RSS
All articles

March 06, 2013 10:28 Ubuntu: Security update for Keystone

4

Nathanael Burton discovered that Keystone did not properly verify disabled users. An authenticated but disabled user would continue to have access rights that were removed. Jonathan Murray discovered that Keystone would allow XML entity processing. A remote unauthenticated attacker could exploit this to cause a denial of service via resource exhaustion. Authenticated users could also use this to view arbitrary files on the Keystone server.

Updated packages are available from security.debian.org.

March 06, 2013 10:27 Debian: Security update for PostgreSQL

1

Sumit Soni discovered that PostgreSQL,an object-relational SQL database, could be forced to crash when an internal function was called with invalid arguments, resulting in denial of service.

Updated packages are available from security.debian.org.

March 06, 2013 10:25 Red Hat: Security update for OpenJDK

3

These packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Software Development Kit. Multiple improper permission check issues were discovered in the JMX and Libraries components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. An improper permission check issue was discovered in the Libraries component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. It was discovered that OpenJDK leaked timing information when decrypting TLS/SSL protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL server as a padding oracle.

Updated packages are available from ftp.redhat.com.

March 06, 2013 10:24 Red Hat: Security update for OpenJDK

2

These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. An improper permission check issue was discovered in the JMX component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions. It was discovered that OpenJDK leaked timing information when decrypting TLS/SSL protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL server as a padding oracle.

Updated packages are available from ftp.redhat.com.

March 06, 2013 09:51 Red Hat: Security update for OpenJDK

0

These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. An improper permission check issue was discovered in the JMX component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions. It was discovered that OpenJDK leaked timing information when decrypting TLS/SSL protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL server as a padding oracle.

Updated packages are available from ftp.redhat.com.

March 05, 2013 09:04 Ubuntu: Security update for Firefox

0

Security researchers discovered multiple memory safety issues affecting Firefox. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash. Atte Kettunen discovered that Firefox could perform an out-of-bounds read while rendering GIF format images. An attacker could exploit this to crash Firefox. Boris Zbarsky discovered that Firefox did not properly handle some wrapped WebIDL objects. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit this to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox.

Bobby Holley discovered vulnerabilities in Chrome Object Wrappers (COW) and System Only Wrappers (SOW). If a user were tricked into opening a specially crafted page, a remote attacker could exploit this to bypass security protections to obtain sensitive information or potentially execute code with the privileges of the user invoking Firefox. Frederik Braun that Firefox made the location of the active browser profile available to JavaScript workers. A use-after-free vulnerability was discovered in Firefox. An attacker could potentially exploit this to execute code with the privileges of the user invoking Firefox.

Michal Zalewski discovered that Firefox would not always show the correct address when cancelling a proxy authentication prompt. A remote attacker could exploit this to conduct URL spoofing and phishing attacks. Abhishek Arya discovered several problems related to memory handling. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox.

Updated packages are available from security.ubuntu.com.

March 05, 2013 09:03 Red Hat: Security update for Mozilla Thunderbird

0

Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed content. Malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. It was found that, after canceling a proxy server’s authentication prompt, the address bar continued to show the requested site’s address. An attacker could use this flaw to conduct phishing attacks by tricking a user into believing they are viewing trusted content.

Updated packages are available from ftp.redhat.com.

March 05, 2013 09:01 Red Hat: Security update for Mozilla Firefox

0

Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. It was found that, after canceling a proxy server’s authentication prompt, the address bar continued to show the requested site’s address. An attacker could use this flaw to conduct phishing attacks by tricking a user into believing they are viewing a trusted site.

Updated packages are available from ftp.redhat.com.

March 05, 2013 09:00 Red Hat: Security update for Apache Axis

0

Apache Axis is an implementation of SOAP (Simple Object Access Protocol). It can be used to build both web service clients and servers. Apache Axis did not verify that the server hostname matched the domain name in the subject’s Common Name (CN) or subjectAltName field in X.509 certificates. This could allow a man-in-the-middle attacker to spoof an SSL server if they had a certificate that was valid for any domain name.

Updated packages are available from ftp.redhat.com.

March 05, 2013 08:57 Ubuntu: Security update for Boost

0

It was discovered that the Boost.Locale library incorrectly validated some invalid UTF-8 sequences. An attacker could possibly use this issue to bypass input validation in certain applications.

Updated packages are available from security.ubuntu.com.

March 01, 2013 09:31 Debian: Security update for nginx

0

Juliano Rizzo and Thai Duong discovered a weakness in the TLS/SSL protocol when using compression. This side channel attack, dubbed ‘CRIME’, allows eavesdroppers to gather information to recover the original plaintext in the protocol. This update to nginx disables SSL compression.

Updated packages are available from security.debian.org.

March 01, 2013 09:29 Debian: Security update for lighttpd

0

Several vulnerabilities were discovered in the TLS/SSL protocol. Marsh Ray, Steve Dispensa, and Martin Rex discovered that the TLS and SSLv3 protocols do not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions. This issue is solved in lighttpd by disabling client initiated renegotiation by default. Juliano Rizzo and Thai Duong discovered a weakness in the TLS/SSL protocol when using compression. This side channel attack, dubbed ‘CRIME’, allows eavesdroppers to gather information to recover the original plaintext in the protocol. This update disables compression.

Updated packages are available from security.debian.org.

March 01, 2013 09:27 Debian: Security update for wireshark

0

Multiple vulnerabilities were discovered in the dissectors for the CLNP, DTLS, DCP-ETSI and NTLMSSP protocols, which could result in denial of service or the execution of arbitrary code.

Updated packages are available from security.debian.org.

March 01, 2013 09:24 Debian: Security update for FFmpeg

0

Several vulnerabilities have been discovered in FFmpeg, a multimedia player, server and encoder. Multiple input validations in the decoders/ demuxers for Shorten, Chines AVS video, VP5, VP6, AVI, AVS and MPEG-1/2 files could lead to the execution of arbitrary code.

Updated packages are available from security.debian.org.

March 01, 2013 09:23 Ubuntu: Security update for the Linux kernel

0

Andrew Cooper of Citrix reported a Xen stack corruption in the Linux kernel. An unprivileged user in a 32bit PVOPS guest can cause the guest kernel to crash, or operate erroneously.

Updated packages are available from security.ubuntu.com.

February 27, 2013 10:03 Ubuntu: Security update for OpenJDK

0

Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit these to cause a denial of service. Vulnerabilities were discovered in the OpenJDK JRE related to information disclosure. Several data integrity vulnerabilities were discovered in the OpenJDK JRE.

Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure and data integrity. A vulnerability was discovered in the OpenJDK JRE related to availability. An attacker could exploit this to cause a denial of service. A vulnerability was discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit this to cause a denial of service.

A data integrity vulnerability was discovered in the OpenJDK JRE. An information disclosure vulnerability was discovered in the OpenJDK JRE. A vulnerability was discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit this to cause a denial of service.

Updated packages are available from security.ubuntu.com.

February 27, 2013 10:02 Debian: Security update for openconnect

0

Kevin Cernekee discovered that a malicious VPN gateway can send crafted responses which trigger stack-based buffer overflows. Updated packages are available from security.debian.org.

February 27, 2013 10:01 Ubuntu: Security update for Qt

0

Richard J. Moore and Peter Hartmann discovered that Qt allowed redirecting requests from http to file schemes. If an attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to view sensitive information. Stephen Cheng discovered that Qt may report incorrect errors when ssl certificate verification fails. Tim Brown and Mark Lowe discovered that Qt incorrectly used weak permissions on shared memory segments. A local attacker could use this issue to view sensitive information, or modify program data belonging to other users.

Updated packages are available from security.ubuntu.com.

February 27, 2013 09:59 Debian: Security update for PolarSSL

0

Multiple vulnerabilities have been found in PolarSSL. A timing side channel attack has been found in CBC padding allowing an attacker to recover pieces of plaintext via statistical analysis of crafted packages, known as the “Lucky Thirteen” issue. An array index error might allow remote attackers to cause a denial of service via vectors involving a crafted padding-length value during validation of CBC padding in a TLS session Malformed CBC data in a TLS session could allow remote attackers to conduct distinguishing attacks via statistical analysis of timing side-channel data for crafted packets.

Updated packages are available from security.debian.org.

February 27, 2013 09:58 Debian: Security update for OpenSSL

0

Multiple vulnerabilities have been found in OpenSSL. OpenSSL does not properly perform signature verification for OCSP responses, which allows remote attackers to cause a denial of service via an invalid key. A timing side channel attack has been found in CBC padding allowing an attacker to recover pieces of plaintext via statistical analysis of crafted packages, known as the “Lucky Thirteen” issue.

Updated packages are available from security.debian.org.

February 25, 2013 11:10 Ubuntu: Security update for jQuery

1

It was discovered that jQuery incorrectly handled selecting elements using location.hash, resulting in a possible cross-site scripting (XSS) issue. With cross-site scripting vulnerabilities, if a user were tricked into viewing a specially crafted page, a remote attacker could exploit this to modify the contents, or steal confidential data, within the same domain.

Updated packages are available from security.ubuntu.com.

February 25, 2013 11:09 Debian: Security update for Ruby on Rails

0

Two vulnerabilities were discovered in Ruby on Rails, a Ruby framework for web application development. The blacklist provided by the attr_protected method could be bypassed with crafted requests, having an application-specific impact. In some applications, the +serialize+ helper in ActiveRecord could be tricked into deserializing arbitrary YAML data, possibly leading to remote code execution.

Updated packages are available from security.debian.org.

February 25, 2013 11:08 Ubuntu: Security update for curl

0

It was discovered that curl incorrectly handled SASL authentication when communicating over POP3, SMTP or IMAP. If a user or automated system were tricked into processing a specially crafted URL, an attacker could cause a denial of service, or possibly execute arbitrary code. The default compiler options for affected releases should reduce the vulnerability to a denial of service.

Updated packages are available from security.ubuntu.com.

February 25, 2013 11:06 Ubuntu: Security update for the Linux kernel

0

It was discovered that hypervkvpd, which is distributed in the Linux kernel, was not correctly validating the origin on Netlink messages. An untrusted local user can cause a denial of service of Linux guests in Hyper-V virtualization environments. Dmitry Monakhov reported a race condition flaw the Linux ext4 filesystem that can expose stale data. An unprivileged user could exploit this flaw to cause an information leak. Florian Weimer discovered that hypervkvpd, which is distributed in the Linux kernel, was not correctly validating source addresses of netlink packets. An untrusted local user can cause a denial of service by causing hypervkvpd to exit.

Andrew Cooper of Citrix reported a Xen stack corruption in the Linux kernel. An unprivileged user in a 32bit PVOPS guest can cause the guest kernel to crash, or operate erroneously.

Updated packages are available from security.ubuntu.com.

February 25, 2013 11:05 Ubuntu: Security update for PostgreSQL

0

Sumit Soni discovered that PostgreSQL incorrectly handled calling a certain internal function with invalid arguments. An authenticated attacker could use this issue to cause PostgreSQL to crash, resulting in a denial of service.

Updated packages are available from security.ubuntu.com.

February 22, 2013 13:18 Ubuntu: Security update for gnome-screensaver

1

It was discovered that gnome-screensaver did not start automatically after logging in. This may result in the screen not being automatically locked after the inactivity timeout is reached, permitting an attacker with physical access to gain access to an unlocked session.

Updated packages are available from security.ubuntu.com.

February 22, 2013 13:16 Red Hat: Security update for ELinks

0

ELinks is a text-based web browser. ELinks does not display any images, but it does support frames, tables, and most other HTML tags. It was found that ELinks performed client credentials delegation during the client-to-server GSS security mechanisms negotiation. A rogue server could use this flaw to obtain the client’s credentials and impersonate that client to other servers that are using GSSAPI.

Updated packages are available from ftp.redhat.com.

February 22, 2013 13:15 Debian: Security update for xen-qemu

0

A buffer overflow was found in the e1000e emulation, which could be triggered when processing jumbo frames. Updated packages are available from security.debian.org.

February 22, 2013 13:14 Red Hat: Security update for OpenJDK

0

These packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Software Development Kit. Multiple improper permission check issues were discovered in the AWT, CORBA, JMX, Libraries, and Beans components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. Multiple flaws were found in the way image parsers in the 2D and AWT components handled image raster parameters. A specially-crafted image could cause Java Virtual Machine memory corruption and, possibly, lead to arbitrary code execution with the virtual machine privileges.

A flaw was found in the AWT component’s clipboard handling code. An untrusted Java application or applet could use this flaw to access clipboard data, bypassing Java sandbox restrictions. The default Java security properties configuration did not restrict access to certain com.sun.xml.internal packages. An untrusted Java application or applet could use this flaw to access information, bypassing certain Java sandbox restrictions. This update lists the whole package as restricted. Multiple improper permission check issues were discovered in the JMX, Libraries, Networking, and JAXP components. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions.

It was discovered that the RMI component’s CGIHandler class used user inputs in error messages without any sanitization. An attacker could use this flaw to perform a cross-site scripting (XSS) attack. It was discovered that the SSL/TLS implementation in the JSSE component did not properly enforce handshake message ordering, allowing an unlimited number of handshake restarts. A remote attacker could use this flaw to make an SSL/TLS server using JSSE consume an excessive amount of CPU by continuously restarting the handshake. It was discovered that the JSSE component did not properly validate Diffie-Hellman public keys. An SSL/TLS client could possibly use this flaw to perform a small subgroup attack.

Updated packages are available from ftp.redhat.com.

February 22, 2013 13:08 Red Hat: Security update for OpenJDK

0

These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. Multiple improper permission check issues were discovered in the AWT, CORBA, JMX, and Libraries components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. Multiple flaws were found in the way image parsers in the 2D and AWT components handled image raster parameters. A specially-crafted image could cause Java Virtual Machine memory corruption and, possibly, lead to arbitrary code execution with the virtual machine privileges. A flaw was found in the AWT component’s clipboard handling code. An untrusted Java application or applet could use this flaw to access clipboard data, bypassing Java sandbox restrictions.

The default Java security properties configuration did not restrict access to certain com.sun.xml.internal packages. An untrusted Java application or applet could use this flaw to access information, bypassing certain Java sandbox restrictions. This update lists the whole package as restricted. Multiple improper permission check issues were discovered in the Libraries, Networking, and JAXP components. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. It was discovered that the RMI component’s CGIHandler class used user inputs in error messages without any sanitization. An attacker could use this flaw to perform a cross-site scripting (XSS) attack.

It was discovered that the SSL/TLS implementation in the JSSE component did not properly enforce handshake message ordering, allowing an unlimited number of handshake restarts. A remote attacker could use this flaw to make an SSL/TLS server using JSSE consume an excessive amount of CPU by continuously restarting the handshake. It was discovered that the JSSE component did not properly validate Diffie-Hellman public keys. An SSL/TLS client could possibly use this flaw to perform a small subgroup attack.

Updated packages are available from ftp.redhat.com.

Screenshot

Project Spotlight

LIMA-CALLAO

An enterprise accounting software.

Screenshot

Project Spotlight

libHX

A library for quick day-to-day C programming.