Spyware, Viruses, & Security forum

General discussion

VULNERABILITIES \ FIXES - June 30, 2008

Novell Client NWFS.SYS Unspecified Vulnerability



Secunia Advisory: SA30904
Release Date: 2008-06-30


Critical:
Less critical
Impact: Unknown

Where: Local system

Solution Status: Vendor Patch


Software: Novell Client for Windows NT/2000/XP 4.x


Description:
A vulnerability with an unknown impact has been reported in Novell Client.

The vulnerability is caused due to an unspecified error within NWFS.SYS. No further information is currently available.

The vulnerability is reported in version 4.91 SP4.

Solution:
Apply patch.
http://download.novell.com/Download?buildid=DuJ75_ZPXIM~

Provided and/or discovered by:
The vendor credits Rub

Discussion is locked
You are posting a reply to: VULNERABILITIES \ FIXES - June 30, 2008
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: VULNERABILITIES \ FIXES - June 30, 2008
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Fedora update for fetchmail

In reply to: VULNERABILITIES \ FIXES - June 30, 2008

Secunia Advisory: SA30895
Release Date: 2008-06-30


Critical:
Less critical
Impact: DoS

Where: From remote

Solution Status: Vendor Patch


OS: Fedora 8
Fedora 9


Description:
Fedora has issued an update for fetchmail. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).

Solution:
Apply updated packages via the yum utility ("yum update fetchmail").

Original Advisory:
https://www.redhat.com/archives/fedora-package-announce/2008-June/msg01095.html
https://www.redhat.com/archives/fedora-package-announce/2008-June/msg01091.html

Other References:
SA30742:
http://secunia.com/advisories/30742/

Collapse -
Slackware update for ruby

In reply to: VULNERABILITIES \ FIXES - June 30, 2008

Secunia Advisory: SA30894
Release Date: 2008-06-30


Critical:
Highly critical
Impact: Exposure of system information
Exposure of sensitive information
DoS
System access

Where: From remote

Solution Status: Vendor Patch


OS: Slackware Linux 11.0

Description:
Slackware has issued an update for ruby. This fixes some vulnerabilities, which can be exploited by malicious people to disclose sensitive information, cause a DoS (Denial of Service), or potentially compromise a vulnerable system.

Original Advisory:
http://slackware.com/security/viewer....=2008&m=slackware-security.429562

Other References:
SA29794:
http://secunia.com/advisories/29794/

Collapse -
Sun Java System Access Manager XSLT Stylesheet Processing Vu

In reply to: VULNERABILITIES \ FIXES - June 30, 2008

Secunia Advisory: SA30893
Release Date: 2008-06-30


Critical:
Moderately critical
Impact: System access

Where: From remote

Solution Status: Vendor Patch


Software: Sun Java System Access Manager 6.x
Sun Java System Access Manager 7.x

Description:
A vulnerability has been reported in Sun Java Access Manager, which can be exploited by malicious people to compromise a vulnerable system.

The vulnerability is caused due to an error in the processing of XSLT stylesheets contained in XSLT Transforms in XML signatures. This can be exploited to execute arbitrary code via a malicious XML signature.

Successful exploitation requires that verification of XML signing is used in Access Manager.

Solution:
Apply patches.

Provided and/or discovered by:
The vendor credits Brad Hill, iSEC Partners.

Original Advisory:
http://sunsolve.sun.com/search/document.do?assetkey=1-66-201538-1

Collapse -
S.T.A.L.K.E.R.: Shadow of Chernobyl Multiple Vulnerabilities

In reply to: VULNERABILITIES \ FIXES - June 30, 2008

Secunia Advisory: SA30891
Release Date: 2008-06-30


Critical:
Highly critical
Impact: DoS
System access

Where: From remote

Solution Status: Unpatched


Software: S.T.A.L.K.E.R.: Shadow of Chernobyl 1.x

Description:
Luigi Auriemma has reported some vulnerabilities in S.T.A.L.K.E.R.: Shadow of Chernobyl, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.

1) A boundary error within MultipacketReciever::RecievePacket() can be exploited to cause a stack-based buffer overflow via a specially crafted packet with 0x39 as the first byte.

Successful exploitation allows execution of arbitrary code.

2) An input validation error within NET_Compressor::Decompress() can be exploited to cause a buffer overflow via a specially crafted packet containing the byte 0xc1.

3) An error within MultipacketReciever::RecievePacket() can be exploited to cause the server to terminate via a specially crafted packet.

The vulnerabilities are reported in version 1.0006. Other versions may also be affected.

Solution:
Use in trusted network environments only.

Provided and/or discovered by:
Luigi Auriemma

Original Advisory:
http://aluigi.altervista.org/adv/stalker39x-adv.txt

Collapse -
Philboard Cross-Site Scripting and SQL Injection Vulnerabili

In reply to: VULNERABILITIES \ FIXES - June 30, 2008

Secunia Advisory: SA30874
Release Date: 2008-06-30


Critical:
Moderately critical
Impact: Cross Site Scripting
Manipulation of data

Where: From remote

Solution Status: Unpatched


Software: Philboard 1.x

Description:
Bl@ckbe@rD has reported some vulnerabilities in Philboard, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.

1) Input passed to the "forumid" parameter in forum.asp is not properly sanitised before being used in an SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

2) Input passed to the "searchterms" parameter in search.asp is not properly sanitised before being returned to a user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

The vulnerabilities are reported in version 1.14. Other versions may also be affected.

Solution:
Edit the source code to ensure that input is properly sanitised.

Provided and/or discovered by:
Bl@ckbe@rD

Original Advisory:
http://milw0rm.com/exploits/5958

Collapse -
SePortal SQL Injection Vulnerabilities

In reply to: VULNERABILITIES \ FIXES - June 30, 2008

Secunia Advisory: SA30865
Release Date: 2008-06-30


Critical:
Moderately critical
Impact: Manipulation of data

Where: From remote

Solution Status: Unpatched


Software: SePortal 2.x

Description:
Mr.SQL has reported some vulnerabilities in SePortal, which can be exploited by malicious people to conduct SQL injection attacks.

Input passed to the "poll_id" parameter in poll.php and to the "sp_id" parameter in staticpages.php is not properly sanitised before being used in an SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

The vulnerabilities are reported in version 2.4. Other versions may also be affected.

Solution:
Edit the source code to ensure that input is properly sanitised.

Provided and/or discovered by:
Mr.SQL

Original Advisory:
http://milw0rm.com/exploits/5960

Collapse -
Online Booking Manager "id" SQL Injection Vulnerability

In reply to: VULNERABILITIES \ FIXES - June 30, 2008

Secunia Advisory: SA30842
Release Date: 2008-06-30


Critical:
Moderately critical
Impact: Manipulation of data

Where: From remote

Solution Status: Unpatched


Software: Online Booking Manager 2.x

Description:
Hussin X has reported a vulnerability in Online Booking Manager, which can be exploited by malicious people to conduct SQL injection attacks.

Input passed to the "id" parameter in checkavail.php is not properly sanitised before being used in an SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

The vulnerability is reported in version 2.2. Other versions may also be affected.

Solution:
Filter malicious characters and character sequences using a web proxy.

Provided and/or discovered by:
Hussin X

Original Advisory:
http://milw0rm.com/exploits/5964

Collapse -
IBM Tivoli Directory Server Double-Free Vulnerability

In reply to: VULNERABILITIES \ FIXES - June 30, 2008

Secunia Advisory: SA30786
Release Date: 2008-06-30


Critical:
Not critical
Impact: Unknown
DoS

Where: From local network

Solution Status: Vendor Patch


Software: IBM Tivoli Directory Server 6.x

Description:
A vulnerability has been reported in IBM Tivoli Directory Server, which can be exploited by malicious users to cause a DoS (Denial of Service).

The vulnerability is caused due to a double-free error when handling certain requests and can be exploited by adding e.g. a certain existing entry via ldapadd.

Successful exploitation allows to crash the server and potentially to execute arbitrary code, but requires ldap administrator privileges.

The vulnerability is reported in 6.1.0.0 - 6.1.0.15.

Solution:
Update to 6.1.0-TIV-ITDS-FP0002.
http://www-1.ibm.com/support/docview.wss?rs=0&uid=swg24019673

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
http://www-1.ibm.com/support/docview.wss?uid=swg1IO09113

Collapse -
eSHOP100 "SUB" SQL Injection Vulnerability

In reply to: VULNERABILITIES \ FIXES - June 30, 2008

Secunia Advisory: SA30712
Release Date: 2008-06-30


Critical:
Moderately critical
Impact: Manipulation of data

Where: From remote

Solution Status: Unpatched


Software: eSHOP100

Description:
JuDge has reported a vulnerability in eSHOP100, which can be exploited by malicious people to conduct SQL injection attacks.

Input passed to the "SUB" parameter in index.php is not properly sanitised before being used in an SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

Solution:
Edit the source code to ensure that input is properly sanitised.

Provided and/or discovered by:
JuDge

Original Advisory:
http://milw0rm.com/exploits/5970

Collapse -
Many weak web server certificates threaten online shopping

In reply to: VULNERABILITIES \ FIXES - June 30, 2008

https connections exist to help ensure that when somebody is engaged in a financial transaction over the internet they are actually connected to the correct site - such as a bank, online vendor, and so forth. However, due to an error in the OpenSSL library used by the Debian Linux distribution, weak cryptographic keys have been generated and put to use during a period of about one and a half years. If certificates using these weak keys are used, not only could criminals decode encrypted traffic, they could conceivably mimic https sites in the name of the online bank or vendor ? this would typically be done in order to steal personal details such as credit card information, passwords, and so forth.

Recent studies by heise Security staff of several thousand valid certificates, none of which generated an error in a broswer, found that approximately one in 30 of these used weak keys - an alarmingly high number. Among these were online shops where people would be expected to enter their credit card details.

More: http://www.heise-online.co.uk/security/Many-weak-web-server-certificates-threaten-online-shopping--/news/111023

Collapse -
Cisco Releases Security Advisory

In reply to: VULNERABILITIES \ FIXES - June 30, 2008

added June 30, 2008 at 10:57 am

Cisco has released a Security Advisory to address multiple vulnerabilities in the Unified Communications Manager. The first vulnerability is due to improper handling of malformed data in the Computer Telephony Integration Manager service. Exploitation of this vulnerability may allow an attacker to cause a denial-of-service condition. The second vulnerability is due to improper access restrictions in the Real-Time Information Server Data Collector process. This vulnerability may allow an attacker to bypass security restrictions and obtain sensitive information which may be used for further attacks.

US-CERT encourages users to review Cisco Security Advisory cicso-sa-20080625-cucm and apply any necessary updates or fixes.


http://www.us-cert.gov/current/current_activity.html#cisco_releases_security_advisory3

Popular Forums

icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

SMART HOME

This one tip will help you sleep better tonight

A few seconds are all you need to get a better night's rest.