Spyware, Viruses, & Security forum

General discussion

VULNERABILITIES \ FIXES - May 4, 2009

by Marianna Schmudlach / May 4, 2009 12:38 AM PDT

Fedora bash-completion Character Escaping Weakness

Release Date: 2009-05-04

Critical:
Not critical
Impact: Privilege escalation
Where: Local system
Solution Status: Vendor Patch

OS: Fedora 10
Fedora 9


Description:
Fedora has acknowledged a weakness in bash-completion, which can be exploited by malicious, local users to gain escalated privileges.

The weakness is caused due to bash-completion not properly escaping certain characters, which can be exploited to cause potentially dangerous completion suggestions via specially crafted filenames.

http://secunia.com/advisories/34989/

Discussion is locked
You are posting a reply to: VULNERABILITIES \ FIXES - May 4, 2009
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: VULNERABILITIES \ FIXES - May 4, 2009
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Fedora update for drupal
by Marianna Schmudlach / May 4, 2009 12:39 AM PDT

Release Date: 2009-05-04

Critical:
Moderately critical
Impact: Cross Site Scripting
Exposure of sensitive information
Where: From remote
Solution Status: Vendor Patch

OS: Fedora 10
Fedora 9

Description:
Fedora has issued an update for drupal. This fixes some vulnerabilities, which can be exploited by malicious people to conduct script insertion attacks or to disclose potentially sensitive information.

http://secunia.com/advisories/34988/

Collapse -
Fedora update for prelude-manager
by Marianna Schmudlach / May 4, 2009 12:39 AM PDT

Release Date: 2009-05-04

Critical:
Less critical
Impact: Exposure of sensitive information
Where: Local system
Solution Status: Vendor Patch

OS: Fedora 10
Fedora 9


Description:
Fedora has issued an update for prelude-manager. This fixes a weakness, which can be exploited by malicious, local users to disclose potentially sensitive information.

The weakness is caused due to the prelude-manager configuration file being world readable, which can be exploited to e.g. disclose the database password.

http://secunia.com/advisories/34987/

Collapse -
Fedora update for pam_ssh
by Marianna Schmudlach / May 4, 2009 12:40 AM PDT

Release Date: 2009-05-04

Critical:
Not critical
Impact: Exposure of sensitive information
Where: From remote
Solution Status: Vendor Patch

OS: Fedora 10
Fedora 9

Description:
Fedora has issued an update for pam_ssh. This fixes a security issue, which can be exploited by malicious people to disclose potentially sensitive information.

http://secunia.com/advisories/34986/

Collapse -
Openfire No Password Changes Security Bypass
by Marianna Schmudlach / May 4, 2009 12:41 AM PDT

Release Date: 2009-05-04

Critical:
Less critical
Impact: Security Bypass
Where: From remote
Solution Status: Unpatched

Software: Openfire 3.6.x

Description:
A vulnerability has been reported in Openfire, which can be exploited by malicious users to bypass certain security restrictions.

The vulnerability is caused due to Openfire not properly respecting the "no password changes" setting, which can be exploited to change passwords by sending jabber:iq:auth "passwd_change" requests to the server.

http://secunia.com/advisories/34984/

Collapse -
Gentoo update for asterisk
by Marianna Schmudlach / May 4, 2009 12:42 AM PDT

Release Date: 2009-05-04

Critical:
Moderately critical
Impact: DoS
Exposure of system information
Where: From remote
Solution Status: Vendor Patch

OS: Gentoo Linux 1.x

Description:
Gentoo has issued an update for asterisk. This fixes some weaknesses and vulnerabilities, which can be exploited by malicious people to identify valid user accounts and cause a DoS (Denial of Service).

http://secunia.com/advisories/34982/

Collapse -
Debian update for linux-2.6.24
by Marianna Schmudlach / May 4, 2009 12:43 AM PDT

Release Date: 2009-05-04

Critical:
Less critical
Impact: Security Bypass
Exposure of sensitive information
DoS
System access
Where: From local network
Solution Status: Vendor Patch

OS: Debian GNU/Linux 4.0

Description:
Debian has issued an update for linux-2.6.24. This fixes some weaknesses, security issues, and vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service), bypass certain security restrictions, disclose potentially sensitive information, and gain escalated privileges, and by malicious people to potentially compromise a vulnerable system.

http://secunia.com/advisories/34981/

Collapse -
MyBB Script Insertion and Unspecified Vulnerability
by Marianna Schmudlach / May 4, 2009 12:44 AM PDT

Release Date: 2009-05-04

Critical:
Less critical
Impact: Unknown
Cross Site Scripting
Where: From remote
Solution Status: Vendor Patch

Software: MyBB (formerly MyBulletinBoard) 1.x

Description:
Two vulnerabilities have been reported in MyBB, where one has unknown impacts and the other one can be exploited by malicious users to conduct script insertion attacks.


http://secunia.com/advisories/34979/

Collapse -
Cscope Multiple Buffer Overflow Vulnerabilities
by Marianna Schmudlach / May 4, 2009 12:45 AM PDT

Release Date: 2009-05-04

Critical:
Moderately critical
Impact: DoS
System access
Where: From remote
Solution Status: Vendor Patch

Software: Cscope 15.x

Description:
Some vulnerabilities have been reported in Cscope, which potentially can be exploited by malicious people to compromise a user's system.

The vulnerabilities are caused due to various boundary errors, which can be exploited to cause buffer overflows when parsing specially crafted files or directories.

The vulnerabilities are reported in versions prior to 15.7a.

http://secunia.com/advisories/34978/

Collapse -
Linux Kernel "ptrace_attach()" Privilege Escalation Vulnerab
by Marianna Schmudlach / May 4, 2009 12:46 AM PDT

Release Date: 2009-05-04

Critical:
Less critical
Impact: Privilege escalation
Where: Local system
Solution Status: Vendor Workaround

OS: Linux Kernel 2.6.x

Description:
A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users to potentially gain escalated privileges.

The vulnerability is caused due to "ptrace_attach()" using an inadequate mutex while synchronizing with "execve()". This can be exploited to potentially execute arbitrary code with root privileges by attaching to a setuid process.

The vulnerability is reported in version 2.6.29. Newer versions may also be affected.

http://secunia.com/advisories/34977/

Collapse -
Openfire jabber:iq:auth "passwd_change" Security Bypass
by Marianna Schmudlach / May 4, 2009 12:47 AM PDT

Release Date: 2009-05-04

Critical:
Moderately critical
Impact: Security Bypass
Where: From remote
Solution Status: Vendor Patch

Software: Openfire 3.6.x


Description:
A vulnerability has been reported in Openfire, which can be exploited by malicious users to bypass certain security restrictions.

The vulnerability is caused due to the application not properly verifying jabber:iq:auth "passwd_change" requests, which can be exploited to change another user's password by sending a specially crafted request to the server.

Successful exploitation requires a valid user account.

The vulnerability is reported in versions prior to 3.6.4.

http://secunia.com/advisories/34976/

Collapse -
Jetty Information Disclosure and Cross-Site Scripting
by Marianna Schmudlach / May 4, 2009 12:48 AM PDT

Release Date: 2009-05-04

Critical:
Moderately critical
Impact: Cross Site Scripting
Exposure of system information
Exposure of sensitive information
Where: From remote
Solution Status: Vendor Patch

Software: Jetty 6.x


Description:
Some vulnerabilities have been reported in Jetty, which can be exploited by malicious people to disclose sensitive information or conduct cross-site scripting attacks.

http://secunia.com/advisories/34975/

Collapse -
iPassConnect Privilege Escalation Vulnerability
by Marianna Schmudlach / May 4, 2009 12:49 AM PDT

Release Date: 2009-05-04

Critical:
Less critical
Impact: Exposure of sensitive information
Privilege escalation
Where: Local system
Solution Status: Unpatched

Software: iPassConnect Universal Client 3.x

Description:
Kevin Lawler has discovered a vulnerability in iPassConnect, which can be exploited by malicious, local users to gain escalated privileges and disclose sensitive information.

The vulnerability is caused due to the application handling programs that are configured to be started after connecting to a network in a global context. This can be exploited to execute arbitrary programs with the privileges of another user using iPassConnect to connect to a network. This can further be exploited to disclose the user credentials by passing "<UserName>" and "<UserPassword>" as arguments to the configured program.

The vulnerability is confirmed in 3.51, 3.60, and 3.66. Other versions may also be affected.

http://secunia.com/advisories/34974/

Collapse -
Debian update for wireshark
by Marianna Schmudlach / May 4, 2009 12:50 AM PDT

Release Date: 2009-05-04

Critical:
Highly critical
Impact: DoS
System access
Where: From remote
Solution Status: Vendor Patch

OS: Debian GNU/Linux 5.0
Debian GNU/Linux unstable alias sid


Description:
Debian has issued an update for wireshark. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a user's system.

http://secunia.com/advisories/34970/

Collapse -
Debian update for acpid
by Marianna Schmudlach / May 4, 2009 12:51 AM PDT

Release Date: 2009-05-04

Critical:
Not critical
Impact: DoS
Where: Local system
Solution Status: Vendor Patch

OS: Debian GNU/Linux 4.0
Debian GNU/Linux 5.0
Debian GNU/Linux unstable alias sid

Description:
Debian has issued an update for acpid. This fixes a vulnerability, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

http://secunia.com/advisories/34918/

Collapse -
IBM Tivoli Storage Manager Multiple Vulnerabilities
by Marianna Schmudlach / May 4, 2009 12:52 AM PDT

Release Date: 2009-05-04

Critical:
Moderately critical
Impact: Security Bypass
System access
Where: From local network
Solution Status: Vendor Patch

Software: IBM Tivoli Storage Manager Client 5.x

Description:
Some vulnerabilities have been reported in in IBM Tivoli Storage Manager (TSM), which can be exploited by malicious people to bypass certain security restrictions or compromise a vulnerable system.

http://secunia.com/advisories/32604/

Collapse -
Security Update for Adobe Flash Media Server
by Marianna Schmudlach / May 4, 2009 12:55 AM PDT

4 May 2009,

Adobe have issued a security bulletin referring to a vulnerability in Flash Media Server. Adobe says that the problem could allow an attacker to execute remote procedure calls (RPC) within a server side ActionScript file running on the server. The issue affects both Windows and Linux versions of the Flash Media Streaming Server 3.5.1 and Flash Media Interactive Server 3.5.1 and earlier versions.

The company classifies the problem as important, and recommends that users update to version 3.5.2 or 3.0.4.

http://www.h-online.com/security/Security-Update-for-Adobe-Flash-Media-Server--/news/113205

Collapse -
Study says silent updates enhance security
by Marianna Schmudlach / May 4, 2009 12:56 AM PDT

4 May 2009,

Updating browsers without first asking users is apparently the most successful way of ensuring wide distribution for the latest version ? thus minimising the number of vulnerable browsers. A joint study by Google Switzerland and the ETH (Swiss Federal Institute of Technology) in Zurich concludes that, if an update requires too much user interaction or effort, users will either abort the process or fail even to run it.

Updating Opera requires a manual download and the subsequent installation involves several dialogues, so only 24 per cent of the users observed installed the latest version, says the study, but things are precisely the other way round with Google's Chrome: if an update is available, it's downloaded and installed without the user's being consulted ("silent update"). Twenty-one days after the provision of an update, 97 per cent of the Chrome users observed were using the current version. It isn't possible to disable automatic updating in Chrome anyway.

More: http://www.h-online.com/security/Study-says-silent-updates-enhance-security--/news/113211

Collapse -
Fedora bash-completion Character Escaping Weakness
by Marianna Schmudlach / May 4, 2009 6:07 AM PDT

Release Date: 2009-05-04

Critical:
Not critical
Impact: Privilege escalation
Where: Local system
Solution Status: Vendor Patch

OS: Fedora 10
Fedora 9

Description:
Fedora has acknowledged a weakness in bash-completion, which can be exploited by malicious, local users to gain escalated privileges.

The weakness is caused due to bash-completion not properly escaping certain characters, which can be exploited to cause potentially dangerous completion suggestions via specially crafted filenames.

http://secunia.com/advisories/34989/

Popular Forums
icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

CNET FORUMS TOP DISCUSSION

Help, my PC with Windows 10 won't shut down properly

Since upgrading to Windows 10 my computer won't shut down properly. I use the menu button shutdown and the screen goes blank, but the system does not fully shut down. The only way to get it to shut down is to hold the physical power button down till it shuts down. Any suggestions?