Spyware, Viruses, & Security forum

General discussion

VULNERABILITIES \ FIXES - March 27, 2008

by Marianna Schmudlach / March 27, 2008 1:05 AM PDT

Fedora update for firefox

Secunia Advisory: SA29563
Release Date: 2008-03-27


Critical:
Highly critical
Impact: Security Bypass
Cross Site Scripting
Spoofing
System access

Where: From remote

Solution Status: Vendor Patch


OS: Fedora 7
Fedora 8

Description:
Fedora has issued an update for firefox. This fixes some vulnerabilities and a weakness, which can be exploited by malicious people to conduct cross-site scripting and phishing attacks, bypass certain security restrictions, and potentially compromise a user's system

Solution:
Apply updated packages via the yum utility. Please see vendor advisories for further details.

Original Advisory:
Fedora 7:
https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00552.html
https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00553.html
https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00554.html
https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00555.html
https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00556.html
https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00557.html
https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00558.html
https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00559.html
https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00560.html
https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00561.html
https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00562.html
https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00563.html
https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00564.html
https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00565.html

Fedora 8:
https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00577.html
https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00578.html
https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00579.html
https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00580.html
https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00581.html
https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00582.html
https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00583.html
https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00584.html
https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00585.html
https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00586.html
https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00587.html
https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00588.html
https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00589.html
https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00590.html
https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00591.html
https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00592.html

Other References:
SA29526:
http://secunia.com/advisories/29526/

Discussion is locked
You are posting a reply to: VULNERABILITIES \ FIXES - March 27, 2008
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: VULNERABILITIES \ FIXES - March 27, 2008
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Fedora update for php-pear-PhpDocumentor
by Marianna Schmudlach / March 27, 2008 1:06 AM PDT

Secunia Advisory: SA29562
Release Date: 2008-03-27


Critical:
Less critical
Impact: Security Bypass

Where: From remote

Solution Status: Vendor Patch


OS: Fedora 8

Description:
Fedora has issued an update for php-pear-PhpDocumentor. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions.

Solution:
Apply updated packages via the yum utility ("yum update php-pear-PhpDocumentor").

Original Advisory:
https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00551.html

Other References:
SA29241:
http://secunia.com/advisories/29241/

Collapse -
Fedora update for namazu
by Marianna Schmudlach / March 27, 2008 1:07 AM PDT
Collapse -
Cisco IOS Denial of Service Vulnerability
by Marianna Schmudlach / March 27, 2008 1:09 AM PDT

Secunia Advisory: SA29559
Release Date: 2008-03-27


Critical:
Moderately critical
Impact: DoS

Where: From remote

Solution Status: Vendor Patch


OS: Cisco 7600 Series 12.x
Cisco Catalyst 6500 Series 12.x
Cisco IOS 12.x
Cisco IOS R12.x

Description:
A vulnerability has been reported in certain Cisco devices, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to an unspecified error in the handling of certain packets and can be exploited to cause a blocked interface input queue, a memory leak, or a restart of the device.

Successful exploitation requires that the device is configured for Multi Protocol Label Switching (MPLS) Virtual Private Networking (VPN) and Open Shortest Path First (OSPF) sham-link.

The vulnerability is reported in the following products:
* Cisco Catalyst 6500 Series devices with the Sup32, Sup720, Sup720-3B, or Sup720-3BXL
* Cisco 7600 Series devices with the Sup32, Sup720, Sup720-3B, or Sup720-3BXL
* Cisco 7600 Series devices with the RSP720, RSP720-3C, or RSP720-3CXL
* Cisco ME 6524 Ethernet Switch

Solution:
Update to a fixed version (please see the vendor's advisory for details).

Provided and/or discovered by:
Reported to the vendor by a customer.

Original Advisory:
http://www.cisco.com/warp/public/707/cisco-sa-20080326-queue.shtml

Collapse -
Ubuntu update for dovecot
by Marianna Schmudlach / March 27, 2008 1:11 AM PDT

Secunia Advisory: SA29557
Release Date: 2008-03-27


Critical:
Moderately critical
Impact: Security Bypass

Where: From remote

Solution Status: Vendor Patch


OS: Ubuntu Linux 6.06
Ubuntu Linux 6.10
Ubuntu Linux 7.04
Ubuntu Linux 7.10

Description:
Ubuntu has issued an update for dovecot. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions.

Solution:
Apply updated packages.

Original Advisory:
http://www.ubuntu.com/usn/usn-593-1

Other References:
SA29295:
http://secunia.com/advisories/29295/

Collapse -
Ubuntu update for ruby
by Marianna Schmudlach / March 27, 2008 1:12 AM PDT

Secunia Advisory: SA29556
Release Date: 2008-03-27


Critical:
Less critical
Impact: Spoofing

Where: From remote

Solution Status: Vendor Patch


OS: Ubuntu Linux 6.06
Ubuntu Linux 6.10
Ubuntu Linux 7.04
Ubuntu Linux 7.10

Description:
Ubuntu has issued an update for ruby. This fixes some security issues, which can be exploited by malicious people to conduct spoofing attacks.

Solution:
Apply updated packages.

Original Advisory:
http://www.ubuntu.com/usn/usn-596-1

Other References:
SA26985:
http://secunia.com/advisories/26985/

Collapse -
Ubuntu update for libnet-dns-perl
by Marianna Schmudlach / March 27, 2008 1:14 AM PDT

Secunia Advisory: SA29555
Release Date: 2008-03-27


Critical:
Less critical
Impact: DoS

Where: From remote

Solution Status: Vendor Patch


OS: Ubuntu Linux 6.06
Ubuntu Linux 6.10

Description:
Ubuntu has issued an update for libnet-dns-perl. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

Solution:
Apply updated packages.

Original Advisory:
http://www.ubuntu.com/usn/usn-594-1

Other References:
SA29343:
http://secunia.com/advisories/29343/

Collapse -
Mandriva update for openssh
by Marianna Schmudlach / March 27, 2008 1:15 AM PDT

Secunia Advisory: SA29554
Release Date: 2008-03-27


Critical:
Less critical
Impact: Exposure of sensitive information

Where: Local system

Solution Status: Vendor Patch


OS: Mandriva Linux 2007.0

Description:
Mandriva has issued an update for openssh. This fixes a vulnerability, which can be exploited by malicious, local users to disclose sensitive information.

Solution:
Apply updated packages.

Original Advisory:
http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:078

Other References:
SA29522:
http://secunia.com/advisories/29522/

Collapse -
HP Tru64 UNIX SSH SFTP Server Vulnerability
by Marianna Schmudlach / March 27, 2008 1:17 AM PDT

Secunia Advisory: SA29552
Release Date: 2008-03-27


Critical:
Moderately critical
Impact: DoS
System access

Where: From remote

Solution Status: Vendor Patch


OS: HP Tru64 UNIX 5.x

Description:
HP has acknowledged a vulnerability in HP Tru64 UNIX, which potentially can be exploited by malicious users to compromise a vulnerable system.

Solution:
Apply patches.


Original Advisory:
HPSBTU02322 SSRT080011:
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01404118

Other References:
SA18828:
http://secunia.com/advisories/18828/

Collapse -
Red Hat update for firefox
by Marianna Schmudlach / March 27, 2008 1:18 AM PDT

Secunia Advisory: SA29550
Release Date: 2008-03-27


Critical:
Highly critical
Impact: Security Bypass
Cross Site Scripting
System access

Where: From remote

Solution Status: Vendor Patch


OS: Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux Desktop (v. 5 client)
Red Hat Enterprise Linux Desktop Workstation (v. 5 client)
RedHat Enterprise Linux AS 4
RedHat Enterprise Linux ES 4
RedHat Enterprise Linux WS 4

Description:
Red Hat has issued an update for firefox. This fixes some vulnerabilities and a weakness, which can be exploited to conduct cross-site scripting attacks, bypass certain security restrictions, and potentially compromise a user's system.

Solution:
Updated packages are available via Red Hat Network.
http://rhn.redhat.com

Original Advisory:
http://rhn.redhat.com/errata/RHSA-2008-0207.html

Other References:
SA29526:
http://secunia.com/advisories/29526/

Collapse -
Mandriva update for perl-Tk
by Marianna Schmudlach / March 27, 2008 1:20 AM PDT

Secunia Advisory: SA29546
Release Date: 2008-03-27


Critical:
Moderately critical
Impact: DoS
System access

Where: From remote

Solution Status: Vendor Patch


OS: Mandriva Linux 2007.0

Description:
Mandriva has issued an update for perl-Tk. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a user's system.

Solution:
Apply updated packages.

Original Advisory:
http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:077

Other References:
SA21546:
http://secunia.com/advisories/21546/

Collapse -
Ubuntu update for sdl-image
by Marianna Schmudlach / March 27, 2008 1:21 AM PDT

Secunia Advisory: SA29542
Release Date: 2008-03-27


Critical:
Moderately critical
Impact: DoS
System access

Where: From remote

Solution Status: Vendor Patch


OS: Ubuntu Linux 6.06
Ubuntu Linux 6.10
Ubuntu Linux 7.04
Ubuntu Linux 7.10

Description:
Ubuntu has issued an update for sdl-image. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.

Solution:
Apply updated packages.

Original Advisory:
http://www.ubuntu.com/usn/usn-595-1

Other References:
SA28640:
http://secunia.com/advisories/28640/

Collapse -
Ubuntu update for firefox
by Marianna Schmudlach / March 27, 2008 1:25 AM PDT

Secunia Advisory: SA29541
Release Date: 2008-03-27


Critical:
Highly critical
Impact: Security Bypass
Cross Site Scripting
Spoofing
Exposure of sensitive information
System access

Where: From remote

Solution Status: Vendor Patch


OS: Ubuntu Linux 6.06
Ubuntu Linux 6.10
Ubuntu Linux 7.04
Ubuntu Linux 7.10

Description:
Ubuntu has issued an update for firefox. This fixes some vulnerabilities and weaknesses, which can be exploited by malicious people to bypass certain security restrictions, disclose potentially sensitive information, conduct cross-site scripting and phishing attacks, and potentially compromise a user's system.

Solution:
Apply updated packages.

Original Advisory:
http://www.ubuntu.com/usn/usn-592-1

Other References:
SA28758:
http://secunia.com/advisories/28758/

SA29526:
http://secunia.com/advisories/29526/

Collapse -
ClanSphere Unspecified Cross-Site Scripting Vulnerabilities
by Marianna Schmudlach / March 27, 2008 1:27 AM PDT

Secunia Advisory: SA29534
Release Date: 2008-03-27


Critical:
Less critical
Impact: Cross Site Scripting

Where: From remote

Solution Status: Unpatched


Software: ClanSphere 2008.x

Description:
Some vulnerabilities have been reported in ClanSphere, which can be exploited by malicious people to conduct cross-site scripting attacks.

Unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

The vulnerabilities are reported in version 2008.0. Other versions may also be affected.

Solution:
Filter malicious characters and character sequences in a web proxy.

Provided and/or discovered by:
ZoRLu

Collapse -
GNB DesignForm Cross-Site Scripting Vulnerability
by Marianna Schmudlach / March 27, 2008 1:29 AM PDT

Secunia Advisory: SA29528
Release Date: 2008-03-27


Critical:
Less critical
Impact: Cross Site Scripting

Where: From remote

Solution Status: Vendor Patch


Software: GNB DesignForm 3.x

Description:
A vulnerability has been reported in GNB DesignForm, which can be exploited by malicious people to conduct cross-site scripting attacks.

Certain input passed via the email form is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

The vulnerability is reported in versions prior to 3.9.

Solution:
Update to version 3.9.

Provided and/or discovered by:
Reported via JVN.

Original Advisory:
JVN#58803701:
http://jvn.jp/jp/JVN%2358803701/index.html

GNB DesignForm:
http://www.gnbnet.com/cgi/readme/designform.html

Collapse -
PerlMailer Cross-Site Scripting Vulnerability
by Marianna Schmudlach / March 27, 2008 1:31 AM PDT

Secunia Advisory: SA29517
Release Date: 2008-03-27


Critical:
Less critical
Impact: Cross Site Scripting

Where: From remote

Solution Status: Vendor Patch


Software: PerlMailer 3.x

Description:
A vulnerability has been reported in PerlMailer, which can be exploited by malicious people to conduct cross-site scripting attacks.

Certain input is not properly sanitised before being returned to a user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

The vulnerability is reported in versions prior to 3.02.

Solution:
Update to version 3.02.

Provided and/or discovered by:
Reported via JVN.

Original Advisory:
JVN#76669770:
http://jvn.jp/jp/JVN%2376669770/index.html

Collapse -
IBM solidDB Multiple Vulnerabilities
by Marianna Schmudlach / March 27, 2008 1:32 AM PDT

Secunia Advisory: SA29512
Release Date: 2008-03-27


Critical:
Moderately critical
Impact: DoS
System access

Where: From local network

Solution Status: Unpatched


Software: IBM solidDB 6.x

Description:
Luigi Auriemma has discovered some vulnerabilities in IBM solidDB, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.

1) A format string error within the Solid Database Engine (solid.exe) can be exploited via a specially crafted packet containing format string specifiers sent to default port 1315/TCP.

Successful exploitation may allow execution of arbitrary code.

2) An input validation error within the Solid Database Engine can be exploited to cause the server to access an invalid memory address via a specially crafted packet sent to default port 1315/TCP.

3) A NULL-pointer dereference error within the Solid Database Engine can be exploited to cause the server to crash via a specially crafted packet sent to default port 1315/TCP.

4) An input validation error within the Solid Database Engine can be exploited to cause the server to terminate via a specially crafted packet sent to default port 1315/TCP.

The vulnerabilities are confirmed in IBM solidDB version 6.0 including solid.exe version 6.0.0.1018. Other versions may also be affected.

Solution:
Restrict network access to the Solid Database Engine.

Provided and/or discovered by:
Luigi Auriemma

Original Advisory:
http://aluigi.altervista.org/adv/soliduro-adv.txt

Collapse -
TFTP Server SP Long Filename Buffer Overflow Vulnerability
by Marianna Schmudlach / March 27, 2008 1:34 AM PDT

Secunia Advisory: SA29508
Release Date: 2008-03-27


Critical:
Moderately critical
Impact: DoS
System access

Where: From local network

Solution Status: Unpatched


Software: TFTP Server SP 1.x

Description:
Mati Aharoni has discovered a vulnerability in TFTP Server SP, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.

The vulnerability is caused due to a boundary error in the handling of filenames and can be exploited to cause a stack-based buffer overflow via a read or write request with an overly long filename.

Successful exploitation allows execution of arbitrary code.

The vulnerability is confirmed in the Windows version of TFTP Server SP version 1.4. Other versions may also be affected.

Solution:
Restrict network access to the TFTP service.

Provided and/or discovered by:
Mati Aharoni

Original Advisory:
http://www.offensive-security.com/0day/sourceforge-tftpd.py.txt

Collapse -
Cisco IOS Multiple Vulnerabilities
by Marianna Schmudlach / March 27, 2008 1:36 AM PDT

Secunia Advisory: SA29507
Release Date: 2008-03-27


Critical:
Moderately critical
Impact: Manipulation of data
Exposure of sensitive information
DoS

Where: From remote

Solution Status: Vendor Patch


OS: Cisco IOS 12.x
Cisco IOS R12.x

Description:
Some vulnerabilities have been reported in Cisco IOS, which can be exploited by malicious people to disclose sensitive information, manipulate certain data, or to cause a DoS (Denial of Service).

Solution:
Update to the fixed version (please see the vendor's advisories for details).

Provided and/or discovered by:
1, 2) The vendor credits Martin Kluge of Elxsi Security.
5) The vendor credits Thomas Morin.

Original Advisory:
Cisco:
http://www.cisco.com/warp/public/707/cisco-sa-20080326-pptp.shtml
http://www.cisco.com/warp/public/707/cisco-sa-20080326-dlsw.shtml
http://www.cisco.com/warp/public/707/cisco-sa-20080326-IPv4IPv6.shtml
http://www.cisco.com/warp/public/707/cisco-sa-20080326-mvpn.shtml

Other References:
US-CERT VU#936177:
http://www.kb.cert.org/vuls/id/936177

Collapse -
Elastic Path Multiple Directory Traversal Vulnerabilities
by Marianna Schmudlach / March 27, 2008 1:38 AM PDT

Secunia Advisory: SA29496
Release Date: 2008-03-27


Critical:
Moderately critical
Impact: Security Bypass
Exposure of system information
Exposure of sensitive information
System access

Where: From remote

Solution Status: Vendor Patch


Software: Elastic Path 4.x

Description:
Daniel Martin Gomez has reported some vulnerabilities in Elastic Path, which can be exploited by malicious users to disclose sensitive information or to potentially compromise a vulnerable system.

Solution:
Apply vendor patch.
http://developer.elasticpath.com/serv..._security_vulnerabilities_fix_1.1.zip

Provided and/or discovered by:
Daniel Martin Gomez, MWR InfoSecurity

Original Advisory:
MWR InfoSecurity:
http://www.mwrinfosecurity.com/public...ary-file-system-access_2008-02-22.pdf

Elastic Path:
http://developer.elasticpath.com/entr...jspa?categoryID=4&externalID=1334

Collapse -
Quick Tftp Server Pro Long Mode Buffer Overflow Vulnerabili
by Marianna Schmudlach / March 27, 2008 1:40 AM PDT

Secunia Advisory: SA29494
Release Date: 2008-03-27


Critical:
Moderately critical
Impact: DoS
System access

Where: From local network

Solution Status: Unpatched


Software: Quick Tftp Server Pro 2.x

Description:
Mati Aharoni has discovered a vulnerability in Quick Tftp Server Pro, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.

The vulnerability is caused due to a boundary error in the handling of mode fields and can be exploited to cause a stack-based buffer overflow via a read or write request with an overly long mode field.

Successful exploitation allows execution of arbitrary code.

The vulnerability is confirmed in version 2.1. Other versions may also be affected.

Solution:
Restrict network access to the TFTP service.

Provided and/or discovered by:
Mati Aharoni

Original Advisory:
http://www.offensive-security.com/0day/quick-tftp-poc.py.txt

Popular Forums
icon
Computer Help 51,912 discussions
icon
Computer Newbies 10,498 discussions
icon
Laptops 20,411 discussions
icon
Security 30,882 discussions
icon
TVs & Home Theaters 21,253 discussions
icon
Windows 10 1,672 discussions
icon
Phones 16,494 discussions
icon
Windows 7 7,855 discussions
icon
Networking & Wireless 15,504 discussions

REVIEW

Meet the drop-resistant Moto Z2 Force

The Moto Z2 Force is really thin, with a fast processor and great battery life. It can survive drops without shattering.