Release Date : 2010-08-31
Criticality level : Moderately critical
Impact : Hijacking
Cross Site Scripting
Where : From remote
Solution Status : Vendor Patch
Operating System: Fedora 12
Fedora 13
Description:
Fedora has issued an update for php-pear-CAS. This fixes multiple vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks and malicious users to hijack another user's session.
Solution:
Apply updated packages using the yum utility ("yum update php-pear-CAS").
Original Advisory:
FEDORA-2010-12247:
http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046584.html
FEDORA-2010-12258:
http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046576.html
http://secunia.com/advisories/41240/
Reply 1 : VULNERABILITIES / FIXES - August 31, 2010
Release Date : 2010-08-31
Criticality level : Moderately critical
Impact : DoS
System access
Where : From remote
Solution Status : Vendor Patch
Operating System: Fedora 12
Fedora 13
Description:
Fedora has issued an update for bogofilter. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
Solution:
Apply updated packages using the yum utility ("yum update bogofilter").
Original Advisory:
FEDORA-2010-13154:
http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046590.html
FEDORA-2010-13139:
http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046558.html
http://secunia.com/advisories/41239/
Criticality level : Moderately critical
Impact : DoS
System access
Where : From remote
Solution Status : Vendor Patch
Operating System: Fedora 12
Fedora 13
Description:
Fedora has issued an update for bogofilter. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
Solution:
Apply updated packages using the yum utility ("yum update bogofilter").
Original Advisory:
FEDORA-2010-13154:
http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046590.html
FEDORA-2010-13139:
http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046558.html
http://secunia.com/advisories/41239/
Reply 2 : VULNERABILITIES / FIXES - August 31, 2010
Release Date : 2010-08-31
Criticality level : Less critical
Impact : DoS
Privilege escalation
Where : Local system
Solution Status : Vendor Patch
Operating System: Red Hat Enterprise Linux 5 (Server)
Red Hat Enterprise Linux Desktop 5
Description:
Red Hat has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and gain escalated privileges.
1) An error within the GFS2 file system when handing certain rename operations can be exploited to cause a kernel crash.
Note: This only affects Red Hat Enterprise Linux EUS (v. 5.3.z server).
Solution:
Updated packages are available from Red Hat Network.
Provided and/or discovered by:
1) Red Hat credits Grant Diffey, CenITex
Original Advisory:
RHSA-2010-0660:
https://rhn.redhat.com/errata/RHSA-2010-0660.html
RHSA-2010-0661:
https://rhn.redhat.com/errata/RHSA-2010-0661.html
http://secunia.com/advisories/41195/
Criticality level : Less critical
Impact : DoS
Privilege escalation
Where : Local system
Solution Status : Vendor Patch
Operating System: Red Hat Enterprise Linux 5 (Server)
Red Hat Enterprise Linux Desktop 5
Description:
Red Hat has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and gain escalated privileges.
1) An error within the GFS2 file system when handing certain rename operations can be exploited to cause a kernel crash.
Note: This only affects Red Hat Enterprise Linux EUS (v. 5.3.z server).
Solution:
Updated packages are available from Red Hat Network.
Provided and/or discovered by:
1) Red Hat credits Grant Diffey, CenITex
Original Advisory:
RHSA-2010-0660:
https://rhn.redhat.com/errata/RHSA-2010-0660.html
RHSA-2010-0661:
https://rhn.redhat.com/errata/RHSA-2010-0661.html
http://secunia.com/advisories/41195/
Reply 3 : VULNERABILITIES / FIXES - August 31, 2010
Release Date : 2010-08-31
Criticality level : Moderately critical
Impact : DoS
System access
Where : From remote
Solution Status : Vendor Patch
Operating System: Debian GNU/Linux 5.0
Description:
Debian has issued an update for openssl. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library.
Solution:
Apply updated packages.
Original Advisory:
DSA 2100-1:
http://lists.debian.org/debian-security-announce/2010/msg00146.html
http://secunia.com/advisories/41105/
Criticality level : Moderately critical
Impact : DoS
System access
Where : From remote
Solution Status : Vendor Patch
Operating System: Debian GNU/Linux 5.0
Description:
Debian has issued an update for openssl. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library.
Solution:
Apply updated packages.
Original Advisory:
DSA 2100-1:
http://lists.debian.org/debian-security-announce/2010/msg00146.html
http://secunia.com/advisories/41105/
Reply 4 : VULNERABILITIES / FIXES - August 31, 2010
Joomla! PicSell Component "dflink" File Disclosure Vulnerability
Release Date : 2010-08-31
Criticality level : Moderately critical
Impact : Exposure of system information
Exposure of sensitive information
Where : From remote
Solution Status : Unpatched
Software: PicSell 1.x (component for Joomla!)
Description:
A vulnerability has been reported in the PicSell component for Joomla!, which can be exploited by malicious people to disclose sensitive information.
Input passed via the "dflink" parameter to index.php (when "option" is set to "com_picsell", "controller" is set to "prevsell", and "task" is set to "dwnfree") is not properly verified before being used to read files. This can be exploited to download arbitrary files from local resources via directory traversal sequences.
The vulnerability is reported in version 1.0. Other versions may also be affected.
Solution:
Edit the source code to ensure that input is properly verified.
http://secunia.com/advisories/41187/
Release Date : 2010-08-31
Criticality level : Moderately critical
Impact : Exposure of system information
Exposure of sensitive information
Where : From remote
Solution Status : Unpatched
Software: PicSell 1.x (component for Joomla!)
Description:
A vulnerability has been reported in the PicSell component for Joomla!, which can be exploited by malicious people to disclose sensitive information.
Input passed via the "dflink" parameter to index.php (when "option" is set to "com_picsell", "controller" is set to "prevsell", and "task" is set to "dwnfree") is not properly verified before being used to read files. This can be exploited to download arbitrary files from local resources via directory traversal sequences.
The vulnerability is reported in version 1.0. Other versions may also be affected.
Solution:
Edit the source code to ensure that input is properly verified.
http://secunia.com/advisories/41187/
Reply 5 : VULNERABILITIES / FIXES - August 31, 2010
Release Date : 2010-08-31
Criticality level : Highly critical
Impact : System access
Where : From remote
Solution Status : Unpatched
Software: WinImage 8.x
Description:
A vulnerability has been discovered in WinImage, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to the application loading libraries (e.g. wnaspi32.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening an .imz file located on a remote WebDAV or SMB share.
Successful exploitation allows execution of arbitrary code.
The vulnerability is reported in version 8.0.0.8000 and confirmed in version 8.50 for Windows. Other versions may also be affected.
Solution:
Do not open untrusted files.
Original Advisory:
http://www.corelan.be:8800/index.php/2010/08/25/dll-hijacking-kb-2269637-the-unofficial-list/
http://secunia.com/advisories/41225/
Criticality level : Highly critical
Impact : System access
Where : From remote
Solution Status : Unpatched
Software: WinImage 8.x
Description:
A vulnerability has been discovered in WinImage, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to the application loading libraries (e.g. wnaspi32.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening an .imz file located on a remote WebDAV or SMB share.
Successful exploitation allows execution of arbitrary code.
The vulnerability is reported in version 8.0.0.8000 and confirmed in version 8.50 for Windows. Other versions may also be affected.
Solution:
Do not open untrusted files.
Original Advisory:
http://www.corelan.be:8800/index.php/2010/08/25/dll-hijacking-kb-2269637-the-unofficial-list/
http://secunia.com/advisories/41225/
Reply 6 : VULNERABILITIES / FIXES - August 31, 2010
Release Date : 2010-08-31
Criticality level : Less critical
Impact : System access
Where : From remote
Solution Status : Unpatched
Software: Virtual DJ 6.x
Description:
A vulnerability has been discovered in Virtual DJ, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to the application loading libraries (e.g. HDJAPI.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening an MP3 file located on a remote WebDAV or SMB share.
Successful exploitation allows execution of arbitrary code.
The vulnerability is confirmed in version 6.1.2 (Trial b301) for Windows. Other versions may also be affected.
Solution:
Do not open untrusted files.
Provided and/or discovered by:
Peter Van Eeckhoutte
Original Advisory:
http://www.corelan.be:8800/index.php/2010/08/25/dll-hijacking-kb-2269637-the-unofficial-list/
http://secunia.com/advisories/41115/
Criticality level : Less critical
Impact : System access
Where : From remote
Solution Status : Unpatched
Software: Virtual DJ 6.x
Description:
A vulnerability has been discovered in Virtual DJ, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to the application loading libraries (e.g. HDJAPI.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening an MP3 file located on a remote WebDAV or SMB share.
Successful exploitation allows execution of arbitrary code.
The vulnerability is confirmed in version 6.1.2 (Trial b301) for Windows. Other versions may also be affected.
Solution:
Do not open untrusted files.
Provided and/or discovered by:
Peter Van Eeckhoutte
Original Advisory:
http://www.corelan.be:8800/index.php/2010/08/25/dll-hijacking-kb-2269637-the-unofficial-list/
http://secunia.com/advisories/41115/
Reply 7 : VULNERABILITIES / FIXES - August 31, 2010
Release Date : 2010-08-31
Criticality level : Highly critical
Impact : System access
Where : From remote
Solution Status : Unpatched
Software: Apple QuickTime 7.x
Description:
Ruben Santamarta has discovered a vulnerability in Apple QuickTime, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to the QuickTime ActiveX control (QTPlugin.ocx) using a value passed in the "_Marshaled_pUnk" parameter as a pointer.
Successful exploitation allows execution of arbitrary code.
The vulnerability is confirmed in version 7.6.7 (1675). Other versions may also be affected.
Solution:
Set the kill-bit for the affected ActiveX control.
Provided and/or discovered by:
Ruben Santamarta
Original Advisory:
http://www.reversemode.com/index.php?option=com_content&task=view&id=69&Itemid=1
http://secunia.com/advisories/41213/
Criticality level : Highly critical
Impact : System access
Where : From remote
Solution Status : Unpatched
Software: Apple QuickTime 7.x
Description:
Ruben Santamarta has discovered a vulnerability in Apple QuickTime, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to the QuickTime ActiveX control (QTPlugin.ocx) using a value passed in the "_Marshaled_pUnk" parameter as a pointer.
Successful exploitation allows execution of arbitrary code.
The vulnerability is confirmed in version 7.6.7 (1675). Other versions may also be affected.
Solution:
Set the kill-bit for the affected ActiveX control.
Provided and/or discovered by:
Ruben Santamarta
Original Advisory:
http://www.reversemode.com/index.php?option=com_content&task=view&id=69&Itemid=1
http://secunia.com/advisories/41213/
Reply 8 : VULNERABILITIES / FIXES - August 31, 2010
Network Security Services Certificate IP Address Wildcard Matching Vulnerability
Release Date : 2010-08-31
Criticality level : Less critical
Impact : Spoofing
Where : From remote
Solution Status : Vendor Workaround
Software: Network Security Services (NSS) 3.x
Description:
A vulnerability has been reported in Network Security Services (NSS), which can be exploited by malicious people to conduct spoofing attacks.
The vulnerability is caused due to the library incorrectly allowing wildcards when verifying certificates using IP addresses, which can be exploited to conduct spoofing attacks.
The vulnerability is reported in version 3.12.6. Other versions may also be affected.
Solution:
Fixed in the CVS repository.
Original Advisory:
Westpoint Limited:
http://www.westpoint.ltd.uk/advisories/wp-10-0001.txt
Mozilla:
https://bugzilla.mozilla.org/show_bug.cgi?id=578697
http://secunia.com/advisories/41237/
Release Date : 2010-08-31
Criticality level : Less critical
Impact : Spoofing
Where : From remote
Solution Status : Vendor Workaround
Software: Network Security Services (NSS) 3.x
Description:
A vulnerability has been reported in Network Security Services (NSS), which can be exploited by malicious people to conduct spoofing attacks.
The vulnerability is caused due to the library incorrectly allowing wildcards when verifying certificates using IP addresses, which can be exploited to conduct spoofing attacks.
The vulnerability is reported in version 3.12.6. Other versions may also be affected.
Solution:
Fixed in the CVS repository.
Original Advisory:
Westpoint Limited:
http://www.westpoint.ltd.uk/advisories/wp-10-0001.txt
Mozilla:
https://bugzilla.mozilla.org/show_bug.cgi?id=578697
http://secunia.com/advisories/41237/
Reply 9 : VULNERABILITIES / FIXES - August 31, 2010
Release Date : 2010-08-31
Criticality level : Moderately critical
Impact : System access
Where : From remote
Solution Status : Unpatched
Operating System: Novell NetWare 6.x
Description:
A vulnerability has been reported in Novell NetWare, which can be exploited by malicious users to potentially compromise a vulnerable system.
The vulnerability is caused due to a boundary error in SSHD.NLM and SFTP-SVR.NLM when handling user sessions and can be exploited to cause a stack-based buffer overflow via an overly long (greater than 512 characters) absolute path string.
Successful exploitation may allow execution of arbitrary code.
The vulnerability is reported in NetWare 6.5.
Solution:
Restrict access to OpenSSH to trusted users only.
Original Advisory:
Novell:
http://www.novell.com/support/viewContent.do?externalId=7006756
http://secunia.com/advisories/41180/
Criticality level : Moderately critical
Impact : System access
Where : From remote
Solution Status : Unpatched
Operating System: Novell NetWare 6.x
Description:
A vulnerability has been reported in Novell NetWare, which can be exploited by malicious users to potentially compromise a vulnerable system.
The vulnerability is caused due to a boundary error in SSHD.NLM and SFTP-SVR.NLM when handling user sessions and can be exploited to cause a stack-based buffer overflow via an overly long (greater than 512 characters) absolute path string.
Successful exploitation may allow execution of arbitrary code.
The vulnerability is reported in NetWare 6.5.
Solution:
Restrict access to OpenSSH to trusted users only.
Original Advisory:
Novell:
http://www.novell.com/support/viewContent.do?externalId=7006756
http://secunia.com/advisories/41180/
Reply 10 : VULNERABILITIES / FIXES - August 31, 2010
Mozilla Firefox NSS Certificate IP Address Wildcard Matching Vulnerability
Release Date : 2010-08-31
Criticality level : Less critical
Impact : Spoofing
Where : From remote
Solution Status : Unpatched
Software: Mozilla Firefox 3.5.x
Mozilla Firefox 3.6.x
Description:
A vulnerability has been reported in Mozilla Firefox, which can be exploited by malicious people to conduct spoofing attacks.
The vulnerability is caused due to the use of vulnerable Network Security Services (NSS) code.
Solution:
Reportedly, this will be fixed in the Firefox versions after 3.6.9 and 3.5.12.
Original Advisory:
Westpoint Limited:
http://www.westpoint.ltd.uk/advisories/wp-10-0001.txt
http://secunia.com/advisories/41244/
Release Date : 2010-08-31
Criticality level : Less critical
Impact : Spoofing
Where : From remote
Solution Status : Unpatched
Software: Mozilla Firefox 3.5.x
Mozilla Firefox 3.6.x
Description:
A vulnerability has been reported in Mozilla Firefox, which can be exploited by malicious people to conduct spoofing attacks.
The vulnerability is caused due to the use of vulnerable Network Security Services (NSS) code.
Solution:
Reportedly, this will be fixed in the Firefox versions after 3.6.9 and 3.5.12.
Original Advisory:
Westpoint Limited:
http://www.westpoint.ltd.uk/advisories/wp-10-0001.txt
http://secunia.com/advisories/41244/
Reply 11 : VULNERABILITIES / FIXES - August 31, 2010
Release Date : 2010-08-31
Criticality level : Less critical
Impact : Cross Site Scripting
Where : From remote
Solution Status : Vendor Patch
Software: Moo moobbs 1.x
Moo moobbs2 1.x
Description:
A vulnerability has been reported in two Moo products, which can be exploited by malicious people to conduct cross-site scripting attacks.
Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
The vulnerability is reported in:
* Moo moobbs versions 1.02 and prior
* Moo moobbs2 versions 1.02 and prior
Solution:
Update to version 1.03.
Original Advisory:
Moo:
http://common1.biz/cgi_bug.html
JVN:
http://jvn.jp/en/jp/JVN24423311/index.html
http://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000033.html
http://jvn.jp/en/jp/JVN75101998/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2010-000034
http://secunia.com/advisories/41179/
Criticality level : Less critical
Impact : Cross Site Scripting
Where : From remote
Solution Status : Vendor Patch
Software: Moo moobbs 1.x
Moo moobbs2 1.x
Description:
A vulnerability has been reported in two Moo products, which can be exploited by malicious people to conduct cross-site scripting attacks.
Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
The vulnerability is reported in:
* Moo moobbs versions 1.02 and prior
* Moo moobbs2 versions 1.02 and prior
Solution:
Update to version 1.03.
Original Advisory:
Moo:
http://common1.biz/cgi_bug.html
JVN:
http://jvn.jp/en/jp/JVN24423311/index.html
http://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000033.html
http://jvn.jp/en/jp/JVN75101998/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2010-000034
http://secunia.com/advisories/41179/
Reply 12 : VULNERABILITIES / FIXES - August 31, 2010
Release Date : 2010-08-31
Criticality level : Less critical
Impact : Cross Site Scripting
Where : From remote
Solution Status : Vendor Patch
Software: phpMyAdmin 3.x
Description:
A vulnerability has been reported in phpMyAdmin, which can be exploited by malicious people to conduct cross-site scripting attacks.
Certain unspecified input is not properly sanitised before being returned to the user via debug messages in a backtrace. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
The vulnerability is reported in versions prior to 3.3.6.
Solution:
Update to version 3.3.6.
Original Advisory:
PMASA-2010-6:
http://www.phpmyadmin.net/home_page/security/PMASA-2010-6.php
http://secunia.com/advisories/41206/
Criticality level : Less critical
Impact : Cross Site Scripting
Where : From remote
Solution Status : Vendor Patch
Software: phpMyAdmin 3.x
Description:
A vulnerability has been reported in phpMyAdmin, which can be exploited by malicious people to conduct cross-site scripting attacks.
Certain unspecified input is not properly sanitised before being returned to the user via debug messages in a backtrace. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
The vulnerability is reported in versions prior to 3.3.6.
Solution:
Update to version 3.3.6.
Original Advisory:
PMASA-2010-6:
http://www.phpmyadmin.net/home_page/security/PMASA-2010-6.php
http://secunia.com/advisories/41206/
Reply 13 : VULNERABILITIES / FIXES - August 31, 2010
Joomla! JE FAQ Pro Component "catid" SQL Injection Vulnerability
Release Date : 2010-08-31
Criticality level : Moderately critical
Impact : Manipulation of data
Where : From remote
Solution Status : Unpatched
Software: JE FAQ Pro 1.x (component for Joomla!)
Description:
A vulnerability has been reported in the JE FAQ Pro component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks.
Input passed via the "catid" parameter to index.php (when e.g. "option" is set to "com_jefaqpro", "view" is set to "category", and "layout" is set to "categorylist") is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
The vulnerability is reported in version 1.5.0. Other versions may also be affected.
Solution:
Edit the source code to ensure that input is properly sanitised.
http://secunia.com/advisories/41078/
Release Date : 2010-08-31
Criticality level : Moderately critical
Impact : Manipulation of data
Where : From remote
Solution Status : Unpatched
Software: JE FAQ Pro 1.x (component for Joomla!)
Description:
A vulnerability has been reported in the JE FAQ Pro component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks.
Input passed via the "catid" parameter to index.php (when e.g. "option" is set to "com_jefaqpro", "view" is set to "category", and "layout" is set to "categorylist") is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
The vulnerability is reported in version 1.5.0. Other versions may also be affected.
Solution:
Edit the source code to ensure that input is properly sanitised.
http://secunia.com/advisories/41078/
Reply 14 : VULNERABILITIES / FIXES - August 31, 2010
Release Date : 2010-08-31
Criticality level : Highly critical
Impact : System access
Where : From remote
Solution Status : Unpatched
Software: IsoBuster 2.x
Description:
A vulnerability has been discovered in IsoBuster, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to the application loading libraries (e.g. wnaspi32.dll, ntaspi32.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening an IMG file located on a remote WebDAV or SMB share.
Successful exploitation allows execution of arbitrary code.
The vulnerability is confirmed in version 2.8. Other versions may also be affected.
Solution:
Do not open untrusted files.
Provided and/or discovered by:
Mr Teatime
http://secunia.com/advisories/41243/
Criticality level : Highly critical
Impact : System access
Where : From remote
Solution Status : Unpatched
Software: IsoBuster 2.x
Description:
A vulnerability has been discovered in IsoBuster, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to the application loading libraries (e.g. wnaspi32.dll, ntaspi32.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening an IMG file located on a remote WebDAV or SMB share.
Successful exploitation allows execution of arbitrary code.
The vulnerability is confirmed in version 2.8. Other versions may also be affected.
Solution:
Do not open untrusted files.
Provided and/or discovered by:
Mr Teatime
http://secunia.com/advisories/41243/
Reply 15 : VULNERABILITIES / FIXES - August 31, 2010
Release Date : 2010-08-31
Criticality level : Highly critical
Impact : System access
Where : From remote
Solution Status : Unpatched
Software: Sophos Free Encryption 2.x
Description:
A vulnerability has been discovered in Sophos Free Encryption, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to the application loading libraries (e.g. pcrypt0406.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening a UTI file located on a remote WebDAV or SMB share.
Successful exploitation allows execution of arbitrary code.
The vulnerability is confirmed in version 2.40.1.1. Other versions may also be affected.
Solution:
Do not open untrusted files.
Provided and/or discovered by:
Parvez Anwar via Secunia
http://secunia.com/advisories/41209/
Criticality level : Highly critical
Impact : System access
Where : From remote
Solution Status : Unpatched
Software: Sophos Free Encryption 2.x
Description:
A vulnerability has been discovered in Sophos Free Encryption, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to the application loading libraries (e.g. pcrypt0406.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening a UTI file located on a remote WebDAV or SMB share.
Successful exploitation allows execution of arbitrary code.
The vulnerability is confirmed in version 2.40.1.1. Other versions may also be affected.
Solution:
Do not open untrusted files.
Provided and/or discovered by:
Parvez Anwar via Secunia
http://secunia.com/advisories/41209/
Reply 16 : VULNERABILITIES / FIXES - August 31, 2010
Hitachi JP1/Desktop Navigation Denial of Service Vulnerability
Release Date : 2010-08-31
Criticality level : Less critical
Impact : DoS
Where : From local network
Solution Status : Vendor Patch
Software: Hitachi JP1/Desktop Navigation
Description:
A vulnerability has been reported in Hitachi JP1/Desktop Navigation, which can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to an unspecified error while processing unexpected data when running the application in a cluster environment. This can be exploited to stop the embedded database abnormally and disrupt management server services.
The vulnerability is reported in versions 01-00 and 01-01 through 01-01-01.
Solution:
Update to version 01-01-02.
Original Advisory:
HS10-023:
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS10-023/index.html
http://secunia.com/advisories/41246/
Release Date : 2010-08-31
Criticality level : Less critical
Impact : DoS
Where : From local network
Solution Status : Vendor Patch
Software: Hitachi JP1/Desktop Navigation
Description:
A vulnerability has been reported in Hitachi JP1/Desktop Navigation, which can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to an unspecified error while processing unexpected data when running the application in a cluster environment. This can be exploited to stop the embedded database abnormally and disrupt management server services.
The vulnerability is reported in versions 01-00 and 01-01 through 01-01-01.
Solution:
Update to version 01-01-02.
Original Advisory:
HS10-023:
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS10-023/index.html
http://secunia.com/advisories/41246/
Reply 17 : VULNERABILITIES / FIXES - August 31, 2010
Hitachi JP1/ServerConductor/Control Manager Denial of Service Vulnerability
Release Date : 2010-08-31
Criticality level : Less critical
Impact : DoS
Where : From local network
Solution Status : Vendor Patch
Software: Hitachi JP1/ServerConductor/Control Manager
Description:
A vulnerability has been reported in Hitachi JP1/ServerConductor/Control Manager, which can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to an unspecified error while processing unexpected data and can be exploited to disrupt some services.
Please see the vendor's advisory for information on affected versions.
Solution:
Apply patches. Please see the vendor's advisory for more details.
Original Advisory:
HS10-018:
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS10-018/index.html
http://secunia.com/advisories/41251/
Release Date : 2010-08-31
Criticality level : Less critical
Impact : DoS
Where : From local network
Solution Status : Vendor Patch
Software: Hitachi JP1/ServerConductor/Control Manager
Description:
A vulnerability has been reported in Hitachi JP1/ServerConductor/Control Manager, which can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to an unspecified error while processing unexpected data and can be exploited to disrupt some services.
Please see the vendor's advisory for information on affected versions.
Solution:
Apply patches. Please see the vendor's advisory for more details.
Original Advisory:
HS10-018:
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS10-018/index.html
http://secunia.com/advisories/41251/
Reply 18 : VULNERABILITIES / FIXES - August 31, 2010
Release Date : 2010-08-31
Criticality level : Moderately critical
Impact : DoS
Where : From remote
Solution Status : Vendor Patch
Software: Cosminexus 6.x
uCosminexus Developer
uCosminexus DocumentBroker
uCosminexus Navigation Platform
uCosminexus Reporting Base
uCosminexus Service Architect
uCosminexus SI Navigation System
Description:
A vulnerability has been reported in Hitachi Cosminexus products, which can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to an unspecified error while processing unexpected data and can be exploited to disrupt some services.
Please see the vendor's advisory for the list of affected products.
Solution:
Apply patches. Please see the vendor's advisory for more details.
Original Advisory:
HS10-017:
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS10-017/index.html
http://secunia.com/advisories/41252/
Criticality level : Moderately critical
Impact : DoS
Where : From remote
Solution Status : Vendor Patch
Software: Cosminexus 6.x
uCosminexus Developer
uCosminexus DocumentBroker
uCosminexus Navigation Platform
uCosminexus Reporting Base
uCosminexus Service Architect
uCosminexus SI Navigation System
Description:
A vulnerability has been reported in Hitachi Cosminexus products, which can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to an unspecified error while processing unexpected data and can be exploited to disrupt some services.
Please see the vendor's advisory for the list of affected products.
Solution:
Apply patches. Please see the vendor's advisory for more details.
Original Advisory:
HS10-017:
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS10-017/index.html
http://secunia.com/advisories/41252/
Reply 19 : VULNERABILITIES / FIXES - August 31, 2010
Hitachi JP1/Automatic Job Management System Denial of Service Vulnerability
Release Date : 2010-08-31
Criticality level : Less critical
Impact : DoS
Where : From local network
Solution Status : Vendor Patch
Software: Hitachi JP1/Automatic Job Management System
Description:
A vulnerability has been reported in JP1/Automatic Job Management System, which can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to an unspecified error while processing unexpected data and can be exploited to disrupt some services.
Please see the vendor's advisory for information on affected versions.
Solution:
Apply patches. Please see the vendor's advisory for more details.
Original Advisory:
HS10-019:
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS10-019/index.html
http://secunia.com/advisories/41250/
Release Date : 2010-08-31
Criticality level : Less critical
Impact : DoS
Where : From local network
Solution Status : Vendor Patch
Software: Hitachi JP1/Automatic Job Management System
Description:
A vulnerability has been reported in JP1/Automatic Job Management System, which can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to an unspecified error while processing unexpected data and can be exploited to disrupt some services.
Please see the vendor's advisory for information on affected versions.
Solution:
Apply patches. Please see the vendor's advisory for more details.
Original Advisory:
HS10-019:
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS10-019/index.html
http://secunia.com/advisories/41250/
Reply 20 : VULNERABILITIES / FIXES - August 31, 2010
Hitachi JP1/Integrated Management Denial of Service Vulnerability
Release Date : 2010-08-31
Criticality level : Less critical
Impact : DoS
Where : From remote
Solution Status : Vendor Patch
Software: Hitachi JP1/Integrated Management (IM)
Description:
A vulnerability has been reported in Hitachi JP1/Integrated Management, which can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to an unspecified error while processing unexpected data and can be exploited to disrupt some services.
Please see the vendor's advisory for list of affected products.
Solution:
Apply patches. Please see the vendor's advisory for more details.
Original Advisory:
HS10-021:
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS10-021/index.html
http://secunia.com/advisories/41248/
Release Date : 2010-08-31
Criticality level : Less critical
Impact : DoS
Where : From remote
Solution Status : Vendor Patch
Software: Hitachi JP1/Integrated Management (IM)
Description:
A vulnerability has been reported in Hitachi JP1/Integrated Management, which can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to an unspecified error while processing unexpected data and can be exploited to disrupt some services.
Please see the vendor's advisory for list of affected products.
Solution:
Apply patches. Please see the vendor's advisory for more details.
Original Advisory:
HS10-021:
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS10-021/index.html
http://secunia.com/advisories/41248/
Reply 21 : VULNERABILITIES / FIXES - August 31, 2010
Hitachi JP1/Performance Management Denial of Service Vulnerability
Release Date : 2010-08-31
Criticality level : Moderately critical
Impact : DoS
Where : From remote
Solution Status : Vendor Patch
Software: Hitachi JP1/Performance Management (PFM)
Description:
A vulnerability has been reported in Hitachi JP1/Performance Management, which can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to an unspecified error while processing unexpected data and can be exploited to disrupt some services.
Please see the vendor's advisory for the list of affected products.
Solution:
Apply patches. Please see the vendor's advisory for more details.
Original Advisory:
HS10-020:
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS10-020/index.html
http://secunia.com/advisories/41249/
Release Date : 2010-08-31
Criticality level : Moderately critical
Impact : DoS
Where : From remote
Solution Status : Vendor Patch
Software: Hitachi JP1/Performance Management (PFM)
Description:
A vulnerability has been reported in Hitachi JP1/Performance Management, which can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to an unspecified error while processing unexpected data and can be exploited to disrupt some services.
Please see the vendor's advisory for the list of affected products.
Solution:
Apply patches. Please see the vendor's advisory for more details.
Original Advisory:
HS10-020:
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS10-020/index.html
http://secunia.com/advisories/41249/
Reply 22 : VULNERABILITIES / FIXES - August 31, 2010
Release Date : 2010-08-31
Criticality level : Less critical
Impact : DoS
Where : From local network
Solution Status : Vendor Patch
Software: Hitachi JP1/Asset Information Manager
Hitachi JP1/NETM/Audit - Manager
Hitachi JP1/NETM/DM Manager
Hitachi JP1/Software Distribution Manager
Description:
A vulnerability has been reported in various Hitachi JP1 products, which can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to an unspecified error while processing unexpected data and can be exploited to disrupt some services.
Please see the vendor's advisory for the list of affected products.
Solution:
Apply patches. Please see the vendor's advisory for more details.
Original Advisory:
HS10-022:
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS10-022/index.html
http://secunia.com/advisories/41247/
Criticality level : Less critical
Impact : DoS
Where : From local network
Solution Status : Vendor Patch
Software: Hitachi JP1/Asset Information Manager
Hitachi JP1/NETM/Audit - Manager
Hitachi JP1/NETM/DM Manager
Hitachi JP1/Software Distribution Manager
Description:
A vulnerability has been reported in various Hitachi JP1 products, which can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to an unspecified error while processing unexpected data and can be exploited to disrupt some services.
Please see the vendor's advisory for the list of affected products.
Solution:
Apply patches. Please see the vendor's advisory for more details.
Original Advisory:
HS10-022:
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS10-022/index.html
http://secunia.com/advisories/41247/
Reply 23 : VULNERABILITIES / FIXES - August 31, 2010
Hitachi Storage Command Suite Denial of Service Vulnerability
Release Date : 2010-08-31
Criticality level : Less critical
Impact : DoS
Where : From local network
Solution Status : Vendor Patch
Software: Hitachi Device Manager Software 6.x
Hitachi Global Link Manager 6.x
Hitachi JP1/HiCommand DeviceManager
Hitachi JP1/HiCommand Global Link Availability Manager
Hitachi JP1/HiCommand Replication Monitor
Hitachi JP1/HiCommand Tiered Storage Manager
Hitachi JP1/HiCommand Tuning Manager
Hitachi Tuning Manager
Description:
A vulnerability has been reported in Hitachi Storage Command Suite, which can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to an unspecified error while processing unexpected data. This can be exploited to stop the embedded database abnormally and disrupt some services.
Please see the vendor's advisory for a list of affected products.
Solution:
Update to a fixed version. Please see the vendor's advisory for details.
Original Advisory:
HS10-024:
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS10-024/index.html
http://secunia.com/advisories/41182/
Release Date : 2010-08-31
Criticality level : Less critical
Impact : DoS
Where : From local network
Solution Status : Vendor Patch
Software: Hitachi Device Manager Software 6.x
Hitachi Global Link Manager 6.x
Hitachi JP1/HiCommand DeviceManager
Hitachi JP1/HiCommand Global Link Availability Manager
Hitachi JP1/HiCommand Replication Monitor
Hitachi JP1/HiCommand Tiered Storage Manager
Hitachi JP1/HiCommand Tuning Manager
Hitachi Tuning Manager
Description:
A vulnerability has been reported in Hitachi Storage Command Suite, which can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to an unspecified error while processing unexpected data. This can be exploited to stop the embedded database abnormally and disrupt some services.
Please see the vendor's advisory for a list of affected products.
Solution:
Update to a fixed version. Please see the vendor's advisory for details.
Original Advisory:
HS10-024:
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS10-024/index.html
http://secunia.com/advisories/41182/
Reply 24 : VULNERABILITIES / FIXES - August 31, 2010
Release Date : 2010-08-31
Criticality level : Not critical
Impact : Exposure of sensitive information
Where : Local system
Solution Status : Vendor Workaround
Operating System: Linux Kernel 2.6.x
Description:
A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users to disclose potentially sensitive information.
The vulnerability is caused due to wireless drivers potentially copying more kernel heap memory to userspace than intended, which can be exploited to disclose potentially sensitive information by e.g. sending a specially crafted "SIOCGIWESSID" IOCTL.
Solution:
Fixed in the wireless-testing GIT repository.
Provided and/or discovered by:
Reported as a grsecurity bug by jubidu. Additional information provided by Brad Spengler and the vendor.
Original Advisory:
Jubidu:
http://forums.grsecurity.net/viewtopic.php?f=3&t=2290&start=0
http://lkml.org/lkml/2010/8/30/127
http://secunia.com/advisories/41245/
Criticality level : Not critical
Impact : Exposure of sensitive information
Where : Local system
Solution Status : Vendor Workaround
Operating System: Linux Kernel 2.6.x
Description:
A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users to disclose potentially sensitive information.
The vulnerability is caused due to wireless drivers potentially copying more kernel heap memory to userspace than intended, which can be exploited to disclose potentially sensitive information by e.g. sending a specially crafted "SIOCGIWESSID" IOCTL.
Solution:
Fixed in the wireless-testing GIT repository.
Provided and/or discovered by:
Reported as a grsecurity bug by jubidu. Additional information provided by Brad Spengler and the vendor.
Original Advisory:
Jubidu:
http://forums.grsecurity.net/viewtopic.php?f=3&t=2290&start=0
http://lkml.org/lkml/2010/8/30/127
http://secunia.com/advisories/41245/
Reply 25 : VULNERABILITIES / FIXES - August 31, 2010
Release Date : 2010-08-31
Criticality level : Less critical
Impact : System access
Where : From remote
Solution Status : Unpatched
Software: QtWeb Browser 3.x
Description:
A vulnerability has been discovered in QtWeb Browser, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to the application loading libraries (e.g. wintab32.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening an HTML file located on a remote WebDAV or SMB share.
Successful exploitation allows execution of arbitrary code.
The vulnerability is confirmed in version 3.3 (build 043) for Windows. Other versions may also be affected.
Solution:
Do not open untrusted files.
Provided and/or discovered by:
Aung Khant, YGN Ethical Hacker Group.
Original Advisory:
http://archives.neohapsis.com/archives/fulldisclosure/2010-08/0386.html
http://secunia.com/advisories/41201/
Criticality level : Less critical
Impact : System access
Where : From remote
Solution Status : Unpatched
Software: QtWeb Browser 3.x
Description:
A vulnerability has been discovered in QtWeb Browser, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to the application loading libraries (e.g. wintab32.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening an HTML file located on a remote WebDAV or SMB share.
Successful exploitation allows execution of arbitrary code.
The vulnerability is confirmed in version 3.3 (build 043) for Windows. Other versions may also be affected.
Solution:
Do not open untrusted files.
Provided and/or discovered by:
Aung Khant, YGN Ethical Hacker Group.
Original Advisory:
http://archives.neohapsis.com/archives/fulldisclosure/2010-08/0386.html
http://secunia.com/advisories/41201/
Reply 26 : VULNERABILITIES / FIXES - August 31, 2010
Release Date : 2010-08-31
Criticality level : Highly critical
Impact : System access
Where : From remote
Solution Status : Unpatched
Software: UltraISO 9.x
Description:
A vulnerability has been discovered in UltraISO, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to the application loading libraries (e.g. daemon.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening a ISO file located on a remote WebDAV or SMB share.
Successful exploitation allows execution of arbitrary code.
The vulnerability is confirmed in version 9.3.6.2750. Other versions may also be affected.
Solution:
Do not open untrusted files.
Provided and/or discovered by:
Peter Van Eeckhoutte
Original Advisory:
http://www.corelan.be:8800/index.php/2010/08/25/dll-hijacking-kb-2269637-the-unofficial-list/
http://secunia.com/advisories/41227/
Criticality level : Highly critical
Impact : System access
Where : From remote
Solution Status : Unpatched
Software: UltraISO 9.x
Description:
A vulnerability has been discovered in UltraISO, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to the application loading libraries (e.g. daemon.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening a ISO file located on a remote WebDAV or SMB share.
Successful exploitation allows execution of arbitrary code.
The vulnerability is confirmed in version 9.3.6.2750. Other versions may also be affected.
Solution:
Do not open untrusted files.
Provided and/or discovered by:
Peter Van Eeckhoutte
Original Advisory:
http://www.corelan.be:8800/index.php/2010/08/25/dll-hijacking-kb-2269637-the-unofficial-list/
http://secunia.com/advisories/41227/
Reply 27 : VULNERABILITIES / FIXES - August 31, 2010
Release Date : 2010-08-31
Criticality level : Highly critical
Impact : System access
Where : From remote
Solution Status : Unpatched
Software: SiSoftware Sandra 2010 16.x
Description:
A vulnerability has been discovered in SiSoftware Sandra, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to the application loading libraries (e.g. dwmapi.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening a SiSoftware Sandra Script (.sis) located on a remote WebDAV or SMB share.
Successful exploitation allows execution of arbitrary code.
The vulnerability is confirmed in SiSoftware Sandra Lite version 2010.7.16.52 for Windows. Other versions may also be affected.
Solution:
Do not open untrusted files.
Provided and/or discovered by:
Peter Van Eeckhoutte
Original Advisory:
http://www.corelan.be:8800/index.php/2010/08/25/dll-hijacking-kb-2269637-the-unofficial-list/
http://secunia.com/advisories/41178/
Criticality level : Highly critical
Impact : System access
Where : From remote
Solution Status : Unpatched
Software: SiSoftware Sandra 2010 16.x
Description:
A vulnerability has been discovered in SiSoftware Sandra, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to the application loading libraries (e.g. dwmapi.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening a SiSoftware Sandra Script (.sis) located on a remote WebDAV or SMB share.
Successful exploitation allows execution of arbitrary code.
The vulnerability is confirmed in SiSoftware Sandra Lite version 2010.7.16.52 for Windows. Other versions may also be affected.
Solution:
Do not open untrusted files.
Provided and/or discovered by:
Peter Van Eeckhoutte
Original Advisory:
http://www.corelan.be:8800/index.php/2010/08/25/dll-hijacking-kb-2269637-the-unofficial-list/
http://secunia.com/advisories/41178/
No comments:
Post a Comment