Spyware, Viruses, & Security forum

General discussion

VULNERABILITIES - June 15, 2007

by Marianna Schmudlach / June 15, 2007 12:21 AM PDT

Tiny Content Module for Xoops "spaw_root" Parameter File Inclusion Vulnerability

Advisory ID : FrSIRT/ADV-2007-2204
CVE ID : GENERIC-MAP-NOMATCH
Rated as : High Risk
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-06-15
Technical Description

A vulnerability has been identified in Tiny Content (module for Xoops), which could be exploited by remote attackers to compromise a vulnerable web server. This issue is caused by an input validation error in the "admin/spaw/spaw_control.class.php" script when processing the "spaw_root" parameter, which could be exploited by remote attackers to include malicious PHP scripts and execute arbitrary commands with the privileges of the web server.

Affected Products

Tiny Content (module for Xoops) version 1.5 and prior

Solution

The FrSIRT is not aware of any official supplied patch for this issue.

References

http://www.frsirt.com/english/advisories/2007/2204

Credits

Vulnerability reported by Sp[L]o1T.

Discussion is locked
You are posting a reply to: VULNERABILITIES - June 15, 2007
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: VULNERABILITIES - June 15, 2007
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
XT-Conteudo Module for Xoops "spaw_root" Parameter File Incl
by Marianna Schmudlach / June 15, 2007 12:22 AM PDT

XT-Conteudo Module for Xoops "spaw_root" Parameter File Inclusion Vulnerability

Advisory ID : FrSIRT/ADV-2007-2205
CVE ID : GENERIC-MAP-NOMATCH
Rated as : High Risk
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-06-15
Technical Description

A vulnerability has been identified in XT-Conteudo (module for Xoops), which could be exploited by remote attackers to compromise a vulnerable web server. This issue is caused by an input validation error in the "admin/spaw/spaw_control.class.php" script when processing the "spaw_root" parameter, which could be exploited by remote attackers to include malicious PHP scripts and execute arbitrary commands with the privileges of the web server.

Affected Products

XT-Conteudo (module for Xoops) version 1.52 and prior

Solution

The FrSIRT is not aware of any official supplied patch for this issue.

References

http://www.frsirt.com/english/advisories/2007/2205

Credits

Vulnerability reported by FiSh.

Collapse -
Cjay Content Module for Xoops "spaw_root" Parameter File Inc
by Marianna Schmudlach / June 15, 2007 12:23 AM PDT

Cjay Content Module for Xoops "spaw_root" Parameter File Inclusion Vulnerability

Advisory ID : FrSIRT/ADV-2007-2206
CVE ID : GENERIC-MAP-NOMATCH
Rated as : High Risk
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-06-15
Technical Description

A vulnerability has been identified in Cjay Content (module for Xoops), which could be exploited by remote attackers to compromise a vulnerable web server. This issue is caused by an input validation error in the "admin/editor2/spaw_control.class.php" script when processing the "spaw_root" parameter, which could be exploited by remote attackers to include malicious PHP scripts and execute arbitrary commands with the privileges of the web server.

Affected Products

Cjay Content (module pour Xoops) version 3 and prior

Solution

The FrSIRT is not aware of any official supplied patch for this issue.

References

http://www.frsirt.com/english/advisories/2007/2206

Credits

Vulnerability reported by FiSh.

Collapse -
Linux Kernel "compat_sys_mount()" Function Local Denial of S
by Marianna Schmudlach / June 15, 2007 12:40 AM PDT

Linux Kernel "compat_sys_mount()" Function Local Denial of Service Vulnerability

Advisory ID : FrSIRT/ADV-2007-2209
CVE ID : CVE-2006-7203
Rated as : Low Risk
Remotely Exploitable : No
Locally Exploitable : Yes
Release Date : 2007-06-15
Technical Description

A vulnerability has been identified in Linux Kernel, which could be exploited by malicious users to cause a denial of service. This issue is caused by a NULL pointer dereference error in the "compat_sys_mount()" [fs/compat.c] function when converting data, which could be exploited by local attackers to panic an affected system and create a denial of service condition by mounting a smbfs file system in compatibility mode ("mount -t smbfs").

Affected Products

Linux Kernel versions 2.6.x

Solution

Apply patch :
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff_plain;h=822191a2fa1584a29c3224ab328507adcaeac1ab

References

http://www.frsirt.com/english/advisories/2007/2209

Credits

Vulnerability reported by OpenVZ Linux kernel team.

Collapse -
Sun Solaris Samba Multiple Code Execution and Privilege Esca
by Marianna Schmudlach / June 15, 2007 12:42 AM PDT

Sun Solaris Samba Multiple Code Execution and Privilege Escalation Vulnerabilities

Advisory ID : FrSIRT/ADV-2007-2210
CVE ID : CVE-2007-2444 - CVE-2007-2446 - CVE-2007-2447
Rated as : Critical
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-06-15
Technical Description

Multiple vulnerabilities have been identified in Sun Solaris, which could be exploited by remote or local attackers to cause a denial of service or execute arbitrary code. These issues are caused by errors in Samba. For additional information, see : FrSIRT/ADV-2007-1805

Affected Products

Sun Solaris 9
Sun Solaris 10

Solution

A final resolution is pending completion.

The FrSIRT is not aware of any official supplied patch for this issue.

References

http://www.frsirt.com/english/advisories/2007/2210
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102964-1

Collapse -
Sun Solaris IPv6 Implementation IPsec Packets Denial of Serv
by Marianna Schmudlach / June 15, 2007 12:43 AM PDT

Sun Solaris IPv6 Implementation IPsec Packets Denial of Service Vulnerability

Advisory ID : FrSIRT/ADV-2007-2211
CVE ID : GENERIC-MAP-NOMATCH
Rated as : Low Risk
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-06-15
Technical Description

A vulnerability has been identified in Sun Solaris, which could be exploited by remote or local attackers to cause a denial of service. This issue is caused by an error in the IPv6 implementation when processing specially crafted IPsec packets, which could be exploited by attackers to a panic a vulnerable system which is configured to use IPv6 but is not configured to use the IPsec stack.

Affected Products

Sun Solaris 10

Solution

Sun Solaris 10 (SPARC) - Apply patch 125100-09 or later :
http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21-125100-09-1

Sun Solaris 10 (x86) - Apply patch 125101-09 or later :
http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21-125101-09-1

References

http://www.frsirt.com/english/advisories/2007/2211
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102919-1

Credits

Vulnerability reported by the vendor.

Collapse -
Apache MyFaces Tomahawk "autoscroll" Parameter Cross Site Sc
by Marianna Schmudlach / June 15, 2007 12:44 AM PDT

Apache MyFaces Tomahawk "autoscroll" Parameter Cross Site Scripting Vulnerability

Advisory ID : FrSIRT/ADV-2007-2212
CVE ID : CVE-2007-3101
Rated as : Low Risk
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-06-15
Technical Description

A vulnerability has been identified in Apache MyFaces Tomahawk, which could be exploited by attackers to execute arbitrary scripting code. This issue is caused by an input validation error when processing the "autoscroll" parameter, which could be exploited by attackers to cause arbitrary scripting code to be executed by the user's browser in the security context of an affected Web site.

Affected Products

Apache MyFaces Tomahawk version 1.1.5 and prior

Solution

Upgrade to Apache MyFaces Tomahawk version 1.1.6 :
http://myfaces.apache.org/tomahawk/

References

http://www.frsirt.com/english/advisories/2007/2212
https://issues.apache.org/jira/browse/TOMAHAWK-983
https://issues.apache.org/jira/browse/TOMAHAWK-1021
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=544

Credits

Vulnerability reported by Rajat Swarup (VeriSign Global Security Consulting).

Collapse -
Apache Tomcat Multiple Web Applications Client-Side Cross Si
by Marianna Schmudlach / June 15, 2007 12:45 AM PDT

Apache Tomcat Multiple Web Applications Client-Side Cross Site Scripting Issues

Advisory ID : FrSIRT/ADV-2007-2213
CVE ID : CVE-2007-2449 - CVE-2007-2450
Rated as : Low Risk
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-06-15
Technical Description

Multiple vulnerabilities have been identified in Apache Tomcat, which could be exploited by attackers to execute arbitrary scripting code. These issues are caused by input validation errors in the examples, Manager and Host Manager web applications when processing user-supplied data, which could be exploited by attackers to cause arbitrary scripting code to be executed by the user's browser in the security context of an affected Web site.

Affected Products

Apache Tomcat versions 6.0.0 through 6.0.13
Apache Tomcat versions 5.0.0 through 5.0.30
Apache Tomcat versions 5.5.0 through 5.5.24
Apache Tomcat versions 4.0.1 through 4.0.6
Apache Tomcat versions 4.1.0 through 4.1.36

Solution

Upgrade to Apache Tomcat 4.1.HEAD, 5.0.HEAD, 5.5.HEAD, or 6.0.HEAD :
http://tomcat.apache.org/index.html

References

http://www.frsirt.com/english/advisories/2007/2213
http://tomcat.apache.org/security-6.html
http://tomcat.apache.org/security-5.html
http://tomcat.apache.org/security-4.html
http://jvn.jp/jp/JVN%2307100457/index.html

Credits

Vulnerabilities reported by JVN.

Collapse -
Mandriva Security Update Fixes SpamAssassin Local Denial of
by Marianna Schmudlach / June 15, 2007 12:48 AM PDT

Mandriva Security Update Fixes SpamAssassin Local Denial of Service Vulnerability

Advisory ID : FrSIRT/ADV-2007-2193
CVE ID : CVE-2007-2873
Rated as : Low Risk
Remotely Exploitable : No
Locally Exploitable : Yes
Release Date : 2007-06-15
Technical Description

A vulnerability has been identified in Mandriva, which could be exploited by local attackers to cause a denial of service. This issue is caused by an error in SpamAssassin. For additional information, see : FrSIRT/ADV-2007-2172

Affected Products

Mandriva Linux 2007.0
Mandriva Linux 2007.1
Mandriva Corporate 4.0

Solution

Upgrade the affected packages

References

http://www.frsirt.com/english/advisories/2007/2193
http://archives.mandrivalinux.com/security-announce/2007-06/msg00020.php

Collapse -
SuSE Security Update Fixes Kernel Buffer Overflow and Denial
by Marianna Schmudlach / June 15, 2007 12:49 AM PDT

SuSE Security Update Fixes Kernel Buffer Overflow and Denial of Service Issues

Advisory ID : FrSIRT/ADV-2007-2194
CVE ID : CVE-2006-2936 - CVE-2006-5749 - CVE-2006-5753 - CVE-2006-5754 - CVE-2006-5871 - CVE-2006-6106 - CVE-2006-6535 - CVE-2006-7203 - CVE-2007-1353 - CVE-2007-1357 - CVE-2007-1592
Rated as : Moderate Risk
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-06-15
Technical Description

Multiple vulnerabilities have been identified in various SuSE and Novell products, which could be exploited by attackers to bypass security restrictions, cause a denial of service, or execute arbitrary code. These issues are caused by errors in Kernel. For additional information, see : FrSIRT/ADV-2006-2841 - FrSIRT/ADV-2006-5037 - FrSIRT/ADV-2007-1495 - FrSIRT/ADV-2007-1340 - FrSIRT/ADV-2007-1084

Affected Products

SUSE SLES 9
Novell Linux Desktop 9
Novell Open Enterprise Server
Novell Linux POS 9

Solution

Upgrade the affected packages :
http://support.novell.com

References

http://www.frsirt.com/english/advisories/2007/2194
http://lists.opensuse.org/opensuse-security-announce/2007-Jun/msg00004.html

Collapse -
Fedora Security Update Fixes iscsi-initiator-utils Denial of
by Marianna Schmudlach / June 15, 2007 12:50 AM PDT

Fedora Security Update Fixes iscsi-initiator-utils Denial of Service Vulnerabilities

Advisory ID : FrSIRT/ADV-2007-2195
CVE ID : CVE-2007-3099 - CVE-2007-3100
Rated as : Low Risk
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-06-15
Technical Description

Multiple vulnerabilities have been identified in Fedora, which could be exploited by attackers to cause a denial of service.

The first issue is caused by an error in the "usr/mgmt_ipc.c" file within open-iscsi (iscsi-initiator-utils) that checks the client's UID on the listening AF_LOCAL socket instead of the new connection, which could be exploited by attackers to access the management interface and cause a denial of service.

The second vulnerability is caused by an error in the "usr/log.c" file within open-iscsi (iscsi-initiator-utils) that uses a semaphore with insecure permissions (world-writable/world-readable) when managing log messages using shared memory, which could be exploited by malicious users to cause a denial of service.

Affected Products

Fedora Core 5
Fedora Core 6

Solution

Upgrade the affected packages

References

http://www.frsirt.com/english/advisories/2007/2195
https://www.redhat.com/archives/fedora-package-announce/2007-June/msg00261.html
https://www.redhat.com/archives/fedora-package-announce/2007-June/msg00262.html

Credits

Vulnerabilities reported by Olaf Kirch (Oracle).

Collapse -
Redhat Security Update Fixes iscsi-initiator-utils Denial of
by Marianna Schmudlach / June 15, 2007 12:52 AM PDT

Redhat Security Update Fixes iscsi-initiator-utils Denial of Service Vulnerabilities

Advisory ID : FrSIRT/ADV-2007-2196
CVE ID : CVE-2007-3099 - CVE-2007-3100
Rated as : Low Risk
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-06-15
Technical Description

Multiple vulnerabilities have been identified in Red Hat Enterprise Linux, which could be exploited by attackers to cause a denial of service.

The first issue is caused by an error in the "usr/mgmt_ipc.c" file within open-iscsi (iscsi-initiator-utils) that checks the client's UID on the listening AF_LOCAL socket instead of the new connection, which could be exploited by attackers to access the management interface and cause a denial of service.

The second vulnerability is caused by an error in the "usr/log.c" file within open-iscsi (iscsi-initiator-utils) that uses a semaphore with insecure permissions (world-writable/world-readable) when managing log messages using shared memory, which could be exploited by malicious users to cause a denial of service.

Affected Products

Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux Desktop (v. 5 client)

Solution

Upgrade the affected packages :
https://rhn.redhat.com/

References

http://www.frsirt.com/english/advisories/2007/2196
https://rhn.redhat.com/errata/RHSA-2007-0497.html

Credits

Vulnerabilities reported by Olaf Kirch (Oracle).

Collapse -
Redhat Security Update Fixes Mod_perl Remote Denial of Servi
by Marianna Schmudlach / June 15, 2007 12:54 AM PDT

Redhat Security Update Fixes Mod_perl Remote Denial of Service Vulnerability

Advisory ID : FrSIRT/ADV-2007-2197
CVE ID : CVE-2007-1349
Rated as : Moderate Risk
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-06-15
Technical Description

A vulnerability has been identified in Redhat, which could be exploited by attackers to cause a denial of service. This issue is caused by an error in mod_perl. For additional information, see : FrSIRT/ADV-2007-1150

Affected Products

RHEL Desktop Workstation (v. 5 client)
Red Hat Desktop (v. 3)
Red Hat Desktop (v. 4)
Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux AS (v. 3)
Red Hat Enterprise Linux AS (v. 4)
Red Hat Enterprise Linux ES (v. 3)
Red Hat Enterprise Linux ES (v. 4)
Red Hat Enterprise Linux WS (v. 3)
Red Hat Enterprise Linux WS (v. 4)

Solution

Upgrade the affected packages :
https://rhn.redhat.com/

References

http://www.frsirt.com/english/advisories/2007/2197
https://rhn.redhat.com/errata/RHSA-2007-0395.html

Collapse -
Redhat Security Update Fixes Kernel Denial of Service and In
by Marianna Schmudlach / June 15, 2007 12:55 AM PDT

Redhat Security Update Fixes Kernel Denial of Service and Information Disclosure

Advisory ID : FrSIRT/ADV-2007-2198
CVE ID : CVE-2006-7203 - CVE-2007-1353 - CVE-2007-2453 - CVE-2007-2525
Rated as : Moderate Risk
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-06-15
Technical Description

Multiple vulnerabilities have been identified in Redhat, which could be exploited by attackers to bypass security restrictions, cause a denial of service, or disclose sensitive information. These issues are caused by errors in Kernel. For additional information, see : FrSIRT/ADV-2007-1495 - FrSIRT/ADV-2007-2105 - FrSIRT/ADV-2007-1703

Affected Products

RHEL Desktop Workstation (v. 5 client)
Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux Desktop (v. 5 client)

Solution

Upgrade the affected packages :
https://rhn.redhat.com/

References

http://www.frsirt.com/english/advisories/2007/2198
https://rhn.redhat.com/errata/RHSA-2007-0376.html

Collapse -
Redhat Security Update Fixes Libexif "exif_data_load_data_en
by Marianna Schmudlach / June 15, 2007 12:56 AM PDT

Redhat Security Update Fixes Libexif "exif_data_load_data_entry()" Code Execution

Advisory ID : FrSIRT/ADV-2007-2199
CVE ID : CVE-2006-4168
Rated as : High Risk
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-06-15
Technical Description

A vulnerability has been identified in Redhat, which could be exploited by attackers to cause a denial of service or execute arbitrary code. This issue is caused by an error in Libexif. For additional information, see : FrSIRT/ADV-2007-2165

Affected Products

RHEL Desktop Workstation (v. 5 client)
Red Hat Desktop (v. 4)
Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux AS (v. 4)
Red Hat Enterprise Linux Desktop (v. 5 client)
Red Hat Enterprise Linux ES (v. 4)
Red Hat Enterprise Linux WS (v. 4)

Solution

Upgrade the affected packages :
https://rhn.redhat.com/

References

http://www.frsirt.com/english/advisories/2007/2199
https://rhn.redhat.com/errata/RHSA-2007-0501.html

Collapse -
Debian Security Update Fixes Iceweasel Code Execution and Se
by Marianna Schmudlach / June 15, 2007 12:57 AM PDT

Debian Security Update Fixes Iceweasel Code Execution and Security Bypass

Advisory ID : FrSIRT/ADV-2007-2200
CVE ID : CVE-2007-1362 - CVE-2007-2867 - CVE-2007-2868 - CVE-2007-2869 - CVE-2007-2870 - CVE-2007-2871
Rated as : Critical
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-06-15
Technical Description

Multiple vulnerabilities have been identified in Debian, which could be exploited by attackers to bypass security restrictions, disclose sensitive information, cause a denial of service or take complete control of an affected system. These issues are caused by errors in Iceweasel. For additional information, see : FrSIRT/ADV-2007-1994

Affected Products

Debian GNU/Linux sarge
Debian GNU/Linux etch
Debian GNU/Linux sid

Solution

Debian GNU/Linux etch - Upgrade to version 2.0.0.4-0etch1
Debian GNU/Linux sid - Upgrade to version 2.0.0.4-1

References

http://www.frsirt.com/english/advisories/2007/2200
http://lists.debian.org/debian-security-announce/debian-security-announce-2007/msg00067.html

Collapse -
rPath Security Update Fixes Evolution-data-server Informatio
by Marianna Schmudlach / June 15, 2007 12:58 AM PDT

rPath Security Update Fixes Evolution-data-server Information Disclosure Weakness

Advisory ID : FrSIRT/ADV-2007-2201
CVE ID : CVE-2007-1558
Rated as : Low Risk
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-06-15
Technical Description

A weakness has been identified in rPath Linux, which could be exploited by remote attackers to gain knowledge of sensitive information. This issue is caused by an error in the APOP protocol within evolution-data-server that fails to properly prevent MD5 collisions, which could be exploited via man-in-the-middle attacks and specially crafted message-IDs to potentially disclose the first three characters of passwords.

Affected Products

rPath Linux 1

Solution

Upgrade the affected package :
evolution-data-server=/conary.rpath.com at rpl:devel//1/1.4.1.1-1.4-1

References

http://www.frsirt.com/english/advisories/2007/2201
http://lists.rpath.com/pipermail/security-announce/2007-June/000198.html

Collapse -
rPath Security Update Fixes Squirrelmail Multiple Cross Site
by Marianna Schmudlach / June 15, 2007 1:00 AM PDT

rPath Security Update Fixes Squirrelmail Multiple Cross Site Scripting Vulnerabilities

Advisory ID : FrSIRT/ADV-2007-2202
CVE ID : CVE-2007-1262
Rated as : Moderate Risk
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-06-15
Technical Description

Multiple vulnerabilities have been identified in rPath Linux, which could be exploited by attackers to execute arbitrary scripting code. These issues are caused by errors in Squirrelmail. For additional information, see : FrSIRT/ADV-2007-1748

Affected Products

rPath Linux 1

Solution

Upgrade the affected package :
squirrelmail=/conary.rpath.com at rpl:devel//1/1.4.10a-0.1-1

References

http://www.frsirt.com/english/advisories/2007/2202
http://lists.rpath.com/pipermail/security-announce/2007-June/000199.html

Collapse -
rPath Security Update Fixes Kernel Denial of Service and Inf
by Marianna Schmudlach / June 15, 2007 1:01 AM PDT

rPath Security Update Fixes Kernel Denial of Service and Information Disclosure

Advisory ID : FrSIRT/ADV-2007-2203
CVE ID : CVE-2005-4352 - CVE-2006-4572 - CVE-2006-4623 - CVE-2006-4814 - CVE-2006-4997 - CVE-2006-5173 - CVE-2006-5749 - CVE-2006-5753 - CVE-2006-5755 - CVE-2006-5757 - CVE-2006-5823 - CVE-2006-6053 - CVE-2006-6054 - CVE-2006-6056 - CVE-2006-6060 - CVE-2006-6106 - CVE-2007-0005 - CVE-2007-0006 - CVE-2007-0772 - CVE-2007-1000 - CVE-2007-1357 - CVE-2007-1861 - CVE-2007-2242
Rated as : Moderate Risk
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-06-15
Technical Description

Multiple vulnerabilities have been identified in rPath Linux, which could be exploited by attackers to bypass security restrictions, cause a denial of service, or disclose sensitive information. These issues are caused by errors in Kernel. For additional information, see : FrSIRT/ADV-2006-4386 - FrSIRT/ADV-2006-3551 - FrSIRT/ADV-2006-5082 - FrSIRT/ADV-2006-3937 - FrSIRT/ADV-2006-4716 - FrSIRT/ADV-2006-4359 - FrSIRT/ADV-2006-4405 - FrSIRT/ADV-2006-4458 - FrSIRT/ADV-2006-4487 - FrSIRT/ADV-2006-5037 - FrSIRT/ADV-2007-0872 - FrSIRT/ADV-2007-0612 - FrSIRT/ADV-2007-0660 - FrSIRT/ADV-2007-0907 - FrSIRT/ADV-2007-1340 - FrSIRT/ADV-2007-1595 - FrSIRT/ADV-2007-1563

Affected Products

rPath Linux 1

Solution

Upgrade the affected packages :
kernel=/conary.rpath.com at rpl:devel//1-xen/2.6.16.33-0.1-1
xen=/conary.rpath.com at rpl:devel//1/3.0.3_0-1.5-1

References

http://www.frsirt.com/english/advisories/2007/2203
http://lists.rpath.com/pipermail/security-announce/2007-June/000200.html

Collapse -
Astaro Security Gateway SMTP and HTTP Proxies Denial of Serv
by Marianna Schmudlach / June 15, 2007 12:06 PM PDT

Astaro Security Gateway SMTP and HTTP Proxies Denial of Service Vulnerabilities

Advisory ID : FrSIRT/ADV-2007-2220
CVE ID : GENERIC-MAP-NOMATCH
Rated as : Moderate Risk
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-06-15
Technical Description

Two vulnerabilities have been identified in Astaro Security Gateway (ASG), which could be exploited by attackers to cause a denial of service.

The first issue is caused by an error in the SMTP proxy when scanning an email in a certain format, which could be exploited by remote attackers to cause a vulnerable application to stop, creating a denial of service condition.

The second vulnerability is caused by an error in the HTTP proxy when delivering virus scanned webpages to a client, which could cause a vulnerable application to stop, creating a denial of service condition.

Affected Products

Astaro Security Gateway V7

Solution

Apply Up2Date version 7.005 :
http://download.astaro.com/Astaro_Security_Linux/v7.0/up2date/

References

http://www.frsirt.com/english/advisories/2007/2220
http://up2date.astaro.com/2007/06/up2date_7005_released_middle.html

Credits

Vulnerabilities reported by the vendor.

Collapse -
Novell NetWare NFS Server Mount Command Handling Buffer Over
by Marianna Schmudlach / June 15, 2007 12:08 PM PDT

Novell NetWare NFS Server Mount Command Handling Buffer Overflow Vulnerability

Advisory ID : FrSIRT/ADV-2007-2221
CVE ID : CVE-2007-3207
Rated as : Low Risk
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-06-15
Technical Description

A vulnerability has been identified in Novell NetWare, which could be exploited by attackers to cause a denial of service. This issue is caused by a buffer overflow error in the NFS server (XNFS.NLM) when processing a mount command containing an overly long path (more than 508 characters), which could be exploited by a malicious client to cause a vulnerable server to abend, creating a denial of service condition.

Affected Products

Novell NetWare version 6.5 Support Pack 6 and prior

Solution

Apply patch :
http://download.novell.com/Download?buildid=8XdJVBDYifk~

References

http://www.frsirt.com/english/advisories/2007/2221
https://secure-support.novell.com/KanisaPlatform/Publishing/23/3008097_f.SAL_Public.html
http://download.novell.com/SummaryFree.jsp?buildid=8XdJVBDYifk~

Credits

Vulnerability reported by the vendor.

Popular Forums
icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

CNET FORUMS TOP DISCUSSION

Help, my PC with Windows 10 won't shut down properly

Since upgrading to Windows 10 my computer won't shut down properly. I use the menu button shutdown and the screen goes blank, but the system does not fully shut down. The only way to get it to shut down is to hold the physical power button down till it shuts down. Any suggestions?