Spyware, Viruses, & Security forum

General discussion

VULNERABILITIES - March 22, 2007

by Marianna Schmudlach / March 22, 2007 12:42 AM PDT

Red Hat update for openoffice.org

TITLE:
Red Hat update for openoffice.org

SECUNIA ADVISORY ID:
SA24550

VERIFY ADVISORY:
http://secunia.com/advisories/24550/

CRITICAL:
Highly critical

IMPACT:
System access

WHERE:
From remote

OPERATING SYSTEM:
RedHat Enterprise Linux AS 3
http://secunia.com/product/2534/
RedHat Enterprise Linux AS 4
http://secunia.com/product/4669/
RedHat Enterprise Linux ES 3
http://secunia.com/product/2535/
RedHat Enterprise Linux ES 4
http://secunia.com/product/4668/
RedHat Enterprise Linux WS 3
http://secunia.com/product/2536/
RedHat Enterprise Linux WS 4
http://secunia.com/product/4670/

DESCRIPTION:
Red Hat has issued an update for openoffice.org. This fixes some
vulnerabilities, which can be exploited by malicious people to
potentially compromise a user's system.

For more information:
SA24588

SOLUTION:
Updated packages are available via Red Hat Network.
http://rhn.redhat.com

ORIGINAL ADVISORY:
http://rhn.redhat.com/errata/RHSA-2007-0033.html

OTHER REFERENCES:
SA24588:
http://secunia.com/advisories/24588/

Discussion is locked
You are posting a reply to: VULNERABILITIES - March 22, 2007
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: VULNERABILITIES - March 22, 2007
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Asterisk SIP Response Code Denial of Service
by Marianna Schmudlach / March 22, 2007 12:43 AM PDT

TITLE:
Asterisk SIP Response Code Denial of Service

SECUNIA ADVISORY ID:
SA24579

VERIFY ADVISORY:
http://secunia.com/advisories/24579/

CRITICAL:
Less critical

IMPACT:
DoS

WHERE:
From remote

SOFTWARE:
Asterisk 1.x
http://secunia.com/product/2155/

DESCRIPTION:
qwerty1979 has reported a vulnerability in Asterisk, which can be
exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to an error in the processing of SIP
replies from a remote system and can be exploited to crash the
service via the remote system sending a SIP reply containing SIP
Response code 0.

The vulnerability is reported to affect only the 1.4.x branch.

SOLUTION:
Update to version 1.4.2.

PROVIDED AND/OR DISCOVERED BY:
qwerty1979

ORIGINAL ADVISORY:
http://www.sineapps.com/news.php?rssid=1707
http://bugs.digium.com/view.php?id=9313

Collapse -
Ubuntu update for inkscape
by Marianna Schmudlach / March 22, 2007 12:45 AM PDT

TITLE:
Ubuntu update for inkscape

SECUNIA ADVISORY ID:
SA24597

VERIFY ADVISORY:
http://secunia.com/advisories/24597/

CRITICAL:
Moderately critical

IMPACT:
DoS, System access

WHERE:
From remote

OPERATING SYSTEM:
Ubuntu Linux 6.10
http://secunia.com/product/12470/
Ubuntu Linux 6.06
http://secunia.com/product/10611/
Ubuntu Linux 5.10
http://secunia.com/product/6606/

DESCRIPTION:
Ubuntu has issued an update for inkscape. This fixes a vulnerability,
which potentially can be exploited to compromise a user's system.

For more information:
SA24615

SOLUTION:
Apply updated packages.

ORIGINAL ADVISORY:
http://www.ubuntu.com/usn/usn-438-1

OTHER REFERENCES:
SA24615:
http://secunia.com/advisories/24615/

Collapse -
Ubuntu update for mysql
by Marianna Schmudlach / March 22, 2007 12:47 AM PDT

TITLE:
Ubuntu update for mysql

SECUNIA ADVISORY ID:
SA24609

VERIFY ADVISORY:
http://secunia.com/advisories/24609/

CRITICAL:
Less critical

IMPACT:
DoS

WHERE:
From remote

OPERATING SYSTEM:
Ubuntu Linux 6.10
http://secunia.com/product/12470/
Ubuntu Linux 6.06
http://secunia.com/product/10611/

DESCRIPTION:
Ubuntu has issued an update for mysql. This fixes a vulnerability,
which can be exploited by malicious users to cause a DoS (Denial of
Service).

For more information:
SA24483

SOLUTION:
Apply updated packages.

ORIGINAL ADVISORY:
http://www.ubuntu.com/usn/usn-440-1

OTHER REFERENCES:
SA24483:
http://secunia.com/advisories/24483/

Collapse -
Ubuntu update for file
by Marianna Schmudlach / March 22, 2007 12:48 AM PDT

TITLE:
Ubuntu update for file

SECUNIA ADVISORY ID:
SA24604

VERIFY ADVISORY:
http://secunia.com/advisories/24604/

CRITICAL:
Less critical

IMPACT:
DoS, System access

WHERE:
From remote

OPERATING SYSTEM:
Ubuntu Linux 6.10
http://secunia.com/product/12470/
Ubuntu Linux 6.06
http://secunia.com/product/10611/
Ubuntu Linux 5.10
http://secunia.com/product/6606/

DESCRIPTION:
Ubuntu has issued an update for file. This fixes a vulnerability,
which potentially can be exploited by malicious people to compromise
a vulnerable system.

For more information:
SA24548

SOLUTION:
Apply updated packages.

ORIGINAL ADVISORY:
http://www.ubuntu.com/usn/usn-439-1

OTHER REFERENCES:
SA24548:
http://secunia.com/advisories/24548/

Collapse -
rPath update for file
by Marianna Schmudlach / March 22, 2007 12:49 AM PDT

TITLE:
rPath update for file

SECUNIA ADVISORY ID:
SA24592

VERIFY ADVISORY:
http://secunia.com/advisories/24592/

CRITICAL:
Less critical

IMPACT:
Manipulation of data, DoS, System access

WHERE:
From remote

OPERATING SYSTEM:
rPath Linux 1.x
http://secunia.com/product/10614/

DESCRIPTION:
rPath has issued an update for file. This fixes a vulnerability,
which potentially can be exploited by malicious people to compromise
a vulnerable system.

For more information:
SA24548

SOLUTION:
Update to "file=/conary.rpath.com@rpl:devel//1/4.20-1-0.1".

ORIGINAL ADVISORY:
http://lists.rpath.com/pipermail/security-announce/2007-March/000164.html

OTHER REFERENCES:
SA24548:
http://secunia.com/advisories/24548/

Collapse -
Inkscape Format String Vulnerabilities
by Marianna Schmudlach / March 22, 2007 12:56 AM PDT

TITLE:
Inkscape Format String Vulnerabilities

SECUNIA ADVISORY ID:
SA24615

VERIFY ADVISORY:
http://secunia.com/advisories/24615/

CRITICAL:
Moderately critical

IMPACT:
DoS, System access

WHERE:
From remote

SOFTWARE:
Inkscape 0.x
http://secunia.com/product/5505/

DESCRIPTION:
Some vulnerabilities have been reported in Inkscape, which
potentially can be exploited by malicious people to compromise a
user's system.

1) A format string error exists in certain dialogs. This can be
exploited to execute arbitrary code by tricking the user into opening
a specially crafted URI containing format string specifiers.

2) A format string error exists in the Whiteboard Jabber client,
which potentially can be exploited to execute arbitrary code.

Successful exploitation requires that the user is logged in to a
Jabber server.

The vulnerabilities are reported in versions prior to 0.45.1.

SOLUTION:
Update to version 0.45.1.

PROVIDED AND/OR DISCOVERED BY:
Kees Cook

ORIGINAL ADVISORY:
http://sourceforge.net/project/shownotes.php?roup_id=93438&release_id=495106

Collapse -
Opera Browser FTP PASV Response Handling Client-Side Port Sc
by Marianna Schmudlach / March 22, 2007 1:32 AM PDT

Opera Browser FTP PASV Response Handling Client-Side Port Scanning Vulnerability

Advisory ID : FrSIRT/ADV-2007-1075
CVE ID : GENERIC-MAP-NOMATCH
Rated as : Low Risk
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-03-22
Technical Description

A vulnerability has been identified in Opera, which could be exploited by attackers to gain knowledge of sensitive information. This issue is due to an error when processing FTP PASV responses, which could be exploited by remote attackers to perform a rudimentary port-scan of systems inside an internal network by tricking a user into connecting to a malicious web page hosted on a specially crafted FTP server.

Affected Products

Opera version 9.10 and prior

Solution

The FrSIRT is not aware of any official supplied patch for this issue.

References

http://www.frsirt.com/english/advisories/2007/1075
http://bindshell.net/papers/ftppasv

Credits

Vulnerability reported by Mark

Collapse -
Oracle Application Server "table" Parameter Handling Cross S
by Marianna Schmudlach / March 22, 2007 1:33 AM PDT

Oracle Application Server "table" Parameter Handling Cross Site Scripting Vulnerability

Advisory ID : FrSIRT/ADV-2007-1078
CVE ID : GENERIC-MAP-NOMATCH
Rated as : Moderate Risk
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-03-22
Technical Description

A vulnerability has been identified in Oracle Application Server, which could be exploited by attackers to execute arbitrary scripting code. This issue is due to an input validation error in the Dynamic Monitoring Service (DMS) when processing the "table" parameter, which could be exploited by attackers to cause arbitrary scripting code to be executed by the user's browser in the security context of an affected application.

Affected Products

Oracle Application Server 10g Release 2 (10.1.2)

Solution

The FrSIRT is not aware of any official supplied patch for this issue.

References

http://www.frsirt.com/english/advisories/2007/1078

Credits

Vulnerability reported by Sea Shark

Collapse -
Study Planner "SPL_CFG[dirroot]" Parameter Handling Remote F
by Marianna Schmudlach / March 22, 2007 1:35 AM PDT

Study Planner "SPL_CFG[dirroot]" Parameter Handling Remote File Inclusion Vulnerability

Advisory ID : FrSIRT/ADV-2007-1069
CVE ID : GENERIC-MAP-NOMATCH
Rated as : High Risk
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-03-22
Technical Description

A vulnerability has been identified in Study Planner (splanner), which may be exploited by attackers to execute arbitrary commands. This issue is due to an input validation error in the "inc/service.alert.inc.php" script that does not validate the "SPL_CFG[dirroot]" variable, which could be exploited by remote attackers to include malicious scripts and execute arbitrary commands with the privileges of the web server.

Affected Products

Study Planner (splanner) version 0.15 and prior

Solution

The FrSIRT is not aware of any official supplied patch for this issue.

References

http://www.frsirt.com/english/advisories/2007/1069

Credits

Vulnerability reported by M.Hasran Addahroni

Popular Forums
icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

GIVEAWAY

Turn up the volume with our Apple Byte sweeps!

Two lucky winners will take home the coveted smart speaker that lets Siri help you around your connected house. This sweepstake ends Feb. 25, 2018.