Network Security

AERAsec
Network Security
Current Security Messages


Most of the links lead to the corresponding files at CERT or other organisations. So changes take place immediately, especially which patches should be installed or which changes in the configuration should be made to avoid this vulnerability. Some of the files are transferred by FTP.

By the way: If we're not publishing well-known risks inheritant in any widely used platform or program that doesn't mean this particular platform or program is safe to use!

Here you find our network security search engine!


This is some information you send:

Your Browser

CCBot/2.0 (http://commoncrawl.org/faq/)

Your IP address

ec2-54-205-173-252.compute-1.amazonaws.com [54.205.173.252]

Your referer

(filtered or not existing)

Current month, Last month, Last 10 messages, Last 20 messages (index only)

Chosen month 03 / 2009

System: Mandriva Linux
Topic: Vulnerability in krb5
Links: MDVSA-2009:082, CVE-2009-0845, ESB-2009.0304
ID: ae-200903-058

A vulnerability in MIT Kerberos 5 (aka krb5) allows remote attackers to cause a denial of service. Fixed packages are available now.

System: Debian GNU/Linux
Topic: Vulnerabilities in auth2db and nss-ldapd
Links: DSA-1757, ESB-2009.0299,
DSA-1758, CVE-2009-1073, ESB-2009.0300
ID: ae-200903-057

It was discovered that auth2db, an IDS logger, log viewer and alert generator, is prone to an SQL injection vulnerability, when used with multibyte character encodings.
It was discovered that nss-ldapd, an NSS module for using LDAP as a naming service, by default creates the configuration file /etc/nss-ldapd.conf world-readable which could leak the configured LDAP password if one is used for connecting to the LDAP server.
Fixed packages are available now.

System: Various
Topic: Vulnerabilities in Openswan and strongswan
Links: CVE-2008-4190, CVE-2009-0790, RHSA-2009-0402, ESB-2009.0303, DSA-1759, DSA-1760, ESB-2009.0201, ESB-2009.0302
ID: ae-200903-056

A flaw was discovered in the Dead Peer Detection (DPD) in the pluto IKE daemon of Openswan annd strongswan. A remote attacker could use a malicious DPD packet to crash the pluto daemon. It was discovered that Openswan's livetest script created temporary files in an insecure manner. A local attacker could use this flaw to overwrite arbitrary files owned by the user running the script. Fixed software is available now.

System: Sun OpenSolaris
Topic: Vulnerability in Solaris Zones
Links: Sun Alert #255608, ESB-2009.0296
ID: ae-200903-055

Local privileged users inside a non-global zone may be able to execute arbitrary code within a global zone if an mdb process within the global zone attaches to a non-global zone process. The code would be executed with the privileges of the user running mdb, which could potentially be root. Patches are available now.

System: Red Hat Enterprise MRG
Topic: Vulnerabilities in Kernel
Links: RHSA-2009-0360, CVE-2009-0031, CVE-2009-0269, CVE-2009-0322, CVE-2009-0675, CVE-2009-0676, ESB-2009.0294
ID: ae-200903-054

Several vulnerabilities have been found in the kernel of Red Hat Enterprise MRG for RHEL 5. Fixed kernel packages are available now.

System: Various
Topic: Vulnerabilities in Mozilla Firefox and Seamonkey
Links: Mozilla, CVE-2009-1044, CVE-2009-1169, RHSA-2009-0397, RHSA-2009-0398, ESB-2009.0295, DSA-1756, ESB-2009.0291, TLSA-2009-11, SUSE-SA:2009:022, SUSE-SA:2009:023, ESB-2009.0381,
ID: ae-200903-053

Two vulnerabilities were found in the Mozilla Firefox browser and Seamonkey. Fixed software is available now.

System: Various
Topic: Vulnerabilities in three Drupal 3rd party modules
Links: DRUPAL-SA-CONTRIB-2009-015, DRUPAL-SA-CONTRIB-2009-016, DRUPAL-SA-CONTRIB-2009-017, ESB-2009.0289
ID: ae-200903-052

The Token authentication module allows access to RSS feeds via a token without having to provide your username and password to the site. Token authentication did not properly use the Drupal Form API which would allow a malicious user to learn the site administrator's token giving them the ability to read any nodes on the site via an RSS feed.
The Wikitools module provides several options to get a more wiki-like behavior for Drupal. On several pages, the Wikitools module prints out a parameter without escaping it. Malicious users are thus able to execute a cross site scripting (XSS) attack when they entice users to visit a specifically crafted URL. This may lead to a malicious user gaining full administrative access.
The Vote Up/Down module provides a voting widget for content that records votes using Ajax. The URL for voting is vulnerable to cross-site request forgeries (CSRF) making it possible for users to unknowingly vote for content.
Updated software is available now. Please be aware that Drupal core is not affected.

System: Red Hat Enterprise Linux 3
Topic: Vulnerability in net-snmp
Links: RHSA-2009-0295, CVE-2008-6123, ESB-2009.0292
ID: ae-200903-051

It has been discovered that the snmpd daemon doesn't use TCP wrappers correctly, causing network hosts access restrictions defined in "/etc/hosts.allow" and "/etc/hosts.deny" to not be honored. A remote attacker could use this flaw to bypass intended access restrictions. An updated package addresses this issue.

System: Red Hat Enterprise Linux 4 / 5
Topic: Vulnerabilities in NetworkManager
Links: RHSA-2009-0361, RHSA-2009-0362, CVE-2009-0365, CVE-2009-0578, ESB-2009.0288
ID: ae-200903-050

NetworkManager is a network link manager that attempts to keep a wired or wireless network connection active at all times. An information disclosure flaw was found in NetworkManager's D-Bus interface. A local attacker could leverage this flaw to discover sensitive information, such as network connection passwords and pre-shared keys. Further on, a potential Denial-of-Service flaw was found in NetworkManager's D-Bus interface. A local user could leverage this flaw to modify local connection settings, preventing the system's network connection from functioning properly. Updated packages are available now.

System: Cisco 7600 Series Router
Topic: Vulnerabilities in Cisco IOS
Links: Cisco_ctcp, Cisco_ip, Cisco_mobileip, Cisco_scp, Cisco_sip, Cisco_tcp, Cisco_udp, Cisco_webvpn, ESB-2009.0283
ID: ae-200903-049

Several vulnerabilities have been detected in Cisco IOS. Using different protocols and methods some of them might lead to a Denial-of-Service or privilege escalation. It's strongly recommended to update the IOS of productive systems.

System: Srveral
Topic: Several Vulnerabilities in java-1.6.0-ibm
Links: RHSA-2009-0369, CVE-2008-5340, CVE-2008-5341, CVE-2008-5342, CVE-2008-5343, CVE-2008-5351, CVE-2008-5356, CVE-2008-5357, CVE-2008-5358, ESB-2009.0282
ID: ae-200903-048

An update fixes several vulnerabilities in the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit. It's available for Red Hat Enterprise Linux now.

System: Microsoft Windows
Topic: Vulnerability in IBM Access Support ActiveX Control
Links: VU#340420, Microsoft #240797, CVE-2009-0215, AL-2009.0022
ID: ae-200903-047

No further comment due to legal reasons

System: Debian Linux 4.0
Topic: End-of-Live for Iceweasel
Links: DSA-1753, ESB-2009.0287
ID: ae-200903-046

Debian points out that the browser iceweasel has reached its End Of Live. Due to this it's not supported any more. It's recommended to switch to another browser.

System: Linux
Topic: Vulnerability in systemtap
Links: CVE-2009-0784, RHSA-2009-0373, ESB-2009.0293, DSA-1755, ESB-2009.0285
ID: ae-200903-045

SystemTap is an instrumentation infrastructure for systems running version 2.6 of the Linux kernel. SystemTap scripts can collect system operations data, greatly simplifying information gathering. Collected data can then assist in performance measuring, functional testing, and performance and function problem diagnosis. A race condition has been discovered in SystemTap that could allow users in the stapusr group to elevate privileges to that of members of the stapdev group (and hence root), bypassing directory confinement restrictions and allowing them to insert arbitrary SystemTap kernel modules. Updated software is available now.

System: Various
Topic: Vulnerabilities in Sun Java Runtime Environment
Links: Sun Alert 254569, Sun Alert 254570, Sun Alert 254571, Sun Alert 254608, Sun Alert 254609, Sun Alert 254610, Sun Alert 254611, CVE-2009-1093, CVE-2009-1094, CVE-2009-1095, CVE-2009-1096, CVE-2009-1097, CVE-2009-1098, CVE-2009-1099, CVE-2009-1100, CVE-2009-1101, CVE-2009-1102, CVE-2009-1103, CVE-2009-1104, CVE-2009-1105, CVE-2009-1106, CVE-2009-1107, ESB-2009.0276, ESB-2009.0277, ESB-2009.0278, ESB-2009.0279, ESB-2009.0280, ESB-2009.0281, VU#845747, iDEFENSE #777, iDEFENSE #778, iDEFENSE #779, iDEFENSE #780, iDEFENSE #781, RHSA-2009-0392, RHSA-2009-0394, ESB-2009.0290, SUSE-SA:2009:016, ESB-2009.0320, DSA-1769, ESB-2009.0348,
ID: ae-200903-044

Several vulnerabilitier were found in the Sun Java Runtime Environment (JRE). Fixed software is available now.

System: Linux
Topic: Vulnerability in glib2
Links: CVE-2008-4316, RHSA-2009-0336, ESB-2009.0273, MDVSA-2009:080
ID: ae-200903-043

Multiple integer overflows causing heap-based buffer overflows were discovered in GLib's Base64 encoding and decoding functions. An attacker could use these flaws to crash an application using GLib's Base64 functions to encode or decode large, untrusted inputs, or, possibly, execute arbitrary code as the user running the application. Fixed packages are available now.

System: Debian GNU/Linux
Topic: Vulnerability in webcit
Links: DSA-1752, CVE-2009-0364, ESB-2009.0268
ID: ae-200903-042

It was discovered that WebCit, the web-based user interface for the Citadel groupware system, contains a format string vulnerability in the mini_calendar component, possibly allowing arbitrary code execution. Fixed packages are available now.

System: Various
Topic: Vulnerability in ISC BIND
Links: ISC, ISC, ESB-2009.0267
ID: ae-200903-041

A vulnerability das discovered in the in DNSSEC lookaside validation (DLV) of ISC BIND: unrecognized signature algorithms, which should have been treated as the equivalent of an unsigned zone, were instead treated as a validation failure. Fixed software is available now.

System: FreeBSD
Topic: Vulnerability in kernel
Links: FreeBSD-SA-09:06, CVE-2009-1041, ESB-2009.0261
ID: ae-200903-040

An unprivileged process can overwrite an arbitrary location in kernel memory. A patch is available now.

System: Debian GNU/Linux
Topic: Vulnerabilities in Linux Kernel 2.6.x
Links: DSA-1749, CVE-2009-0029, CVE-2009-0031, CVE-2009-0065, CVE-2009-0269, CVE-2009-0322, CVE-2009-0675, CVE-2009-0676, CVE-2009-0745, CVE-2009-0746, CVE-2009-0747, CVE-2009-0748, ESB-2009.0263
ID: ae-200903-039

Several vulnerabilities have been discovered in the Linux kernel that may lead to a Denial-of-Service or privilege escalation. The Linux Kernel 2.6.24 fixes these problems.

System: Mandriva Linux
Topic: Vulnerability in pam
Links: MDVSA-2009:077, CVE-2009-0887, ESB-2009.0270
ID: ae-200903-038

A security vulnerability has been identified in pam. Fixed packages are available now.

System: Debian GNU/Linux
Topic: Vulnerabilities in lcms, ghostscript, glib2.0, and libsoup
Links: DSA-1745, CVE-2009-0581, CVE-2009-0723, CVE-2009-0733, ESB-2009.0284,
DSA-1746, CVE-2009-0583, CVE-2009-0584,
DSA-1747, CVE-2008-4316, ESB-2009.0264,
DSA-1748, CVE-2009-0585
ID: ae-200903-037

Several security issues have been discovered in lcms, a color management library. They are due to insufficient checks of files, leading to buffer overflows and the execution of arbitrary code. Additionally, a memory leak might lead to a Denial-of-Service condition.
Ghostscript is the GPL Ghostscript PostScript/PDF interpreter. Two different vulnerabilities might lead to the execution of arbitrary code via crafted ICC profiles in PostScript files with embedded images.
Libsoup is a HTTP library implementation written in C and the GLib library of C routines is called glib2.0. Both programs handle strings insecurely via its Base64 encoding functions. This could possibly lead to the execution of arbitrary code.
Fixed software is available now.

System: Various
Topic: Vulnerability in Drupal 3rd party module
Links: DRUPAL-SA-CONTRIB-2009-011, ESB-2009.0253
ID: ae-200903-036

Tasklist does not properly use the Drupal database API and inserts values from the URL directly into queries. This can be exploited to perform SQL Injection attacks. Please be aware that Drupal core is not affected.

System: Sun Solaris
Topic: Vulnerabilities in ufs and kerberos
Links: Sun Alert #254628, ESB-2009.0249,
Sun Alert #249926, CVE-2009-0923, ESB-2009.0250
ID: ae-200903-035

Several vulnerabilities in the UFS file system involving the ufs_getpage() and ufs_putapage() routines may lead to a system hang or a system panic.
A security vulnerability in Solaris Kerberos (see kerberos(5)) may allow an unauthenticated remote user on a system which can access a master Key Distribution Center (KDC) server to prevent propagation of incremental propagation requests to slave KDC servers.
Patches are available now.

System: Red Hat Enterprise Linux
Topic: Vulnerabilities in lcms, curl, and ghostscript
Links: RHSA-2009-0339, CVE-2009-0581, CVE-2009-0723, CVE-2009-0733, ESB-2009.0257,
RHSA-2009-0341, CVE-2009-0037, ESB-2009.0258,
RHSA-2009-0345, CVE-2009-0583, CVE-2009-0584, ESB-2009.0259
ID: ae-200903-034

Multiple integer overflow flaws which could lead to heap-based buffer overflows, as well as multiple insufficient input validation flaws, were found in LittleCMS. An attacker could use these flaws to create a specially-crafted image file which could cause an application using LittleCMS to crash, or, possibly, execute arbitrary code when opened by a victim.
A security vulnerability has been identified in curl.
Multiple integer overflow flaws which could lead to heap-based buffer overflows, as well as multiple insufficient input validation flaws, were found in Ghostscript's International Color Consortium Format library (icclib).
Fixed packages are available now.

System: Debian GNU/Linux
Topic: Vulnerability in weechat
Links: DSA-1744, CVE-2009-0661, ESB-2009.0254
ID: ae-200903-033

It was discovered that an error in the handling of color codes in the weechat IRC client could cause an out-of-bounds read of an internal color array. This can be used by an attacker to crash user clients via a crafted PRIVMSG command. Fixed packages are available now.

System: Red Hat Enterprise Linux
Topic: Vulnerabilities in libsoup, evolution-data-server, and evolution
Links: RHSA-2009-0344, CVE-2009-0585, ESB-2009.0248,
RHSA-2009-0354, RHSA-2009-0355, CVE-2009-0547, CVE-2009-0582, CVE-2009-0587, ESB-2009.0247,
ID: ae-200903-032

Libsoup is an HTTP client/library implementation for GNOME written in C. It was originally part of a SOAP (Simple Object Access Protocol). An integer overflow flaw might cause a heap-based buffer overflow in libsoup's Base64 encoding routine. An attacker could use this flaw to crash, or, possibly, execute arbitrary code. This arbitrary code would execute with the privileges of the application using libsoup's Base64 routine to encode large, untrusted inputs.
Evolution Data Server provides a unified back-end for applications which interact with contacts, task, and calendar information. It doesn't properly check the Secure/Multipurpose Internet Mail Extensions (S/MIME) signatures used for public key encryption and signing of e-mail messages. An attacker could use this flaw to spoof a signature by modifying the text of the e-mail message displayed to the user. Further on, it has been discovered that Evolution Data Server doesn't properly validate NTLM (NT LAN Manager) authentication challenge packets. A malicious server using NTLM authentication could cause an application using Evolution Data Server to disclose portions of its memory or crash during user authentication. Multiple integer overflow flaws might cause heap-based buffer overflows were found in the Base64 encoding routines used by Evolution Data Server. This could cause an application using Evolution Data Server to crash, or, possibly, execute an arbitrary code when large untrusted data blocks were Base64-encoded.
Fixed packages are available now.

System: Sun Solaris 10
Topic: Vulnerability in Solaris keysock
Links: Sun Alert #253568, ESB-2009.0243
ID: ae-200903-031

A security vulnerability in the Solaris 10 keysock kernel module may allow local users with sufficient privileges to create PF_KEY sockets to be able to cause a system panic thereby resulting in a Denial-of-Service (DoS) to the system as a whole. Patches are available now.

System: Debian GNU/Linux
Topic: Vulnerability in psi
Links: DSA-1741, CVE-2008-6393, ESB-2009.0242
ID: ae-200903-030

It has been discovered that an integer overflow in the PSI Jabber client may lead to remote Denial-of-Service (DoS). An updated package solves this problem.

System: Debian GNU/Linux
Topic: Vulnerabilities in mldonkey, yaws, and libsnd
Links: DSA-1739, CVE-2009-0753, ESB-2009.0241,
DSA-1740, CVE-2009-0751, ESB-2009.0245,
DSA-1742, CVE-2009-0186, ESB-2009.0244
ID: ae-200903-029

It has been discovered that mldonkey, a client for several P2P networks, allows attackers to download arbitrary files using crafted requests to the HTTP console. Yaws, a high performance HTTP 1.1 webserver, is prone to a Denial-of-Service (DoS) attack via a request with a large HTTP header. Additionally, libsndfile as a library to read and write sampled audio data is prone to an integer overflow. This causes a heap-based buffer overflow when processing crafted CAF description chunks possibly leading to arbitrary code execution. Updated software addresses these issues.

System: Mandriva Linux
Topic: Vulnerability in avahi
Links: MDVSA-2009:076, CVE-2009-0758, ESB-2009.0246
ID: ae-200903-028

A security vulnerability has been identified and fixed in avahi which could allow remote attackers to cause a Denial-of-Service (DoS, network bandwidth and CPU consumption) via a crafted legacy unicast mDNS query packet. Updated software remedies this problem.

System: Various
Topic: Vulnerabilities in PTK
Links: PTK, VU#845747,
ID: ae-200903-027

PTK is an interface to the sleuthkit forensic tools that uses Apache, PHP and MySQL. PTK versions 1.0.0 to 1.0.4 contain multiple vulnerabilities. These vulnerabilities may be triggered remotely or during the inspection of local HTML files that are rendered in web browsers. Due to these vulnerabilities, a remote unauthenticated attacker may be able to execute arbitrary javascript or run commands in the context of the Apache webserver. The most recent version doesn't show these vulnerabilities.

System: Sun Solaris
Topic: Vulnerabilities in nfsd and nfssec
Links: Sun Alert #250306, CVE-2009-0873, ESB-2009.0229,
Sun Alert #253588, CVE-2009-0872, ESB-2009.0230
ID: ae-200903-026

Vulnerabilities were found in the Solaris NFS Daemon (nfsd(1M)) and the Solaris NFS server security modes (nfssec(5)). Patches are available now.

System: Red Hat Enterprise Linux 4
Topic: Vulnerabilities in Kernel
Links: RHSA-2009-0264, CVE-2008-5700, CVE-2009-0031, CVE-2009-0065, CVE-2009-0322, ESB-2009.0239
ID: ae-200903-025

Several vulnerabilities have been found in the kernel of Red Hat Enterprise Linux 4. Fixed kernel packages are available now.

System: Red Hat Enterprise Linux 5
Topic: Vulnerability in icu
Links: RHSA-2009-0296, CVE-2008-1036, ESB-2009.0238
ID: ae-200903-024

A flaw was found in the way ICU, the International Components for Unicode library, processes certain, invalid, encoded data. If an application used ICU to decode malformed, multibyte, character data, it may have been possible to bypass certain content protection mechanisms, or display information in a manner misleading to the user. Fixed packages are available now.

System: SuSE Linux
Topic: Vulnerabilities in curl, libmikmod, apache2, optipng, psi, java-1_6_0-openjdk, and gtk2
Links: SUSE-SR:2009:006
ID: ae-200903-023

A SUSE Security Summary reports about vulnerabilities in the packages curl, libmikmod, apache2, optipng, psi, java-1_6_0-openjdk, and gtk2. Updated packages are available now and should be installed on vulnerable systems.

System: Debian GNU/Linux
Topic: Vulnerabilities in wesnoth and curl
Links: DSA-1737, CVE-2009-0366, CVE-2009-0367,
DSA-1738, CVE-2009-0037
ID: ae-200903-022

Several security issues have been discovered in wesnoth, a fantasy turn-based strategy game.
A security vulnerability has been identified in curl.
Fixed packages are available now.

System: Microsoft Windows
Topic: Vulnerabilities in Microsoft DNS and WINS Server
Links: MS09-008, VU#319331, CVE-2009-0093, CVE-2009-0094, CVE-2009-0233, CVE-2009-0234, ESB-2009.0222
ID: ae-200903-021

No further comment due to legal reasons

System: Microsoft Windows
Topic: Vulnerability in Microsoft Windows SChannel
Links: MS09-007, CVE-2009-0085, ESB-2009.0221
ID: ae-200903-020

No further comment due to legal reasons

System: Microsoft Windows
Topic: Vulnerabilities in Microsoft Windows Kernel
Links: MS09-006, CVE-2009-0081, CVE-2009-0082, CVE-2009-0083, AL-2009.0017
ID: ae-200903-019

No further comment due to legal reasons

System: Various
Topic: Vulnerabilities in Asterisk
Links: AST-2009-002, ESB-2009.0223,
ID: ae-200903-018

A vulnerablity was found in the pedantic option in the SIP channel driver, that may lead to denial of service attacks. Fixed software is available now.

System: Various
Topic: Vulnerability in Adobe Reader
Links: APSA09-04, APSA09-03, APSA09-01, CVE-2009-0193 CVE-2009-0658, CVE-2009-0927, CVE-2009-0928, CVE-2009-1061, CVE-2009-1062,, VU #905281, CVE-2009-0658, ESB-2009.0162, SUSE-SA:2009:014, TLSA-2009-10, Sun Alert #256788, ESB-2009.0368
ID: ae-200903-017

A critical vulnerability has been identified in Adobe Reader 9 and Acrobat 9 and earlier versions. This vulnerability would cause the application to crash and could potentially allow an attacker to take control of the affected system. There are reports that this issue is being exploited. A patch is available now.

System: Debian GNU/Linux
Topic: Vulnerabilities in znc and mahara
Links: DSA-1735, CVE-2009-0759, ESB-2009.0225,
DSA-1736, CVE-2009-0660, ESB-2009.0226
ID: ae-200903-016

It was discovered that znc, an IRC proxy/bouncer, does not properly sanitize input contained in configuration change requests to the webadmin interface. This allows authenticated users to elevate their privileges and indirectly execute arbitrary commands.
It was discovered that mahara, an electronic portfolio, weblog, and resume builder, is prone to cross-site scripting attacks, which allows the injection of arbitrary Java or HTML code.
Fixed packages are available now.

System: Various
Topic: Vulnerability in Apache Tomcat
Links: CVE-2009-0781, ESB-2009.0211
ID: ae-200903-015

The calendar application in the examples contains invalid HTML which renders the XSS protection for the time parameter ineffective. An attacker can therefore perform an XSS attack using the time attribute. A workaround is described in the advisory.

System: Various
Topic: Vulnerability in JBoss Enterprise Application Platform
Links: RHSA-2009-0346, RHSA-2009-0347, RHSA-2009-0348, RHSA-2009-0349, CVE-2009-0027, ESB-2009.0210
ID: ae-200903-014

The request handler in JBossWS does not correctly verify the resource path when serving WSDL files for custom web service endpoints. This allowes remote attackers to read arbitrary XML files with the permissions of the EAP processs. Fixed software is available now.

System: Mandriva Linux
Topic: Vulnerabilities in poppler and curl
Links: MDVSA-2009:068, CVE-2009-0755, CVE-2009-0756, ESB-2009.0215,
MDVSA-2009:069, CVE-2009-0037
ID: ae-200903-013

A crafted PDF file that triggers a parsing error allows remote attackers to cause definal of service.
A security vulnerability has been identified in curl.
Fixed packages are available now.

System: Apple
Topic: Vulnerabilities in Time Capsule and AirPort Base Station
Links: APPLE-SA-2009-03-05, ESB-2009.0209
ID: ae-200903-012

Multiple vulnerabilities were discovered in the Apple Time Capsule and AirPort Extreme Base Station with 802.11n. Fixed firmware is available now.

System: Mandriva Linux
Topic: Vulnerabilities in php and libsndfile
Links: MDVSA-2009:065, MDVSA-2009:066, CVE-2007-4850, CVE-2008-5557, CVE-2009-0754, ESB-2009.0208,
MDVSA-2009:067, CVE-2009-0186
ID: ae-200903-011

Several vulnerabilities were found in PHP.
Crafted data - channels per frame value - in CAF files enables remote attackers to execute arbitrary code or denial of service via a possible integer overflow in libsndfile, leading to a possible heap overflow.
Patches are available now.

System: Cisco 7600 Series Router
Topic: Vulnerability in Cisco Session Border Controller
Links: Cisco, CVE-2009-0619, ESB-2009.0203
ID: ae-200903-010

A denial of service (DoS) vulnerability exists in the Cisco Session Border Controller (SBC) for the Cisco 7600 series routers. Cisco has released free software updates that address this vulnerability.

System: Debian GNU/Linux
Topic: Vulnerability in opensc
Links: DSA-1734, CVE-2009-0368, ESB-2009.0205
ID: ae-200903-009

It was discovered that OpenSC, a set of smart card utilities, could stores private data on a smart card without proper access restrictions. Fixed packages are available now.

System: Red Hat Enterprise Linux
Topic: Vulnerabilities in wireshark
Links: RHSA-2009-0313, CVE-2008-4680, CVE-2008-4681, CVE-2008-4682, CVE-2008-4683, CVE-2008-4684, CVE-2008-4685, CVE-2008-5285, CVE-2009-0599, CVE-2009-0600, ESB-2009.0201
ID: ae-200903-008

Several vulnerabilities were found in Wireshark. Fixed packages are available now.

System: Various
Topic: Vulnerabilities in Mozilla Firefox, Thunderbird, and Seamonkey
Links: Mozilla, RHSA-2009-0315, RHSA-2009-0325, RHSA-2009-0258, ESB-2009.0204, ESB-2009.0274, ASA-2009-069, ESB-2009.0220, MDVSA-2009:075, SUSE-SA:2009:012, ESB-2009.0262, TLSA-2009-9
ID: ae-200903-007

Multiple vulnerabilities were found in the Mozilla Firefox browser. Also affected are Thunderbird and Seamonkey. Fixed software is available now.

System: SuSE Linux
Topic: Vulnerabilities in dhcp, ntp/xntp, squid, wireshark, libpng, pam_mount, enscript, eID-belgium, and gstreamer-0_10-plugins-good
Links: SUSE-SR:2009:005, ESB-2009.0194
ID: ae-200903-006

A SUSE Security Summary reports about vulnerabilities in the packages dhcp, ntp/xntp, squid, wireshark, libpng, pam_mount, enscript, eID-belgium, and gstreamer-0_10-plugins-good. Updated packages are available now and should be installed on vulnerable systems.

System: Various
Topic: Vulnerability in libpng
Links: VU#649212, ESB-2009.0199, RHSA-2009-0333, RHSA-2009-0340, ESB-2009.0202, DSA-1750, ESB-2009.0260
ID: ae-200903-005

A vulnerability in the way libpng handles element pointers could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service. Fixed software is available now.

System: Debian GNU/Linux
Topic: Vulnerabilities in squid and vim
Links: DSA-1732, CVE-2009-0478, ESB-2009.0197,
DSA-1733, CVE-2008-2712, CVE-2008-3074, CVE-2008-3075, CVE-2008-3076, CVE-2008-4101, ESB-2009.0196
ID: ae-200903-004

An assertion error was discovered in squid3, a full featured Web Proxy cache, which could lead to a denial of service attack.
Several vulnerabilities have been found in vim, an enhanced vi editor.
Fixed packages are available now.

System: openSUSE 11.1
Topic: Vulnerabilities in Linux Kernel 2.6.x
Links: SUSE-SA:2009:010
ID: ae-200903-003

Several vulnerabilities have been discovered in the Linux kernel of openSUSE 11.1. An updated Linux Kernel fixes this problem.

System: Debian GNU/Linux
Topic: Vulnerabilities in gst-plugins-bad and ndiswrapper
Links: DSA-1729, CVE-2009-0386, CVE-2009-0387, CVE-2009-0397, ESB-2009.0191,
DSA-1731, CVE-2008-4395, ESB-2009.0193
ID: ae-200903-002

Several vulnerabilities have been found in gst-plugins-bad0.10, a collection of various GStreamer plugins, which could potentially lead to the execution of arbitrary code via crafted .mov files.
It was discovered that ndiswrapper suffers from buffer overflows via specially crafted wireless network traffic, due to incorrectly handling long ESSIDs. This could lead to the execution of arbitrary code.
Fixed packages are available now.

System: Various
Topic: Vulnerability in Drupal 3rd party module
Links: DRUPAL-SA-CONTRIB-2009-008, ESB-2009.0189
ID: ae-200903-001

A cross site scripting vulnerability was found in the 'Taxonomy Theme' module. A fixed version is available now. Please be aware that Drupal core is not affected.



(c) 2000-2013 AERAsec Network Services and Security GmbH