-1

Collapse -
HP-UX ARPA Transport Unspecified Denial of Service

In reply to: VULNERABILITIES \ FIXES - July 31, 2007

Secunia Advisory: SA26279
Release Date: 2007-07-31


Critical:
Moderately critical
Impact: DoS

Where: From remote

Solution Status: Vendor Patch


OS: HP-UX 11.x

Description:
A vulnerability has been reported in HP-UX, which can potentially be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to an unspecified error when running ARPA transport.

The vulnerability is reported in HP-UX B.11.11, B.11.23, and B.11.31.

Solution:
Apply patches.

HP-UX B.11.11:
Install PHNE_35351 or subsequent.

HP-UX B.11.23:
Install PHNE_35766 or subsequent.

HP-UX B.11.31:
Install PHNE_35352 or subsequent.

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
HPSBUX02248 SSRT071437:
https://www8.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01087206-1

Collapse -
Mozilla Products Addon Chrome-Loaded "about:blank" Cross-Con

In reply to: VULNERABILITIES \ FIXES - July 31, 2007

Mozilla Products Addon Chrome-Loaded "about:blank" Cross-Context Scripting

Secunia Advisory: SA26288
Release Date: 2007-07-31


Critical:
Moderately critical
Impact: Cross Site Scripting
System access

Where: From remote

Solution Status: Partial Fix


Software: Mozilla Firefox 2.0.x
Mozilla SeaMonkey 1.1.x
Mozilla Thunderbird 2.x

Description:
A vulnerability has been reported in Mozilla products, which potentially can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to an error within the handling of "about:blank" pages loaded by chrome in an addon. This can be exploited to execute script code under chrome privileges by e.g. clicking on a link opened in an "about:blank" window created and populated in a certain ways by an addon.

Successful exploitation requires that certain addons are installed.

The vulnerability is reported in the following products and versions:
* Firefox 2.0.0.5
* Thunderbird 2.0.0.5
* SeaMonkey 1.1.3

Solution:
Update to the latest versions:

Firefox:
Update to version 2.0.0.6.
http://www.mozilla.com/en-US/firefox/

Thunderbird:
Fixed in the upcoming version 2.0.0.6.
http://www.mozilla.com/en-US/thunderbird/

SeaMonkey:
Fixed in the upcoming version 1.1.4.
http://www.mozilla.org/projects/seamonkey/

NOTE: With version 2.0.0.6, changes that prevent exploitation of a URI handling vulnerability in Microsoft Windows were applied to Firefox and Thunderbird.

For more information:
SA26201

Provided and/or discovered by:
moz_bug_r_a4

Changelog:
2007-07-31: Updated "Description". Added link to vendor advisory.

Original Advisory:
http://www.mozilla.org/security/announce/2007/mfsa2007-26.html
http://www.mozilla.org/security/announce/2007/mfsa2007-27.html
https://bugzilla.mozilla.org/show_bug.cgi?id=388121

Other References:
SA26201:
http://secunia.com/advisories/26201/

Collapse -
Avaya Products Linux Kernel Multiple Vulnerabilities

In reply to: VULNERABILITIES \ FIXES - July 31, 2007

Secunia Advisory: SA26289
Release Date: 2007-07-31


Critical:
Moderately critical
Impact: Exposure of sensitive information
Privilege escalation
DoS

Where: From remote

Solution Status: Unpatched


OS: Avaya Converged Communications Server (CCS) 3.x
Avaya Message Networking 2.x
Avaya Modular Messaging 3.x
Avaya SIP Enablement Services (SES) 3.x


Description:
Avaya has acknowledged some vulnerabilities in various Avaya products, which can be exploited by malicious, local users to cause a DoS (Denial of Service), disclose potentially sensitive information, and gain escalated privileges, or by malicious people to cause a DoS.

For more information:
SA25838

The following products are affected:
* Avaya Communication Manager (CM3.1 and CM4.x)
* Avaya Messaging Storage Server (MSS 3.x)
* Avaya Message Networking (all versions)
* Avaya CCS/SES (3.1.1 or newer)
* Avaya AES (AES 4.0)

Solution:
The vendor recommends that local and network access to the affected systems be restricted until an update is available.

Original Advisory:
http://support.avaya.com/elmodocs2/security/ASA-2007-287.htm

Other References:
SA25838:
http://secunia.com/advisories/25838/

Collapse -
Avaya Products mod_perl "path_info" Denial of Service Vulner

In reply to: VULNERABILITIES \ FIXES - July 31, 2007

Avaya Products mod_perl "path_info" Denial of Service Vulnerability

Secunia Advisory: SA26290
Release Date: 2007-07-31


Critical:
Less critical
Impact: DoS

Where: From remote

Solution Status: Partial Fix


OS: Avaya Intuity LX
Avaya Message Networking 2.x
Avaya Modular Messaging 2.x
Avaya Modular Messaging 3.x

Description:
Avaya has acknowledged a vulnerability in various Avaya products, which potentially can be exploited by malicious people to cause a DoS (Denial of Service).

For more information:
SA24678

The following products are affected:
* Avaya Communication Manager (CM 2.x and CM 3.0)
* Avaya Intuity LX (all versions)
* Avaya EMMC (1.017)
* Avaya Messaging Storage Server (all versions)
* Avaya Message Networking (all versions)

NOTE: mod_perl is installed but not actively in use by these products.

Solution:
Avaya Communication Manager:
Update to Avaya Communication Manager 3.1 or later.

Avaya Intuity LX, EMMC, Messaging Storage Server, Message Networking:
The vendor recommends that local and network access to the affected systems be restricted until an update is available.

Original Advisory:
http://support.avaya.com/elmodocs2/security/ASA-2007-293.htm

Other References:
SA24678:
http://secunia.com/advisories/24678/

Collapse -
FireFox Update 2.0.0.6 Is Now Available

In reply to: VULNERABILITIES \ FIXES - July 31, 2007

Published: 2007-07-31,
Last Updated: 2007-07-31 17:07:39 UTC
by Deborah Hale (Version: 1)
Mozilla has issued an update to the FireFox browser. This update resolves 2 security issues, one listed as critical and one listed as moderate.

This update resolves the "Unescaped URIs passed to external programs" vulnerability.

Mozilla Foundation Security Advisory 2007-27 - MFSA 2007-27 - Critical
www.mozilla.org/security/announce/2007/mfsa2007-27.html
This update resolves the "Unescaped URIs passed to external programs" vulnerability. This affects the way that information is passed to internal programs for handling. This can cause programs to misinterpret the information received.

More: http://isc.sans.org/

Collapse -
Apache Denial of Service and Cross-Site Scripting

In reply to: VULNERABILITIES \ FIXES - July 31, 2007

TITLE:
Apache Denial of Service and Cross-Site Scripting

SECUNIA ADVISORY ID:
SA26273

VERIFY ADVISORY:
http://secunia.com/advisories/26273/

CRITICAL:
Not critical

IMPACT:
Cross Site Scripting, DoS

WHERE:
From remote

SOFTWARE:
Apache 1.3.x
http://secunia.com/product/72/
Apache 2.0.x
http://secunia.com/product/73/
Apache 2.2.x
http://secunia.com/product/9633/

DESCRIPTION:
Some vulnerabilities have been acknowledged in Apache, which can be
exploited by malicious, local users to cause a DoS (Denial of
Service) and by malicious people to conduct cross-site scripting
attacks.

For more information:
SA25830

SOLUTION:
Fixed in version 1.3.38-dev, 2.0.60-dev, and 2.2.5-dev.

PROVIDED AND/OR DISCOVERED BY:
Originally reported in a Red Hat advisory.

ORIGINAL ADVISORY:
http://httpd.apache.org/security/vulnerabilities_13.html
http://httpd.apache.org/security/vulnerabilities_20.html
http://httpd.apache.org/security/vulnerabilities_22.html

OTHER REFERENCES:
SA25830:
http://secunia.com/advisories/25830/

Popular Forums

icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

DEALS, DEALS, DEALS!

Best Black Friday Deals

CNET editors are busy culling the list and highlighting what we think are the best deals out there this holiday season.