Spyware, Viruses, & Security forum

General discussion

VULNERABILITIES \ FIXES - March 18, 2009

by Marianna Schmudlach / March 18, 2009 1:36 AM PDT

SUSE update for dbus-1

Release Date: 2009-03-18

Critical:
Less critical
Impact: Security Bypass
Where: Local system
Solution Status: Vendor Patch

OS: openSUSE 10.3
openSUSE 11.0
openSUSE 11.1
SUSE Linux Enterprise Server 10

Description:
SUSE has issued an update for dbus-1. This fixes a security issue, which can be exploited by malicious, local users to bypass certain security restrictions.


http://secunia.com/advisories/34360/

Discussion is locked
You are posting a reply to: VULNERABILITIES \ FIXES - March 18, 2009
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: VULNERABILITIES \ FIXES - March 18, 2009
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Sitecore CMS Web Service Information Disclosure Vulnerabilit
by Marianna Schmudlach / March 18, 2009 1:37 AM PDT

Release Date: 2009-03-18

Critical:
Less critical
Impact: Exposure of sensitive information
Where: From remote
Solution Status: Vendor Patch

Software: Sitecore CMS 5.x

Description:
A vulnerability has been reported in Sitecore CMS, which can be exploited by malicious users to disclose sensitive information.

The vulnerability is caused due to the Sitecore web service allowing users to retrieve data from security databases, including e.g. password hashes of arbitrary users.

The vulnerability is reported in versions 5.3.1 rev. 071114. Other versions may also be affected.

http://secunia.com/advisories/34356/

Collapse -
Lotus Notes File Viewer "wp6sr.dll" Buffer Overflow
by Marianna Schmudlach / March 18, 2009 1:38 AM PDT

Release Date: 2009-03-18

Critical:
Highly critical
Impact: System access
Where: From remote
Solution Status: Vendor Patch

Software: IBM Lotus Notes 7.x
IBM Lotus Notes 8.x

Description:
A vulnerability has been reported in Lotus Notes, which can be exploited by malicious people to compromise a vulnerable system.

http://secunia.com/advisories/34355/

Collapse -
Gentoo update for libcdaudio
by Marianna Schmudlach / March 18, 2009 1:39 AM PDT

Release Date: 2009-03-18

Critical:
Moderately critical
Impact: DoS
System access
Where: From remote
Solution Status: Vendor Patch

OS: Gentoo Linux 1.x


Description:
Gentoo has issued an update for libcdaudio. This fixes a vulnerability, which can be exploited by malicious people to compromise an application using the library.

The vulnerability is caused due to a boundary error within the function "cddb_read_disc_data()" in src/cddb.c, which can be exploited cause a heap-based buffer overflow by e.g. tricking an application using the library into processing a specially crafted CDDB entry.


http://secunia.com/advisories/34353/

Collapse -
IBM Rational AppScan Information Disclosure Vulnerability
by Marianna Schmudlach / March 18, 2009 1:40 AM PDT

Release Date: 2009-03-18

Critical:
Less critical
Impact: Exposure of sensitive information
Where: From local network
Solution Status: Vendor Patch

Software: IBM Rational AppScan 5.x

Description:
A vulnerability has been reported in IBM Rational AppScan, which can be exploited by malicious people to disclose potentially sensitive information.

The vulnerability is caused due to an unspecified error, which can be exploited to download an exported report without authorisation.

The vulnerability is reported in IBM Rational AppScan Enterprise prior to 5.5 Fix Pack 1.

http://secunia.com/advisories/34349/

Collapse -
WebGUI Runtime Environment AWStats Path Disclosure Vulnerabi
by Marianna Schmudlach / March 18, 2009 1:41 AM PDT

Release Date: 2009-03-18

Critical:
Not critical
Impact: Exposure of sensitive information
Where: From remote
Solution Status: Vendor Patch

Software: WebGUI Runtime Environment 0.x

Description:
A vulnerability has been reported in WebGUI, which can be exploited by malicious people to disclose system information.

The vulnerability is caused due to the use of a vulnerable version of AWStats.

http://secunia.com/advisories/34346/

Collapse -
HP Products Embedded Web Server Cross-Site Request Forgery
by Marianna Schmudlach / March 18, 2009 1:42 AM PDT

Release Date: 2009-03-18

ritical:
Less critical
Impact: Cross Site Scripting
Where: From remote
Solution Status: Unpatched

OS: HP 9200C Digital Sender
HP Color LaserJet 2605dtn
HP Color LaserJet 4730 Series
HP Color LaserJet 9500 Series
HP LaserJet 2410 / 2420 / 2430
HP LaserJet 4240 / 4250 / 4340 Series
HP LaserJet 4345 Series
HP LaserJet 9040 / 9050 Series
HP LaserJet M1522n MFP

Description:
A vulnerability has been reported in various HP products, which can be exploited by malicious people to conduct cross-site request forgery attacks.

The embedded web server allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. change certain configuration settings when a logged in user to visits a malicious web page.

The vulnerability is reported in HP LaserJet M1522n MFP and HP Color LaserJet 2605dtn. Other HP LaserJet and HP Edgeline printers, and HP Digital Senders products are reportedly also affected.


http://secunia.com/advisories/34343/

Collapse -
WordPress fMoblog Plugin "id" SQL Injection Vulnerability
by Marianna Schmudlach / March 18, 2009 1:44 AM PDT

Release Date: 2009-03-18

Critical:
Moderately critical
Impact: Manipulation of data
Exposure of sensitive information
Where: From remote
Solution Status: Unpatched

Software: fMoblog 2.x (plugin for WordPress)

Description:
A vulnerability has been discovered in the fMoblog plugin for WordPress, which can be exploited by malicious people to conduct SQL injection attacks.

Input passed via the "id" parameter in index.php to fmoblog.php (when "page_id" is set to an existing value) is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

Successful exploitation of the vulnerability may disclose sensitive information (e.g. user names, password hashes, and e-mail addresses).

The vulnerability is confirmed in version 2.1. Other versions may also be affected.


http://secunia.com/advisories/34341/

Collapse -
Sun Solaris UFS File System Denial of Service
by Marianna Schmudlach / March 18, 2009 1:45 AM PDT

Release Date: 2009-03-18

Critical:
Not critical
Impact: DoS
Where: Local system
Solution Status: Vendor Patch

OS: Sun Solaris 10

Description:
Some vulnerabilities have been reported in Sun Solaris, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

The vulnerabilities are caused due to unspecified errors within the "ufs_getpage()" and "ufs_putapage()" functions, which can be exploited to cause all writes to a UFS filesystem to hang.

The vulnerabilities are reported in Solaris 10 with patch 138888-01 or later on the SPARC platform.


http://secunia.com/advisories/34331/

Collapse -
YABSoft Mega File Hosting Script "url" File Inclusion Vulner
by Marianna Schmudlach / March 18, 2009 1:46 AM PDT

Release Date: 2009-03-18

Critical:
Highly critical
Impact: System access
Where: From remote
Solution Status: Unpatched

Software: YABSoft Mega File Hosting Script 1.x

Description:
A vulnerability has been reported in YABSoft Mega File Hosting Script, which can be exploited by malicious people to compromise a vulnerable system.

Input passed to the "url" parameter in cross.php is not properly verified before being used to include files. This can be exploited to include arbitrary files from local and remote resources.

The vulnerability is reported in version 1.2. Other versions may also be affected.

http://secunia.com/advisories/34325/

Collapse -
Autonomy KeyView SDK "wp6sr.dll" Buffer Overflow
by Marianna Schmudlach / March 18, 2009 1:47 AM PDT

Release Date: 2009-03-18

Critical:
Highly critical
Impact: System access
Where: From remote
Solution Status: Vendor Patch

Software: Autonomy KeyView Export SDK 10.x
Autonomy KeyView Filter SDK 10.x
Autonomy KeyView Viewing SDK 10.x

Description:
A vulnerability has been reported in Autonomy KeyView SDK, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to a boundary error in wp6sr.dll when processing certain records within Word Perfect documents. This can be exploited to cause a stack-based buffer overflow when a user opens a specially crafted Word Perfect document with an application using the Autonomy KeyView SDK.

Successful exploitation allows execution of arbitrary code.

http://secunia.com/advisories/34318/

Collapse -
Ubuntu update for amarok
by Marianna Schmudlach / March 18, 2009 1:48 AM PDT

Release Date: 2009-03-18

Critical:
Highly critical
Impact: System access
Where: From remote
Solution Status: Vendor Patch

OS: Ubuntu Linux 7.10
Ubuntu Linux 8.04
Ubuntu Linux 8.10

Description:
Ubuntu has issued an update for amarok. This fixes some vulnerabilities, which potentially can be exploited by malicious people to compromise a user's system.

http://secunia.com/advisories/34315/

Collapse -
Symantec pcAnywhere Format String Vulnerability
by Marianna Schmudlach / March 18, 2009 1:49 AM PDT

Release Date: 2009-03-18

Critical:
Not critical
Impact: DoS
Where: Local system
Solution Status: Vendor Patch

Software: Symantec pcAnywhere 12.x

Description:
A vulnerability has been reported in Symantec pcAnywhere, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

The vulnerability is caused due to a format string error within the processing of CHF file path names, which can be exploited to crash the application.

The vulnerability is reported in versions 12.0, 12.1, and 12.5.

http://secunia.com/advisories/34305/

Collapse -
WeeChat IRC Message Denial of Service
by Marianna Schmudlach / March 18, 2009 1:50 AM PDT

Release Date: 2009-03-18

Critical:
Not critical
Impact: DoS
Where: From remote
Solution Status: Vendor Patch

Software: WeeChat 0.x

Description:
A vulnerability has been reported in WeeChat, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to an unspecified error when processing certain IRC messages. This can be exploited to crash the application by sending specially crafted messages to a vulnerable client.

The vulnerability is reported in versions prior to 0.2.6.1.

http://secunia.com/advisories/34304/

Collapse -
Lotus Notes 6 File Viewer "wp6sr.dll" Buffer Overflow
by Marianna Schmudlach / March 18, 2009 1:51 AM PDT

Release Date: 2009-03-18

Critical:
Highly critical
Impact: System access
Where: From remote
Solution Status: Unpatched

Software: IBM Lotus Notes 6.x
IBM Lotus Notes Client 6.x

Description:
A vulnerability has been reported in Lotus Notes, which can be exploited by malicious people to compromise a vulnerable system.


http://secunia.com/advisories/34303/

Collapse -
Pivot "refkey" File Deletion Vulnerability
by Marianna Schmudlach / March 18, 2009 1:52 AM PDT

Release Date: 2009-03-18

Critical:
Moderately critical
Impact: Manipulation of data
Where: From remote
Solution Status: Unpatched

Software: Pivot 1.x

Description:
A vulnerability has been discovered in Pivot, which can be exploited by malicious people to delete certain files.

Input passed to the "refkey" parameter in extensions/bbclone_tools/count.php is not properly sanitised before being used to delete files. This can be exploited to delete files with the permissions of the web server via directory traversal sequences passed within the "refkey" parameter.

NOTE: Users with the "Advanced" user level are able to include and execute uploaded PHP code via the "pivot_path" parameter in extensions/bbclone_tools/getkey.php when extensions/bbclone_tools/hr_conf.php can be deleted.

http://secunia.com/advisories/34302/

Collapse -
Ubuntu update for nss
by Marianna Schmudlach / March 18, 2009 1:53 AM PDT

Release Date: 2009-03-18

Critical:
Less critical
Impact: Spoofing
Where: From remote
Solution Status: Vendor Patch

OS: Ubuntu Linux 6.06
Ubuntu Linux 7.10
Ubuntu Linux 8.04
Ubuntu Linux 8.10

Description:
Ubuntu has issued an update for nss. This fixes a security issue, which potentially can be exploited by malicious people to conduct spoofing attacks.

The security issue is caused due to an error in the MD5 cryptographic hash function and can be exploited to facilitate spoofing via collision attacks.

http://secunia.com/advisories/34281/

Collapse -
SMART Board Unspecified Directory Traversal Vulnerability
by Marianna Schmudlach / March 18, 2009 1:55 AM PDT

Release Date: 2009-03-18

Critical:
Moderately critical
Impact: Exposure of system information
Exposure of sensitive information
Where: From remote
Solution Status: Unpatched

Software: SMART Board software 10.x
SMART Board software 9.x

Description:
A vulnerability has been reported in SMART Board, which can be exploited by malicious people to disclose sensitive information.

Input passed via unspecified parameters is not properly verified before being used to read files. This can be exploited to read arbitrary files from local resources via directory traversal attacks.


http://secunia.com/advisories/34208/

Collapse -
Security update for PostgreSQL
by Marianna Schmudlach / March 18, 2009 1:59 AM PDT

18 March 2009

The PostgreSQL developers have released new versions of the open source, object oriented, relational database. The new versions, 8.3.7, 8.2.13,8.1.17,8.0.21 and 7.4.25, all address a recursion error that could cause the system to crash when converting data between different encodings. This error could be abused as part of a denial of service attack. The developers recommend [upgrading]http://www.postgresql.org/download/ updating] to the new versions.

The releases also include up to twelve minor bug fixes, including one in version 8.3 for xpath(). More details are available in the release notes. As with other minor releases, a backup and restore is not necessary. Administrators need only shut down the database and install the new binaries if they are only moving between sequential minor version. If users are upgrading to a higher major version or skipping a set of minor updates, they should refer to the release notes for instructions.

http://www.h-online.com/security/Security-update-for-PostgreSQL--/news/112879

Collapse -
Autonomy KeyView SDK Vulnerability
by Marianna Schmudlach / March 18, 2009 2:03 AM PDT

added March 18, 2009 at 09:13 am

US-CERT is aware of reports of a vulnerability that affects the Autonomy KeyView SDK wp6sr.dll library. This library is used by certain products, including Lotus Notes and Symantec, to support the handling of Word Perfect documents. By convincing a user to open a specially crafted Word Perfect document with an application using the affected Autonomy KeyView SDK library, a remote attacker may be able to execute arbitrary code.

US-CERT encourages users and administrators to do the following to help mitigate the risks:

* IBM Lotus Notes users should review the IBM Flash Alert and implement the listed fixes or workarounds.
* Symantec users should review Symantec Security Advisory SYM09-004 and implement the listed fixes or workarounds.
* Registered Autonomy Users should review the related Autonomy alert (login required).

http://www.us-cert.gov/current/current_activity.html#autonomy_keyview_sdk_vulnerability

Collapse -
Privacy group slams Google's cloud services
by Marianna Schmudlach / March 18, 2009 2:05 AM PDT

Search giant criticised for failing to encrypt data on servers

Rosalie Marshall

vnunet.com, 18 Mar 2009

The non-profit Electronic Privacy Information Center (Epic) has filed a complaint with the US Federal Trade Commission (FTC) about the security standards of Google's cloud computing services.

The filing (PDF) highlights a number of "privacy and security risks" concerning an array of Google services, including Gmail, Google Docs, Google Desktop, Picasa Web Albums and Google Calendar.
Advertisement

Epic's main concern is that Google does not encrypt the information held on its servers. The group argues that doing so would ensure more respect for individuals' privacy, and "provide users with the ability to fully control and customise their online experience".

More: http://www.vnunet.com/vnunet/news/2238733/complaint-launched-against

Collapse -
Unsecured mobiles leaving owners open to ID theft
by Marianna Schmudlach / March 18, 2009 2:07 AM PDT

Passwords or encryption vital for protecting information

Ian Williams

vnunet.com, 18 Mar 2009

Personal information stored on unsecured mobile phones is leaving millions of users exposed to the risk of identity theft and fraud, according to a recent report by data protection firm Credant Technologies.

Eight out of 10 respondents to a recent survey said that they store personal information on their mobile phones that could be accessed by anyone. Four out of 10 admitted that there was not even a basic password on the device to limit entry.

The sensitive information included: bank account details, stored by 16 per cent of respondents; Pins and passwords (24 per cent); government records such as Social Security and Inland Revenue details (11 per cent); and credit card information (10 per cent).

More: http://www.vnunet.com/vnunet/news/2238705/unsecured-mobiles-leaving

Collapse -
Umbraco CMS Privilege Escalation Vulnerability
by Marianna Schmudlach / March 18, 2009 6:25 AM PDT

Release Date: 2009-03-18

Critical:
Less critical
Impact: Privilege escalation
Where: From remote
Solution Status: Unpatched

Software: Umbraco CMS 3.x

Description:
A vulnerability has been discovered in Umbraco CMS, which can be exploited by malicious users to gain escalated privileges.

The vulnerability is caused due to the application not properly restricting access to certain administrative pages. This can be exploited to modify e.g. the settings and passwords of arbitrary users.

The vulnerability is confirmed in version 3. Other versions may also be affected.

http://secunia.com/advisories/34209/

Collapse -
Debian update for weechat
by Marianna Schmudlach / March 18, 2009 6:27 AM PDT

Release Date: 2009-03-18

Critical:
Not critical
Impact: DoS
Where: From remote
Solution Status: Vendor Patch

OS: Debian GNU/Linux 5.0
Debian GNU/Linux unstable alias sid

Description:
Debian has issued an update for weechat. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

http://secunia.com/advisories/34328/

Collapse -
PHPRunner "SearchField" SQL Injection Vulnerabilities
by Marianna Schmudlach / March 18, 2009 6:29 AM PDT

Release Date: 2009-03-18

Critical:
Moderately critical
Impact: Manipulation of data
Where: From remote
Solution Status: Unpatched

Software: PHPRunner 4.x

Description:
Some vulnerabilities have been reported in PHPRunner, which can be exploited by malicious users and people to conduct SQL injection attacks.

Input passed to the "SearchField" parameter in orders_list.php and users_list.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

The vulnerabilities are reported in version 4.2. Other versions may also be affected.

http://secunia.com/advisories/34330/

Collapse -
IBM Rational AppScan Information Disclosure Vulnerability
by Marianna Schmudlach / March 18, 2009 9:22 AM PDT

Release Date: 2009-03-18

Critical:
Less critical
Impact: Exposure of sensitive information
Where: From local network
Solution Status: Vendor Patch

Software: IBM Rational AppScan 5.x


Description:
A vulnerability has been reported in IBM Rational AppScan, which can be exploited by malicious people to disclose potentially sensitive information.

The vulnerability is caused due to an unspecified error, which can be exploited to download an exported report without authorisation.

The vulnerability is reported in IBM Rational AppScan Enterprise prior to 5.5 Fix Pack 1.

http://secunia.com/advisories/34349/

Popular Forums
icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

Does BMW or Volvo do it best?

Pint-size luxury and funky style

Shopping for a new car this weekend? See how the BMW X2 stacks up against the Volvo XC40 in our side-by-side comparison.