Spyware, Viruses, & Security forum

General discussion

VULNERABILITIES \ FIXES - September 7, 2008R

by Marianna Schmudlach / September 7, 2008 1:24 AM PDT

Google Chrome 'SaveAs' Function Buffer Overflow Vulnerability

Summary
The vulnerability in Google Chrome is caused due to a boundary error when handling the "SaveAs" function. On saving a malicious page with an overly long title (<title> tag in HTML), the program causes a stack-based overflow and makes it possible for attackers to execute arbitrary code on users' systems.

Credit:
The information has been provided by Security Vulnerability Research Team.

http://www.securiteam.com/windowsntfocus/5KP0120PFU.html

Discussion is locked
You are posting a reply to: VULNERABILITIES \ FIXES - September 7, 2008R
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: VULNERABILITIES \ FIXES - September 7, 2008R
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Atheros Vendor Specific Information Element Overflow
by Marianna Schmudlach / September 7, 2008 1:27 AM PDT

Summary
The wireless drivers in some Wi-Fi access points (such as the ATHEROS-based Linksys WRT350N) do not correctly parse the Atheros vendor specific information element included in association requests. This information element is used by wireless devices to advertise Atheros specific capabilities.

Credit:
The information has been provided by Laurent Butti and Julien Tinnes.

http://www.securiteam.com/securitynews/5LP0220PFE.html

Collapse -
Marvell Driver Null SSID Association Request Vulnerability
by Marianna Schmudlach / September 7, 2008 1:29 AM PDT

Summary
The wireless drivers in some Wi-Fi access points (such as the MARVELL-based Netgear WN802T) do not correctly parse SSID information element included in association requests. Most information elements are used by the wireless access point and clients to advertise their capabilities (regarding rates, network name, cryptographic capabilities...). More precisely, the SSID is used by the access point to validate that the wireless client intends to connect to the appropriate SSID.

Credit:
The information has been provided by Laurent Butti and Julien Tinnes.

http://www.securiteam.com/securitynews/5NP0420PFC.html

Collapse -
Marvell Driver EAPoL-Key Length Overflow
by Marianna Schmudlach / September 7, 2008 1:32 AM PDT

Summary
The wireless drivers in some Wi-Fi access points (such as the MARVELL-based Netgear WN802T) do not correctly parse malformed EAPoL-Key packets. This packet is used for unicast/multicast key derivation (which are called 4-way handshake and group key handshake) of any secure wireless connection (WPA-PSK, WPA2-PSK, WPA-EAP, WPA2-EAP).

Credit:
The information has been provided by Laurent Butti and Julien Tinnes.

http://www.securiteam.com/securitynews/5OP0520PFS.html

Collapse -
Remote Access VPN and SIP Vulnerabilities in Cisco PIX and C
by Marianna Schmudlach / September 7, 2008 1:35 AM PDT

Remote Access VPN and SIP Vulnerabilities in Cisco PIX and Cisco ASA

Summary
Multiple vulnerabilities exist in the Cisco ASA 5500 Series Adaptive Security Appliances and Cisco PIX Security Appliances that may result in a reload of the device or disclosure of confidential information. This security advisory outlines details of the following vulnerabilities:
* Erroneous SIP Processing Vulnerabilities
* IPSec Client Authentication Processing Vulnerability
* SSL VPN Memory Leak Vulnerability
* URI Processing Error Vulnerability in SSL VPNs
* Potential Information Disclosure in Clientless VPNs

Note: These vulnerabilities are independent of each other. A device may be affected by one vulnerability and not affected by another. Cisco has released free software updates that address these vulnerabilities. Workarounds that mitigate some of these vulnerabilities are available.

Credit:
The information has been provided by Cisco Systems Product Security Incident Response Team.
The original article can be found at: http://www.cisco.com/warp/public/707/cisco-sa-20080903-asa.shtml

http://www.securiteam.com/securitynews/5PP0620PFI.html

Collapse -
Samsung DVR SHR2040 HTTPD Denial of Service DoS (PoC)
by Marianna Schmudlach / September 7, 2008 2:53 AM PDT

Summary
The vulnerability in Samsung DVR SHR2040 is caused due to an unspecified error in the CGIs files filter used for configure properties. This can be exploited by sending a specially crafted HTTP request (NO necessary authentication), which will cause the HTTP service on the system to crash.

Credit:
The information has been provided by Alex Hernandez.

http://www.securiteam.com/exploits/5MP0320PFO.html

Popular Forums
icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

CNET FORUMS TOP DISCUSSION

Help, my PC with Windows 10 won't shut down properly

Since upgrading to Windows 10 my computer won't shut down properly. I use the menu button shutdown and the screen goes blank, but the system does not fully shut down. The only way to get it to shut down is to hold the physical power button down till it shuts down. Any suggestions?