Spyware, Viruses, & Security forum

General discussion

VULNERABILITIES \ FIXES - September 23, 2008

HP-UX rpcbind Denial of Service Vulnerability

Release Date: 2008-09-23

Critical:
Less critical
Impact: DoS

Where: From local network
Solution Status: Vendor Patch


OS: HP-UX 11.x

Description:
A vulnerability has been reported in HP-UX, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to an unspecified error in rpcbind and can be exploited to cause a DoS.

Solution:
Apply patches.

HP-UX B.11.11:
Install PHNE_37110 or subsequent.
http://itrc.hp.com

HP-UX B.11.23:
Install PHNE_36982 or subsequent.
http://itrc.hp.com

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
HPSBUX02370 SSRT071459:
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01556916

Other References:
SA23700:
http://secunia.com/advisories/23700/

Discussion is locked
You are posting a reply to: VULNERABILITIES \ FIXES - September 23, 2008
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: VULNERABILITIES \ FIXES - September 23, 2008
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Dataspade Multiple Cross-Site Scripting Vulnerabilities

In reply to: VULNERABILITIES \ FIXES - September 23, 2008

Release Date: 2008-09-23

Critical:
Less critical
Impact: Cross Site Scripting

Where: From remote
Solution Status: Unpatched


Software: Dataspade 1.x

Description:
r0t has reported some vulnerabilities in Dataspade, which can be exploited by malicious people to conduct cross-site scripting attacks.

Input passed to the "ViewName", "TableName", "OrderBy" and "FilterField" parameters in Index.asp is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in the context of an affected site.

The vulnerabilities are reported in version 1.0. Other versions may also be affected.

Solution:
Edit the source code to ensure that input is properly sanitised.

Provided and/or discovered by:
r0t

Original Advisory:
http://pridels-team.blogspot.com/2008/09/dataspade-xss-vuln.html

Collapse -
Gentoo update for R

In reply to: VULNERABILITIES \ FIXES - September 23, 2008

Release Date: 2008-09-23

Critical:
Less critical
Impact: Privilege escalation

Where: Local system
Solution Status: Vendor Patch


OS: Gentoo Linux 1.x

Description:
Gentoo has issued an update for R. This fixes a vulnerability, which can be exploited by malicious, local users to perform certain actions with escalated privileges.

For further information:
SA31647

Solution:
Update to version "dev-lang/R-2.7.1" or later.

Original Advisory:
http://www.gentoo.org/security/en/glsa/glsa-200809-13.xml

Other References:
SA31647:
http://secunia.com/advisories/31647/

Collapse -
Gentoo update for newsbeuter

In reply to: VULNERABILITIES \ FIXES - September 23, 2008

Release Date: 2008-09-23

Critical:
Moderately critical
Impact: System access

Where: From remote
Solution Status: Vendor Patch


OS: Gentoo Linux 1.x

Description:
Gentoo has issued an update for newsbeuter. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.

Solution:
Update to version "net-news/newsbeuter-1.2" or later.

Original Advisory:
http://www.gentoo.org/security/en/glsa/glsa-200809-12.xml

Other References:
SA31676:
http://secunia.com/advisories/31676/

Collapse -
Vignette VCM Unspecified Security Bypass Vulnerability

In reply to: VULNERABILITIES \ FIXES - September 23, 2008

Release Date: 2008-09-23

Critical:
Less critical
Impact: Security Bypass

Where: From remote
Solution Status: Partial Fix


Software: Vignette V7

Vignette VCM Unspecified Security Bypass Vulnerability
Secunia Advisory: SA31983 Advisory Toolbox:
Issue ticket
Save in to-do list
Mark as handled
Exploit information
Download as PDF
Review actions
Add comment
Release Date: 2008-09-23
Popularity: 153 views


Critical:
Less critical
Impact: Security Bypass

Where: From remote
Solution Status: Partial Fix


Software: Vignette V7



Subscribe: Instant alerts on relevant vulnerabilities



Description:
A vulnerability has been reported in Vignette, which can be exploited by malicious users to bypass certain security restrictions.

The vulnerability is caused due to an unspecified error in Vignette Content Management (VCM), which can be exploited to gain administrative access and e.g. create, approve, and publish content or change application configurations.

The vulnerability affects Vignette Content Management versions 7.3.0.5, 7.3.1, 7.3.1.1, 7.4, and 7.5.

Solution:
VCM 7.3.1 through 7.5:
The vendor has released an update that reportedly fixes the vulnerability (KB 9872).
http://support.vignette.com/VOLSS/KB/View/1,,9872.html (requires login)

VCM 7.3.0.5:
The vendor is currently working on a fix.

Provided and/or discovered by:
National Australia Bank's Security Assurance Team

Original Advisory:
Vignette:
http://dialog.vignette.com/hm?g=1.2jds7.bky8.rs.0.27gqh.htk8&h=1

Collapse -
PHP Pro Bid Multiple SQL Injection Vulnerabilities

In reply to: VULNERABILITIES \ FIXES - September 23, 2008

Release Date: 2008-09-23

Critical:
Moderately critical
Impact: Manipulation of data
Exposure of sensitive information

Where: From remote
Solution Status: Unpatched


Software: PHP Pro Bid 6.x

Description:
Jan van Niekerk has reported some vulnerabilities in PHP Pro Bid, which can be exploited by malicious people to conduct SQL injection attacks.

Input passed to the "order_field" and "order_type" parameters to e.g. categories.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

The vulnerabilities are reported in version 6.04. Other versions may also be affected.

Solution:
Edit the source code to ensure that input is properly sanitised.

Provided and/or discovered by:
Jan van Niekerk

Collapse -
Arcadem "articlecat" SQL Injection Vulnerability

In reply to: VULNERABILITIES \ FIXES - September 23, 2008

Release Date: 2008-09-23

Critical:
Moderately critical
Impact: Manipulation of data

Where: From remote
Solution Status: Vendor Patch


Software: Arcadem 2.x

Description:
A vulnerability has been reported in Arcadem, which can be exploited by malicious people to conduct SQL injection attacks.

Input passed to the "articlecat" parameter in index.php is not properly sanitised before being used in an SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

The vulnerability affects Arcadem Pro versions 2.700 through 2.802.

Solution:
Update to version 2.803.

Provided and/or discovered by:
Hussin X

Original Advisory:
Agares Media:
https://secure.agaresmedia.com/forums/viewtopic.php?f=12&t=2032

Hussin X:
http://packetstorm.linuxsecurity.com/0809-exploits/arcadempro-sql.txt

Collapse -
phpMyAdmin Cross-Site Scripting Vulnerability

In reply to: VULNERABILITIES \ FIXES - September 23, 2008

Release Date: 2008-09-23

Critical:
Less critical
Impact: Cross Site Scripting

Where: From remote
Solution Status: Vendor Patch


Software: phpMyAdmin 2.x

Description:
A vulnerability has been reported in phpMyAdmin, which can be exploited by malicious people to conduct cross-site scripting attacks.

An error exists in the "PMA_escapeJsString()" function in libraries/js_escape.lib.php, which can be exploited to bypass certain filters and execute arbitrary HTML and script code in a user's browser session in context of an affected site when e.g. Microsoft Internet Explorer is used.

The vulnerability is reported in versions prior to 2.11.9.2.

Solution:
Update to version 2.11.9.2.

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
http://www.phpmyadmin.net/home_page/downloads.php?relnotes=1

Collapse -
Achievo "atkaction" Cross-Site Scripting Vulnerability

In reply to: VULNERABILITIES \ FIXES - September 23, 2008

Release Date: 2008-09-23



Critical:
Less critical
Impact: Cross Site Scripting

Where: From remote
Solution Status: Unpatched


Software: Achievo 1.x

Description:
A vulnerability has been discovered in Achievo, which can be exploited by malicious people to conduct cross-site scripting attacks.

Input passed to the "atkaction" parameter in dispatch.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in the context of an affected site.

This vulnerability is confirmed in version 1.3.2. Other versions may also be affected.

Solution:
Edit the source code to ensure that input is properly sanitised.

Provided and/or discovered by:
Reported by an anonymous person

Collapse -
BlueCUBE "id" SQL Injection Vulnerability

In reply to: VULNERABILITIES \ FIXES - September 23, 2008

Release Date: 2008-09-23

Critical:
Moderately critical
Impact: Manipulation of data
Exposure of sensitive information

Where: From remote
Solution Status: Unpatched


Software: BlueCUBE CMS

Description:
r45c4l has reported a vulnerability is BlueCUBE CMS, which can be exploited by malicious people to conduct SQL injection attacks.

Input passed to the "id" parameter in tienda.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

Solution:
Edit the source code to ensure that input is properly sanitised.

Provided and/or discovered by:
r45c4l

Original Advisory:
http://packetstorm.linuxsecurity.com/0809-exploits/bluecube.txt

Collapse -
Plaincart "p" SQL Injection Vulnerability

In reply to: VULNERABILITIES \ FIXES - September 23, 2008

Release Date: 2008-09-23

Critical:
Moderately critical
Impact: Manipulation of data
Exposure of sensitive information

Where: From remote
Solution Status: Unpatched


Software: Plaincart

Description:
r45c4l has discovered a vulnerability in Plaincart, which can be exploited by malicious people to conduct SQL injection attacks.

Input passed to the "p" parameter in index.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

Solution:
Edit the source code to ensure that input is properly sanitised.

Provided and/or discovered by:
r45c4l

Original Advisory:
http://milw0rm.com/exploits/6503

Collapse -
x10 Automatic MP3 Script "web_root" File Inclusion Vulnerabi

In reply to: VULNERABILITIES \ FIXES - September 23, 2008

Release Date: 2008-09-23

Critical:
Highly critical
Impact: System access

Where: From remote
Solution Status: Vendor Patch


Software: x10 Automatic MP3 Script 1.x

Description:
Some vulnerabilities have been reported x10 Automatic MP3 Script, which can be exploited by malicious people to compromise a vulnerable system.

Input passed to the "web_root" parameter in includes/function_core.php and templates/layout_lyrics.php is not properly verified before being used to include files. This can be exploited to include arbitrary files from local and external resources.

The vulnerabilities are reported in version 1.5.5. Other versions may also be affected.

Solution:
Reportedly, the vendor has issued patches to fix the vulnerabilities.

Provided and/or discovered by:
THUNDER

Original Advisory:
http://milw0rm.com/exploits/6480

Collapse -
Debian Sarge Multiple IMAP Server DoS (debianimapers.c)

In reply to: VULNERABILITIES \ FIXES - September 23, 2008

Collapse -
Sagem Routers F@ST Remote CSRF Exploit (DHCP Hostname Attack

In reply to: VULNERABILITIES \ FIXES - September 23, 2008

Collapse -
Microsoft to drop support for Office 2003

In reply to: VULNERABILITIES \ FIXES - September 23, 2008

Urges users to update to service pack involved in blocked file brouhaha


September 23, 2008 (Computerworld) Microsoft Corp. warned users yesterday that it will drop support for Office 2003 Service Pack 2 (SP2) in three weeks, and urged them to upgrade to a newer service pack that was involved in a dustup earlier this year over blocked file formats.

The company's policy is to support an Office service pack for 12 months after it releases a successor; Microsoft rolled out Office 2003 SP3 in September 2007. It always extends that 12-month period to the following month's second Tuesday, the usual patch day for its security updates.

"Any security updates released on or before October 14 will support both Service Packs 2 and 3," said a Microsoft employee identified only as "David" on a company blog. "Security updates released after October 14 will support only Service Pack 3."

More: http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9115366&source=rss_topic17

Popular Forums

icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

DEALS, DEALS, DEALS!

Best Black Friday Deals

CNET editors are busy culling the list and highlighting what we think are the best deals out there this holiday season.