Network Security

AERAsec
Network Security
Current Security Messages


Most of the links lead to the corresponding files at CERT or other organisations. So changes take place immediately, especially which patches should be installed or which changes in the configuration should be made to avoid this vulnerability. Some of the files are transferred by FTP.

By the way: If we're not publishing well-known risks inheritant in any widely used platform or program that doesn't mean this particular platform or program is safe to use!

Here you find our network security search engine!


This is some information you send:

Your Browser

CCBot/2.0 (http://commoncrawl.org/faq/)

Your IP address

ec2-54-82-222-134.compute-1.amazonaws.com [54.82.222.134]

Your referer

(filtered or not existing)

Current month, Last month, Last 10 messages, Last 20 messages (index only)

Chosen month 07 / 2009

System: HP-UX
Topic: Vulnerabilities in Kerberos
Links: HPSBUX02421 SSRT090047, CVE-2009-0846, CVE-2009-0847, ESB-2009.1119
ID: ae-200907-064

Several security vulnerabilities have been identified on HP-UX running Kerberos. These vulnerabilities could be exploited by remote unauthenticated users to create a Denial of Service (DoS) or to execute arbitrary code. A patch is available now.

System: Red Hat Linux
Topic: Vulnerabilities in NSPR, NSS, and Seamonkey
Links: RHSA-2009-1184, RHSA-2009-1185, RHSA-2009-1186, CVE-2009-2404, CVE-2009-2404, CVE-2009-2404, ESB-2009.1121
ID: ae-200907-063

Several vulnerabilities were found in Netscape Portable Runtime (NSPR), Network Security Services (NSS) and Mozilla Seamonkey. Fixed packages are available now.

System: Various
Topic: Vulnerabilities in Drupal 3rd party modules
Links: DRUPAL-SA-CONTRIB-2009-046, DRUPAL-SA-CONTRIB-2009-047, DRUPAL-SA-CONTRIB-2009-048, DRUPAL-SA-CONTRIB-2009-049, ESB-2009.1116
ID: ae-200907-062

Several vulnerabilities were found in the Third-Party Drupal modules "Date", "Calendar", "Bibliography Module", and "Live". Updated software is available now. Please be aware that Drupal core is not affected.

System: Cisco IOS
Topic: Vulnerabilities in Cisco IOS Software Border Gateway Protocol
Links: Cisco, CVE-2009-1168, CVE-2009-2049, ESB-2009.1117
ID: ae-200907-061

Recent versions of Cisco IOS Software support RFC4893 ("BGP Support for Four-octet AS Number Space") and contain two remote denial of service (DoS) vulnerabilities when handling specific Border Gateway Protocol (BGP) updates. Cisco has released free software updates that address these vulnerabilities.

System: Debian GNU/Linux
Topic: Vulnerability in kvm
Links: DSA-1846, CVE-2009-2287, ESB-2009.1112
ID: ae-200907-060

An issue was discovered in the kvm subsystem. Local users with permission to manipulate /dev/kvm can cause a denial of service (hang) by providing an invalid cr3 value to the KVM_SET_SREGS call. Fixed packages are available now.

System: Microsoft Windows
Topic: Vulnerabilities in Microsoft Visual Studio Active Template Library
Links: MS09-035, VU#456745, CVE-2009-0901, CVE-2009-2493, CVE-2009-2495, ESB-2009.1101, APSB09-11, ESB-2009.1118, APSA09-04, APSB09-10, Cisco, ESB-2009.1102
ID: ae-200907-059

No further comment due to legal reasons

System: Microsoft Windows
Topic: Vulnerabilities in Microsoft Internet Explorer
Links: ae-200907-059, MS09-034, CVE-2009-1917, CVE-2009-1918, CVE-2009-1919, ESB-2009.1100
ID: ae-200907-058

No further comment due to legal reasons

System: Debian GNU/Linux
Topic: Vulnerabilities in Kernel
Links: DSA-1844, DSA-1845, CVE-2009-1385, CVE-2009-1389, CVE-2009-1630, CVE-2009-1633, CVE-2009-1895, CVE-2009-1914, CVE-2009-1961, CVE-2009-2287, CVE-2009-2406, CVE-2009-2407, ESB-2009.1110
ID: ae-200907-057

Several vulnerabilities have been found in the kernel of Debian Linux. Fixed kernel packages are available now.

System: Debian GNU/Linux
Topic: Vulnerabilities in openexr
Links: DSA-1842, CVE-2009-1720, CVE-2009-1721, CVE-2009-1722, ESB-2009.1103
ID: ae-200907-056

Several vulnerabilities have been discovered in the OpenEXR image library, which can lead to the execution of arbitrary code. Fixed packages are available now.

System: Various
Topic: Vulnerability in ISC BIND9
Links: ISC, VU#725188, CVE-2009-0696, FreeBSD-SA-09:12, ESB-2009.1110, NetBSD-SA2009-013, ESB-2009.1114, DSA-1847, ESB-2009.1113, RHSA-2009-1179, RHSA-2009-1180, RHSA-2009-1181, ESB-2009.1115, MDVSA-2009:181, OpenBSD, SUSE-SA:2009:040, ESB-2009.1120, Sun Alert #264828, ESB-2009.1126, TLSA-2009-22, ESB-2009.1135, HPSBUX02451 SSRT090137, ESB-2009.1148
ID: ae-200907-055

A denial-of-service vulnerability was found in ISC BIND9. When named(8) receives a specially crafted dynamic update message an internal assertion check is triggered which causes named(8) to exit. Fixed software is available now.

System: Cisco Wireless LAN Controllers
Topic: Vulnerabilities in Cisco Wireless LAN Controllers
Links: Cisco, CVE-2009-1164, CVE-2009-1165, CVE-2009-1166, CVE-2009-1167, ESB-2009.1098
ID: ae-200907-054

Multiple vulnerabilities exist in the Cisco Wireless LAN Controllers. Cisco has released free software updates that address these vulnerabilities.

System: Various
Topic: Vulnerability in squid
Links: SQUID-2009_2, ESB-2009.1099, MDVSA-2009:161, DSA-1843, ESB-2009.1104
ID: ae-200907-053

Due to incorrect buffer limits and related bound checks Squid is vulnerable to a denial of service attack when processing specially crafted requests or responses. Due to incorrect data validation Squid is vulnerable to a denial of service attack when processing specially crafted responses. A patch is available now.

System: Mandriva Linux
Topic: Vulnerability in mysql
Links: MDVSA-2009:159, CVE-2009-2446
ID: ae-200907-052

Multiple format string vulnerabilities in the dispatch_command function in MySQL allow remote authenticated users to cause a denial of service (daemon crash). Fixed packages are available now.

System: Red Hat Linux
Topic: Vulnerabilities in python
Links: RHSA-2009-1176, RHSA-2009-1177, RHSA-2009-1178, CVE-2007-2052, CVE-2007-4965, CVE-2008-1679, CVE-2008-1721, CVE-2008-1887, CVE-2008-2315, CVE-2008-3142, CVE-2008-3143, CVE-2008-3144, CVE-2008-4864, CVE-2008-5031, ESB-2009.1096
ID: ae-200907-051

Several vulnerabilities were found in python, an interpreted, interactive, object-oriented programming language. Fixed packages are available now.

System: Debian GNU/Linux
Topic: Vulnerability in git-core
Links: DSA-1841, CVE-2009-2108, ESB-2009.1092
ID: ae-200907-050

It was discovered that git-daemon which is part of git-core, a popular distributed revision control system, is vulnerable to denial of service attacks caused by a programming mistake in handling requests containing extra unrecognized arguments which results in an infinite loop. While this is no problem for the daemon itself as every request will spawn a new git-daemon instance, this still results in a very high CPU consumption and might lead to denial of service conditions. Fixed packages are available now.

System: Mandriva Linux
Topic: Vulnerability in pango
Links: MDVSA-2009:158, CVE-2009-1194
ID: ae-200907-049

Integer overflow in Pango before allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long glyph string that triggers a heap-based buffer overflow. Fixed packages are available now.

System: SuSE Linux
Topic: Vulnerabilities in Kernel
Links: SUSE-SA:2009:038, CVE-2009-1385, CVE-2009-1389, CVE-2009-1630, CVE-2009-1961, ESB-2009.1091
ID: ae-200907-048

Several vulnerabilities have been found in the kernel of SuSE Linux. Fixed kernel packages are available now.

System: Various
Topic: Vulnerability in Adobe Flash Player, Adobe Reader, and Adobe Acrobat
Links: APSA09-03, CVE-2009-1862, VU#259425, RHSA-2009-1188, RHSA-2009-1189, ESB-2009.1122, SUSE-SA:2009:041, ESB-2009.1137
ID: ae-200907-047

Adobe Flash Player contains a code execution vulnerability. An attacker may be able to trigger this overflow by convincing a user to open a specially crafted Flash (SWF) file. The SWF file could be hosted or embedded in a web page or contained in a Portable Document Format (PDF) file. Also affected are Adobe Reader and Acrobat. Fixed software is not available yet.

System: HP-UX
Topic: Vulnerabilities in xntp
Links: HPSBUX02437 SSRT090038, CVE-2009-0159, CVE-2009-1252, ESB-2009.1087
ID: ae-200907-046

Security vulnerabilities have been identified with HP-UX running XNTP. The vulnerabilities could be exploited remotely to execute arbitrary code. A patch is available now.

System: Red Hat Linux
Topic: Vulnerabilities in Tomcat
Links: RHSA-2009-1164, CVE-2007-5333, CVE-2008-5515, CVE-2009-0033, CVE-2009-0580, CVE-2009-0781, CVE-2009-0783, ESB-2009.1085
ID: ae-200907-045

Several vulnerabilities were found in the Tomcat JSP/Servlet container. Fixed packages are available now.

System: Various
Topic: Vulnerabilities in Mozilla Firefox, Thunderbird, and Seamonkey
Links: Mozilla, CVE-2009-2462, CVE-2009-2463, CVE-2009-2464, CVE-2009-2465, CVE-2009-2466, CVE-2009-2467, CVE-2009-2469, CVE-2009-2471, CVE-2009-2472, RHSA-2009-1162, RHSA-2009-1163, ESB-2009.1083, ESB-2009.1084, DSA-1840, ESB-2009.1090, SUSE-SA:2009:039, ESB-2009.1097, SUSE-SA:2009:042, ESB-2009.1139
ID: ae-200907-044

Several vulnerabilities were found in the Mozilla Firefox browser, Thuderbird and Seamonkey. Fixed software is available now.

System: Sun Solaris
Topic: Vulnerabilities in Sun Ray Server Software
Links: Sun Alert #253889, CVE-2009-2489, CVE-2009-2490, CVE-2009-2491, ESB-2009.1079
ID: ae-200907-043

Two security vulnerabilities in sun ray server software 4.0 on systems with trusted extensions enabled may allow either a denial of service (dos) of the audio service or unauthorized access to other users' sessions. Patches are available now.

System: Debian GNU/Linux
Topic: Vulnerabilities in dbus and gst-plugins-good
Links: DSA-1837, CVE-2009-1189, ESB-2009.1074,
DSA-1839, CVE-2009-1932, ESB-2009.1075
ID: ae-200907-042

It was discovered that the dbus_signature_validate function in dbus, a simple interprocess messaging system, is prone to a denial of service attack.
It has been discovered that gst-plugins-good0.10, the GStreamer plugins from the "good" set, are prone to an integer overflow, when processing a large PNG file. This could lead to the execution of arbitrary code.
Fixed packages are available now.

System: Various
Topic: Vulnerability in pulseaudio
Links: CVE-2009-1894, DSA-1838, ESB-2009.1077, MDVSA-2009:152
ID: ae-200907-041

It was discovered that the pulseaudio daemon does not drop privileges before re-executing itself, enabling local attackers to increase their privileges. Fixed software is available now.

System: Sun Solaris, OpenSolaris
Topic: Vulnerabilities in IP Filter and NFSv4
Links: Sun Alert #260951, ESB-2009.1071,
Sun Alert #262788, ESB-2009.1072
ID: ae-200907-040

A security vulnerability in the Solaris IP Filter (ipfilter(5)) may allow a local or remote unprivileged user to panic the system. This is a type of Denial of Service (DoS).
A security vulnerability in the Solaris NFSv4 kernel module may allow a local unprivileged user to panic an NFSv4 client system, thereby leading to a Denial of Service (DoS) condition.
Patches are available now.

System: Debian GNU/Linux
Topic: Vulnerabilities in fckeditor
Links: DSA-1836, CVE-2009-2265, ESB-2009.1069
ID: ae-200907-039

It was discovered that multiple input sanitising vulnerabilities in Fckeditor, a rich text web editor component, may lead to the execution of arbitrary code. Fixed packages are available now.

System: Sun Solaris
Topic: Vulnerability in Sun Fire V215 Server
Links: Sun Alert #257329, CVE-2009-2458, ESB-2009.1067
ID: ae-200907-038

A security vulnerability in certain system board firmware revisions of Sun Fire V215 servers with XVR-100 graphic cards may allow an unprivileged user to panic the system. Patches are available now.

System: Various
Topic: Vulnerability in Mozilla Firefox 3.5
Links: VU#443060, CVE-2009-2477, ASB-2009.1015
ID: ae-200907-037

Firefox's Just-in-time (JIT) JavaScript compiler has a flaw which can be exploited by convincing the victim to view a malicious web page. Fixed software is not available yet. Workarounds are described in the advisory.

System: Microsoft Windows
Topic: Vulnerabilities in Cisco Unified Contact Center Express
Links: Cisco, CVE-2009-2047, CVE-2009-2048, ESB-2009.1063
ID: ae-200907-036

Cisco Unified Contact Center Express (Cisco Unified CCX) server contains both a directory traversal vulnerability and a script injection vulnerability in the administration pages of the Customer Response Solutions (CRS) and Cisco Unified IP Interactive Voice Response (Cisco Unified IP IVR) products. Exploitation of these vulnerabilities could result in a denial of service condition, information disclosure, or a privilege escalation attack. Fixed software is available now.

System: Microsoft Windows
Topic: Vulnerability in Microsoft Virtual PC and Virtual Server
Links: MS09-033, CVE-2009-1542, ESB-2009.1051
ID: ae-200907-035

No further comment due to legal reasons

System: Microsoft Windows
Topic: Vulnerability in Microsoft Video ActiveX Control
Links: MS09-032, CVE-2008-0015, ESB-2009.1050
ID: ae-200907-034

No further comment due to legal reasons

System: Microsoft Windows
Topic: Vulnerability in Microsoft Internet Security and Acceleration Server
Links: MS09-031, CVE-2009-1135, ESB-2009.1052
ID: ae-200907-033

No further comment due to legal reasons

System: Microsoft Windows
Topic: Vulnerability in Microsoft Publisher
Links: MS09-030, CVE-2009-0566, ESB-2009.1054, iDefense
ID: ae-200907-032

No further comment due to legal reasons

System: Microsoft Windows
Topic: Vulnerabilities in Microsoft Embedded OpenType Font Engine
Links: MS09-029, CVE-2009-0231, CVE-2009-0232, ESB-2009.1048, iDefense
ID: ae-200907-031

No further comment due to legal reasons

System: Microsoft Windows
Topic: Vulnerabilities in Microsoft DirectShow
Links: MS09-028, CVE-2009-1537, CVE-2009-1538, CVE-2009-1539, ESB-2009.1049
ID: ae-200907-030

No further comment due to legal reasons

System: Red Hat Enterprise Linux 5
Topic: Vulnerabilities in Kernel-rt
Links: RHSA-2009-1157, CVE-2009-1385, CVE-2009-1389, CVE-2009-1630, CVE-2009-1633, CVE-2009-1961, ESB-2009.1059
ID: ae-200907-029

Updated kernel-rt packages that fix several security issues and various bugs are now available for Red Hat Enterprise MRG 1.1 (MRG: Messaging, RealTime and Grid). These vulnerablities allow Denial-of-Service (DoS) as well as the access of confidential data and increasing privileges. So the update should be installed as soon as possible.

System: Various
Topic: Vulnerabilities in ISC DHCP dhclient
Links: VU#410676, ESB-2009.1053, CVE-2009-0692, CVE-2009-1893, RHSA-2009-1136, RHSA-2009-1154, ESB-2009.1055, DSA-1833, ESB-2009.1056, NetBSD-SA2009-010, ESB-2009.1057, MDVSA-2009:151, MDVSA-2009:154, SUSE-SA:2009:037, ESB-2009.1062
ID: ae-200907-028

A stack overflow vulnerability in ISC dhclient allows an attacker operating a rogue DHCP server to execute arbitrary code with root privileges on the affected system by supplying a specially crafted subnet-mask parameter. Fixed software is available now.

System: Various
Topic: Vulnerabilities in libtiff
Links: CVE-2009-2285, CVE-2009-2347, MDVSA-2009:150, DSA-1835, ESB-2009.1061, , ESB-2009.1070, Sun Alert #265808, ESB-2009.1202
ID: ae-200907-027

A buffer underflow in the LZWDecodeCompat function in libtiff allows attackers to cause a denial of service (crash) via a crafted TIFF image. Several possible integer overflow in calculation of buffer sizes were found in tiff2rgba and rgb2ycbcr. Fixed packages are available now.

System: Debian GNU/Linux
Topic: Vulnerabilities in djbdns and camlimages
Links: DSA-1831, CVE-2009-0858, ESB-2009.1043,
DSA-1832, CVE-2009-2295, ESB-2009.1044
ID: ae-200907-026

It was discovered that Daniel djbdns, a Domain Name System server, does not constrain offsets in the required manner, which allows remote attackers with control over a third-party subdomain served by tinydns and axfrdns, to trigger DNS responses containing arbitrary records via crafted zone data for this subdomain.
It was discovered that CamlImages, an open source image processing library, suffers from several integer overflows which may lead to a potentially exploitable heap overflow and result in arbitrary code execution.
Fixed packages are available now.

System: Sun Solaris, OpenSolaris
Topic: Vulnerabilities in Tomcat
Links: Sun Alert #263529, CVE-2008-5515, CVE-2009-0033, CVE-2009-0580, CVE-2009-0781, CVE-2009-0783, ESB-2009.1041
ID: ae-200907-025

Several vulnerabilities were found in the Tomcat JSP/Servlet container bundled in Solaris 9/10 and OpenSolaris. Patches are available now.

System: VMWare ESX Server
Topic: Vulnerabilities in VMware ESX Service Console
Links: VMSA-2009-0008, CVE-2009-0034, CVE-2009-0037, CVE-2009-1185, ESB-2009.1039
ID: ae-200907-024

Vulnerabilities were found in the udev, sudo, adn curl programs of the Service Console. Fixed software is available now.

System: Debian GNU/Linux
Topic: Vulnerability in sork-passwd-h3
Links: DSA-1829, CVE-2009-2360, ESB-2009.1040
ID: ae-200907-023

It was discovered that sork-passwd-h3, a Horde3 module for users to change their password, is prone to a cross-site scripting attack via the backend parameter. Fixed packages are available now.

System: Various
Topic: Vulnerability in Drupal 3rd party module
Links: DRUPAL-SA-CONTRIB-2009-041, ESB-2009.1033
ID: ae-200907-022

A vulnerability allowing cross-site scripting (XSS) was found in the Third-Party Drupal module "Nodequeue". Updated software is available now. Please be aware that Drupal core is not affected.

System: Apple Mac OS X, Microsoft Windows
Topic: Vulnerabilities in Safari
Links: APPLE-SA-2009-07-08-1, CVE-2009-1724, CVE-2009-1725, ESB-2009.1034
ID: ae-200907-021

Several vulnerabilities were found in Apple Safari. Fixed software is available now.

System: Various
Topic: Vulnerabilities in WordPress
Links: CVE-2008-0196, CVE-2009-2334, CVE-2009-2335, CVE-2009-2336, ESB-2009.1035
ID: ae-200907-020

Several vulnerabilities were found in WordPress. Fixed software is available now.

System: Sun OpenSolaris
Topic: Vulnerability in OpenSolaris Process File System
Links: Sun Alert 258828, CVE-2009-2387, ESB-2009.1037
ID: ae-200907-019

A security vulnerability in the OpenSolaris process file system (proc(4)) may allow a local unprivileged user to panic the system and thereby cause a denial of service (DoS). Patches are available now.

System: Various
Topic: Vulnerability in Adobe ColdFusion
Links: APSB09-09, CVE-2009-2265
ID: ae-200907-018

A vulnerability in FCKEditor, which is included as part of ColdFusion 8, could allow a remote attacker to upload files in arbitrary directories which could lead to a system compromise. This issue is remotely exploitable. There are reports that this issue is being exploited in the wild. Fixed software is available now.

System: Various
Topic: Vulnerabilities in httpd
Links: CVE-2009-1890, CVE-2009-1891, RHSA-2009-1148, ESB-2009.1036, MDVSA-2009:149, TLSA-2009-21, RHSA-2009-1155, ESB-2009.1058, DSA-1834, ESB-2009.1060
ID: ae-200907-017

A denial of service flaw was found in the Apache mod_proxy module when it was used as a reverse proxy. A remote attacker could use this flaw to force a proxy process to consume large amounts of CPU time. A denial of service flaw was found in the Apache mod_deflate module. This module continued to compress large files until compression was complete, even if the network connection that requested the content was closed before compression completed. This would cause mod_deflate to consume large amounts of CPU if mod_deflate was enabled for a large file. Fixed packages are available now.

System: SuSE Linux
Topic: Vulnerabilities in optipng, cups, quagga, pango, strongswan, perl-DBD-Pg, irssi, openssl/libopenssl-devel, net-snmp, ImageMagick/GraphicsMagick, perl, ipsec-tools/novell-ipsec-tools, poppler/libpoppler3/libpoppler4, yast2-ldap-server, tomcat6, gstreamer-plugins/gstreamer010-plugins-bad, and apache2-mod_php5
Links: SUSE-SR:2009:011
ID: ae-200907-016

A SUSE Security Summary reports about vulnerabilities in the packages optipng, cups, quagga, pango, strongswan, perl-DBD-Pg, irssi, openssl/libopenssl-devel, net-snmp, ImageMagick/GraphicsMagick, perl, ipsec-tools/novell-ipsec-tools, poppler/libpoppler3/libpoppler4, yast2-ldap-server, tomcat6, gstreamer-plugins/gstreamer010-plugins-bad, and apache2-mod_php5. Updated packages are available now and should be installed on vulnerable systems.

System: Mandriva Linux
Topic: Vulnerabilities in Kernel
Links: MDVSA-2009:148, CVE-2009-1385, CVE-2009-1389, CVE-2009-1930, CVE-2009-1933, CVE-2009-1961, ESB-2009.1031
ID: ae-200907-015

Several vulnerabilities were found in the linux kernel. Fixed kernel packages are available now.

System: NetBSD
Topic: Vulnerabilies in OpenSSL
Links: NetBSD-SA2009-008, CVE-2009-0590, CVE-2009-0591, CVE-2009-0789,
NetBSD-SA2009-009, CVE-2009-1377, CVE-2009-1378, CVE-2009-1379, CVE-2009-1386, CVE-2009-1387, ESB-2009.1032
ID: ae-200907-014

Several vulnerabilities were found in the OpenSSL liubrary libcrypto. Fixed software is available now.

System: Debian GNU/Linux
Topic: Vulnerabilities in ipplan and ocsinventory-agent
Links: DSA-1827, CVE-2009-1732, ESB-2009.1027,
DSA-1828, CVE-2009-0667, ESB-2009.1030
ID: ae-200907-013

It was discovered that ipplan, a web-based IP address manager and tracker, does not sufficiently escape certain input parameters, which allows remote attackers to conduct cross-site scripting attacks.
It was discovered that the ocsinventory-agent which is part of the ocsinventory suite, a hardware and software configuration indexing service, is prone to an insecure perl module search path.
Fixed packages are available now.

System: Sun Solaris, OpenSolaris
Topic: Vulnerabilities in UDP, NFSv4, and smnpd
Links: Sun Alert #262048, CVE-2009-2297, ESB-2009.1019,
Sun Alert #262668, CVE-2009-2296, ESB-2009.1020,
Sun Alert #262708, CVE-2008-4309, ESB-2009.1021
ID: ae-200907-012

A patch regression in Solaris kernel udp(7p) may cause certain Solaris Trusted Extensions configurations to panic at boot time, making the system unavailable. This issue may also allow remote or local unprivileged users to panic the system, thereby causing a Denial of Service (DoS) to the system as a whole.
A security vulnerability in the Solaris NFSv4 Server Kernel Module 'nfs_portmon' tunable may allow certain remote unprivileged users to gain unauthorized network access to share resources, thereby allowing those users to access (read and write) arbitrary files.
A heap-based buffer overflow security vulnerability in the System Management Agent (SMA) SNMP daemon (snmpd(1M)) that ships with Solaris may allow a local or remote unprivileged user to crash the snmpd daemon via a specially crafted SNMP GETBULK request. This is a type of Denial of Service (DoS).
Patches are available now.

System: Debian GNU/Linux
Topic: Vulnerabilities in nagios and eggdrop
Links: DSA-1825, CVE-2009-2288, ESB-2009.1025,
DSA-1826, CVE-2007-2807, CVE-2009-1789, ESB-2009.1024
ID: ae-200907-011

It was discovered that the statuswml.cgi script of nagios, a monitoring and management system for hosts, services and networks, is prone to a command injection vulnerability. Input to the ping and traceroute parameters of the script is not properly validated which allows an attacker to execute arbitrary shell commands by passing a crafted value to these parameters.
Several vulnerabilities have been discovered in eggdrop, an advanced IRC robot.
Fixed packages are available now.

System: SuSE Linux
Topic: Vulnerabilities in java-1_6_0-ibm
Links: SUSE-SA:2009:036,ESB-2009.1015
ID: ae-200907-010

IBM Java 6 SR 5 was released fixing various bugs and critical security issues. They might lead to unwanted access to local data, the execution of arbitrary code as well as a Denial-of-Service (DoS). It's strongly recommended to install the current update, which is available via YOU.

System: Sun Solaris
Topic: Vulnerability in Ultra-SPARC T2 crypto provider device driver
Links: CVE-2009-2137, ESB-2009.1018
ID: ae-200907-009

A memory leak in the Solaris Ultra-SPARC T2 crypto provider device driver (n2cp(7D)) may Result in Denial-of-Service (DoS) to the System as a whole. Patches for Sun Solaris and OpenSolaris address this issue.

System: Red Hat Linux
Topic: Vulnerabilities in openswan, pidgin, and ruby
Links: RHSA-2009-1138, CVE-2009-2185, ESB-2009.1012,
RHSA-2009-1139, CVE-2009-1889, ESB-2009.1013,
RHSA-2009-1140, CVE-2007-1558, CVE-2009-0642, CVE-2009-1904, ESB-2009.1014
ID: ae-200907-008

Multiple insufficient input validation flaws were found in the way Openswan's pluto IKE daemon processed some fields of X.509 certificates. A remote attacker could provide a specially-crafted X.509 certificate that would crash the pluto daemon.
A denial of service flaw was found in the Pidgin OSCAR protocol implementation. If a remote ICQ user sent a web message to a local Pidgin user using this protocol, it would cause excessive memory usage, leading to a denial of service (Pidgin crash).
Several vulnerabilities were found in ruby.
Fixed packages are available now.

System: Various
Topic: Vulnerability in Drupal 3rd party module
Links: DRUPAL-SA-CONTRIB-2009-040, ESB-2009.1000
ID: ae-200907-007

A vulnerability allowing cross-site scripting (XSS) was found in the Third-Party Drupal module "Advanced Forum". Updated software is available now. Please be aware that Drupal core is not affected.

System: Various
Topic: Vulnerabilities in Drupal Core
Links: DRUPAL-SA-CORE-2009-007, ESB-2009.1008
ID: ae-200907-006

Multiple vulnerabilities have been discovered in Drupal Core. Fixed software is available and should be installed now.

System: VMware ESX
Topic: Vulnerability in krb5
Links: CVE-2009-0846, ESB-2009.1011
ID: ae-200907-005

A vulnerability was found in the krb5 package of the ESX service console. A patch is available now.

System: Various
Topic: Vulnerability in Sun Java Web Console
Links: Sun Alert #262428, CVE-2009-2283, ESB-2009.1010
ID: ae-200907-004

Multiple Cross-Site Scripting (XSS) vulnerabilities in Sun Java Web Console may allow a local or remote unprivileged user to execute arbitrary scripting code within a user's browsing session. A patch is available now.

System: HP-UX
Topic: Vulnerability in NFS/ONCplus
Links: HPSBUX02440 SSRT090106, CVE-2009-1421, ESB-2009.1007
ID: ae-200907-003

A security vulnerability has been identified with NFS/ONCplus running on HP-UX. The vulnerability could be exploited locally to create a Denial of Service (DoS) A patch is available now.

System: Various
Topic: Vulnerability in Sun Java System Access Manager
Links: Sun Alert #256568, ESB-2009.1005
ID: ae-200907-002

A cross-site scripting (XSS) vulnerability in the Sun Java System Access Manager Cross-Domain Controller (CDC) may allow an unprivileged remote user to inject code into web pages served by the Access Manager CDC which can result in various impacts including the theft of sensitive information such as cookie information, access to user credentials, or the hijacking of sessions. A patch is available now.

System: NetBSD
Topic: Vulnerabilies in ssh, ntp, and hack
Links: NetBSD-SA2009-005, ESB-2009.1022,
NetBSD-SA2009-006, ESB-2009.1003, CVE-2009-0159, CVE-2009-1252,
NetBSD-SA2009-007
ID: ae-200907-001

A defect exists in SSH protocol that allows active attackers to recover plaintext from an SSH session if a CBC mode cipher is in use. Updated versions of OpenSSH mitigate this problem.
Two remote buffer overflow vulnerabilities have been found in the ntp (Network Time Protocol) code.
Several overflows were found in hack(6).
Fixed software is available now.



(c) 2000-2014 AERAsec Network Services and Security GmbH