Network Security

AERAsec
Network Security
Current Security Messages


Most of the links lead to the corresponding files at CERT or other organisations. So changes take place immediately, especially which patches should be installed or which changes in the configuration should be made to avoid this vulnerability. Some of the files are transferred by FTP.

By the way: If we're not publishing well-known risks inheritant in any widely used platform or program that doesn't mean this particular platform or program is safe to use!

Here you find our network security search engine!


This is some information you send:

Your Browser

CCBot/2.0 (http://commoncrawl.org/faq/)

Your IP address

ec2-23-20-91-134.compute-1.amazonaws.com [23.20.91.134]

Your referer

(filtered or not existing)

Current month, Last month, Last 10 messages, Last 20 messages (index only)

Chosen month 02 / 2012

System: Cisco
Topic: Vulnerabilities in Cisco Wireless LAN Controller (WLC)
Links: Cisco, CVE-2012-0368, CVE-2012-0369, CVE-2012-0370, CVE-2012-0371, ESB-2012.0238
ID: ae-201202-104

Cisco Wireless LAN Controllers are affected by some vulnerabilities. A Denial-of-Service is possible due to vulnerabilities regarding HTTP, IPv6 as well as WebAuth. Additionally, unautorized access is possible. Cisco has released free software updates to address these vulnerabilities.

System: Cisco
Topic: Vulnerability in Cisco Cius
Links: Cisco, CVE-2012-0359, ESB-2012.0237
ID: ae-201202-103

Cisco Cius Software contains a Denial-of-Service (DoS) vulnerability that could cause the device to stop responding. Devices running Cius Software Versions prior to 9.2(1) SR2 are vulnerable. A remote, unauthenticated attacker could exploit this vulnerability by sending malicious network traffic to affected devices. Cisco has released free software updates to address this vulnerability.

System: Cisco
Topic: Vulnerabilities in Cisco Unified Communications Manager and Business Edition
Links: Cisco, CVE-2011-4486, CVE-2011-4487, ESB-2012.0236
ID: ae-201202-102

Cisco Unified Communications Manager devices may allow a remote, unauthenticated attacker with the ability to send crafted Skinny Client Control Protocol (SCCP) messages to an affected device to cause a reload or execute attacker-controlled SQL code. Cisco has released free software updates to address these vulnerabilities.

System: Cisco
Topic: Vulnerabilities in Cisco Unity Connection
Links: Cisco, CVE-2012-0366, CVE-2012-0367, ESB-2012.0235
ID: ae-201202-101

Two vulnerabilities have been found in the Cisco Unity Connection. A possible privilege escalation allows authenticated elevate their privileges and obtain full access to the affected system. Besides this, a Denial-of-Service (DoS) vulnerability might allow an unauthenticated, remote attacker to cause system services to terminate unexpectedly, which may result in a DoS condition. Cisco has released free software updates to address these vulnerabilities.

System: Cisco
Topic: Vulnerabilities in Cisco TelePresence Video Communication Server
Links: Cisco, CVE-2012-0330, CVE-2012-0331, ESB-2012.0234
ID: ae-201202-100

Cisco TelePresence Video Communication Servers running software versions prior to X7.0.1 contain vulnerabilities that could allow an attacker to cause a Denial-of-Service (DoS) condition. Cisco has released free software updates that address these vulnerabilities.

System: Mandriva Linux
Topic: Vulnerability in libxslt
Links: MDVSA-2012:028, CVE-2011-3970
ID: ae-201202-099

A vulnerability in libxslt allows remote attackers to cause a Denial-of-Service (DoS) using unspecified vectors. Updated packages are available now.

System: Debian GNU/Linux
Topic: Vulnerabilities in moodle and file
Links: DSA-2421, ESB-2012.0232,
DSA-2422, ESB-2012.0233
ID: ae-201202-098

Several security issues have been fixed in Moodle, a course management system for online learning. Exploiting them allow remote attackers e.g. unauthorized access.
The file type identification tool file and its associated library libmagic don't properly process malformed files in the Composite Document File (CDF) format, leading to crashes. This Denial-of-Service (DoS) can be avoided by installing the latest packages.

System: Red Hat Enterprise Linux
Topic: Vulnerabilities in java-1.4.2-ibm-sap
Links: RHSA-2012-0343, CVE-2011-3389, CVE-2011-3545, CVE-2011-3547, CVE-2011-3548, CVE-2011-3549, CVE-2011-3552, CVE-2011-3556, CVE-2011-3557, CVE-2011-3560, ESB-2012.0231
ID: ae-201202-097

Updated java-1.4.2-ibm-sap packages that fix several security issues are now available for Red Hat Enterprise Linux 4, 5 and 6 for SAP.

System: Several
Topic: Vulnerability in Shibboleth
Links: Shibboleth, ESB-2012.0230
ID: ae-201202-096

The LDAP support shipped with the Sun/Oracle and OpenJDK JVMs doesn't perform hostname verification when using LDAPS. The lack of hostname verification means that while the connection between the Identity Provider (IdP) and LDAP server is encrypted, the IdP has no way to verify it's actually communicating with the appropriate LDAP server. It's recommended to use startTLS (if supported), or to upgrade to IdP 2.3.6.

System: Mandriva Linux
Topic: Vulnerabilities in ruby, samba, and postgresql8.3
Links: MDVSA-2012:024, CVE-2011-4815,
MDVSA-2012:025, CVE-2012-0870,
PostgreSQL, MDVSA-2012:027, CVE-2012-0866, CVE-2012-0868
ID: ae-201202-095

A vulnerability in Ruby has been found. Hash values are calculated in a wrong manner, so hash collisions are possible. This might lead to a Denial-of-Service (DoS) due to very high CPU consumption.
The smbd in Samba shows a vulnerability that might lead to a heap-based buffer overflow. As a consequence, remote attackers are able to deploy a Denial-of-Service or possibly execute arbitrary code on a vulnerable system.
Several local vulnerabilities have been discovered in PostgreSQL. It was discovered that the permissions of a function called by a trigger are not checked, resulting in privilege escalation. Besides this, reloading a pg_dump file might result in arbitrary SQL command execution when opening a file.
Updates are available now.

System: Debian GNU/Linux
Topic: Multiple vulnerabilities in openjdk-6
Links: DSA-2420, ESB-2012.0229
ID: ae-201202-094

Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform. Expoiting these vulnerabilities might allow remote attackers to access privileged and/or confidential data, to modify arbitrary data as well as to conduct a Denial-of-Service (DoS). Updated packages are available now.

System: Mandriva
Topic: Vulnerability in libpng
Links: MDVSA-2012:022-1, CVE-2011-3026
ID: ae-201202-093

Security issues were identified and fixed in mozilla firefox and thunderbird. An integer overflow in the libpng library can lead to a heap-buffer overflow when decompressing certain PNG images. This leads to a crash, which may be potentially exploitable. The mozilla firefox and thunderbird packages has been upgraded to the latest respective versions whish is not affecte dby this security flaw. Additionally the rootcerts packages has been upgraded to the latest version.

System: Debian GNU/Linux
Topic: Vulnerabilities in postgresql-8.4
Links: dsa-2418, CVE-2012-0868, CVE-2012-0867, CVE-2012-0866, ESB-2012.0227
ID: ae-201202-092

Several local vulnerabilities have been discovered in PostgreSQL, an object-relational SQL database. It was discovered that the permissions of a function called by a trigger are not checked. This could result in privilege escalation. It was discovered that only the first 32 characters of a host name are checked when validating host names through SSL certificates. This could result in spoofing the connection in limited circumstances. It was discovered that pg_dump did not sanitise object names. This could result in arbitrary SQL command execution if a malformed dump file is opened. New updates are available.

System: Debian GNU, Linux, Ubuntu, OSX
Topic: Vulnerabilities in puppet
Links: usn-1372-1, DSA-2419, CVE-2012-1054, CVE-2012-1053, ESB-2012.0226
ID: ae-201202-091

It was discovered that Puppet did not drop privileges when executing commands as different users. If an attacker had control of the execution manifests or the executed command, this could be used to execute code with elevated group permissions. It was discovered that Puppet unsafely opened files when the k5login type is used to manage files. A local attacker could exploit this to overwrite arbitrary files and escalate privileges. New packets are available for download.

System: Debian GNU/Linux
Topic: Vulnerability in fex
Links: dsa-2414, CVE-2012-0869, ESB-2012.0225
ID: ae-201202-090

It was discovered that FEX, a web service for transferring very large files, is not properly sanitizing input parameters of the "fup" script. An attacker can use this flaw to conduct reflected cross-site scripting attacks via various script parameters. A new update is available.

System: AIX
Topic: Vulnerabilities in AIX
Links: icmp_advisory, CVE-2012-0194, CVE-2011-1385, ESB-2012.0224
ID: ae-201202-089

The TCP implementation in IBM AIX 5.3, 6.1, and 7.1, when the Large Send Offload option is enabled, allows remote attackers to cause a denial of service via an unspecified series of packets. New updates are available.

System: Mandriva
Topic: Vulnerability in mozilla
Links: MDVSA-2012:022, CVE-2011-3026
ID: ae-201202-088

An integer overflow in the libpng library can lead to a heap-buffer overflow when decompressing certain PNG images. This leads to a crash, which may be potentially exploitable. New updates are available.

System: Many
Topic: Vulnerability in Bugzilla
Links: CVE-2012-0453, ESB-2012.0223
ID: ae-201202-087

A CSRF vulnerability in the implementation of the XML-RPC API when running under mod_perl could be used to make changes to bugs or execute some admin tasks without the victim's knowledge.

System: Cisco
Topic: Vulnerabilities in Cisco Small Business (SRP 500) Series Services Ready Platforms
Links: cisco-sa-20120223-srp500, CVE-2012-0365, CVE-2012-0364, CVE-2012-0363, ESB-2012.0222
ID: ae-201202-086

Three vulnerabilities have been identified in Cisco Small Business (SRP 500) Series Services Ready Platforms. These vulnerabilities can be exploited using sessions to the Services Ready Platform Configuration Utility web interface. These vulnerabilities could be exploited from the local LAN side of the SRP device by default configuration and the WAN side of the SRP device if remote management is enabled. Remote management is disabled by default. Cisco has released free software updates that address these vulnerabilities.

System: Red Hat Enterprise Linux
Topic: Vulnerabilities in kernel-rt
Links: RHSA-2012-0333, CVE-2012-0810, CVE-2012-0207, CVE-2012-0044, CVE-2012-0038, CVE-2011-4132, CVE-2011-4131, CVE-2011-4127, CVE-2011-4110, CVE-2011-4097, CVE-2011-4077, CVE-2011-2918, ESB-2012.0221
ID: ae-201202-085

Updated kernel-rt packages that fix multiple security issues and various bugs are now available for Red Hat Enterprise Linux.

System: Red Hat Enterprise Linux
Topic: Vulnerability in samba
Links: RHSA-2012-0332, CVE-2012-0870, ESB-2012.0220
ID: ae-201202-084

Updated samba packages that fix one security issue are now available for Red Hat Enterprise Linux 4 and 5, and Red Hat Enterprise Linux 5.3 Long Life, and 5.6 Extended Update Support.

System: Debian GNU/Linux
Topic: Vulnerability in notmuch
Links: dsa-2416, ESB-2012.0219
ID: ae-201202-083

It was discovered that Notmuch, an email indexer, did not sufficiently escape Emacs MML tags. When using the Emacs interface, a user could be tricked into replying to a maliciously formatted message which could lead to files from the local machine being attached to the outgoing message. New packets are available for download.

System: Microsoft Windows
Topic: Vulnerability in HP Data Protector Media Operations
Links: HPSBMU02739 SSRT100280 rev.2, CVE-2011-4791, ESB-2012.0126.2
ID: ae-201202-082

A potential security vulnerability has been identified with HP Data Protector Storage Media Operations (SMO). This vulnerability could be remotely exploited to allow execution of arbitrary code. HP has provided a patch to resolve this vulnerability.

System: HP-UX
Topic: Vulnerability in OpenSSL
Links: HPSBUX02737 SSRT100747 rev.2, CVE-2012-0050, ESB-2012.0105.2
ID: ae-201202-081

A potential security vulnerability has been identified with HP-UX OpenSSL. This vulnerability could be exploited remotely to create a Denial of Service (DoS). HP has provided upgrades to resolve this vulnerability.

System: Network Appliance
Topic: Vulnerability in IBM Websphere DataPower appliance
Links: swg21578730, CVE-2011-3389, ESB-2012.0218
ID: ae-201202-080

A known SSL/TLS vulnerability exists in the SSLv3 and TLS 1.0 protocols. To mitigate the risk of this vulnerability, please follow the specific configuration recommendations in IBM swg21578730.

System: Mandriva
Topic: Vulnerability in libpng
Links: 2012:022, CVE-2011-3026
ID: ae-201202-079

A vulnerability has been found and corrected in libpng. Integer overflow in libpng allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an integer truncation. Updated packages are available now.

System: Debian GNU/Linux, Mandriva
Topic: Vulnerability in libxml2
Links: MDVSA-2012:023, dsa-2417, CVE-2012-0841, ESB-2012.0217
ID: ae-201202-078

It was discovered that the internal hashing routine of libxml2, a library providing an extensive API to handle XML data, is vulnerable to predictable hash collisions. Given an attacker with knowledge of the hashing algorithm, it is possible to craft input that creates a large amount of collisions. As a result it is possible to perform denial of service attacks against applications using libxml2 functionality because of the computational overhead. Updated packages are available now.

System: Red Hat Enterprise Linux 5 / 6
Topic: Many updates for RHEL
Links: RHSA-2012-0149, ESB-2012.203, RHSA-2012-0151, ESB-2012.205, RHSA-2012-0168, ESB-2012.202, RHSA-2012-0321, ESB-2012.0198, RHSA-2012-0322, ESB-2012.0199, RHSA-2012-0323, ESB-2012.200, RHSA-2012-0324, ESB-2012.201, RHSA-2012-0325, ESB-2012.216
ID: ae-201202-077

Several updates are available for Red Hat Enterprise Linux 5 and 6. They address vulnerabilities in cvs, java-1.6.0-openjdk, httpd, libxml2, rhev-hypervisor5, kvm, conga, and jbossweb. It's recommended to install these updates.

System: Debian GNU/Linux
Topic: Vulnerabilities in fex and libmodplug
Links: DSA-2414, CVE-2012-0869, ESB-2012.0196,
DSA-2415, CVE-2011-1761, CVE-2011-2911, CVE-2011-2912, CVE-2011-2913, CVE-2011-2914, CVE-2011-2915, ESB-2012.0197
ID: ae-201202-076

F*X, a web service for transferring very large files, is not properly sanitizing input parameters of the "fup" script. An attacker can use this flaw to conduct reflected Cross-Site Scripting (XSS) attacks via various script parameters.
Several vulnerabilities that can lead to the execution of arbitrary code have been discovered in libmodplug, a library for mod music based on ModPlug.
Updated packages are available now.

System: Red Hat Enterprise Linux 5
Topic: Many updates for RHEL 5
Links: RHSA-2012-0150, ESB-2012.0204, RHSA-2012-0152, ESB-2012.0195, RHSA-2012-0153, ESB-2012.0191, RHSA-2012-0301, ESB-2012.206, RHSA-2012-0302, ESB-2012.207, RHSA-2012-0303, ESB-2012.208, RHSA-2012-0304, ESB-2012.209, RHSA-2012-0305, ESB-2012.210, RHSA-2012-0306, ESB-2012.211, RHSA-2012-0307, ESB-2012.212, RHSA-2012-0308, ESB-2012.213, RHSA-2012-0309, ESB-2012.214, RHSA-2012-0310, ESB-2012.215, RHSA-2012-0311, ESB-2012.0192, RHSA-2012-0312, ESB-2012.0193, RHSA-2012-0313, ESB-2012.0194
ID: ae-201202-075

Several updates are available for Red Hat Enterprise Linux 5. They address vulnerabilities in util-linux, samba, ImageMagick, vixie-cron, cups, busybox, sos, initscripts, kexec-tools, krb5, boost, kernel, xorg-x11 server, sudo, ibutils as well as nfs-utils. It's recommended to install these updates.

System: Debian GNU/Linux
Topic: Vulnerabilities in libarchive
Links: DSA-2413, CVE-2011-1777, CVE-2011-1778, ESB-2012.0189
ID: ae-201202-074

Two buffer overflows have been discovered in libarchive, a library providing a flexible interface for reading and writing archives in various formats. The possible buffer overflows while reading is9660 or tar streams allow remote attackers to execute arbitrary code depending on the application that makes use of this functionality.
Updated packages are available now.

System: Red Hat Enterprise Linux
Topic: Vulnerability in libpng
Links: RHSA-2012-0317, CVE-2011-3026, ESB-2012.0190
ID: ae-201202-073

Updated java-1.6.0-sun packages that fix several security issues are now available for Red Hat Enterprise Linux 4 Extras, and Red Hat Enterprise Linux 5 and 6 Supplementary.

System: Appliance
Topic: Vulnerability in HP StorageWorks P2000 G3
Links: ZDI-12-015, CVE-2011-4788, VU #885499
ID: ae-201202-072

HP StorageWorks P2000 G3 contains an embedded webserver which is vulnerable to a directory traversal vulnerability which may allow a remote, unauthenticated attacker to obtain sensitive information. A solution to this problem is currently unknown.

System: Many
Topic: Vulnerability in phpMyAdmin
Links: PMASA-2012-1, CVE-2012-1190, ESB-2012.0188
ID: ae-201202-071

In phpMyAdmin a Cross-Site Scripting (XSS) attack is possible. To exploit this vulnerability, a crafted database name is used. It's recommended to upgrade to phpMyAdmin 3.4.10.1 or to apply the corresponding patch.

System: Debian GNU/Linux
Topic: Vulnerabilities in mumble and libvorbis
Links: DSA-2411, CVE-2012-0863, ESB-2012.0186,
DSA-2412, CVE-2012-0444, ESB-2012.0187
ID: ae-201202-070

It was discovered that mumble, a VoIP client, doesn't probably manage permission on its user-specific configuration files, allowing other local users on the system to access them. Further on, it has been discovered that a heap overflow in the Vorbis audio compression library could lead to the execution of arbitrary code if a malformed Ogg Vorbis file is processed.
Updated packages are available now.

System: Microsoft Windows
Topic: Vulnerabilities in Citrix XenServer Web Self Service
Links: CTX132219, ESB-2012.0184
ID: ae-201202-069

A number of security vulnerabilities have been identified in the management web interface of Citrix XenServer Web Self Service. These vulnerabilities affect all currently supported versions of Web Self Service prior to version 1.1.1. These vulnerabilities have been addressed in a new version of the Web Self Service virtual appliance.

System: Red Hat Enterprise Linux
Topic: Vulnerability in Mozilla Thunderbird/SeaMonkey/Firefox
Links: RHSA-2012-0140, RHSA-2012-0141, RHSA-2012-0142, RHSA-2012-0143, CVE-2011-0178, ESB-2012.0183
ID: ae-201202-068

An updated thunderbird package that fixes one security issue is now available for Red Hat Enterprise Linux 6. A heap-based buffer overflow flaw was found in the way Thunderbird handled PNG images. An HTML mail message or remote content containing a specially-crafted PNG image could cause Thunderbird to crash or, possibly, execute arbitrary code with the privileges of the user running Thunderbird.

System: Red Hat Enterprise Linux
Topic: Vulnerabilities in java-1.6.0-sun
Links: RHSA-2012-0139, CVE-2012-0506, CVE-2012-0505, CVE-2012-0503, CVE-2012-0502, CVE-2012-0501, CVE-2012-0500, CVE-2012-0499, CVE-2012-0498, CVE-2011-5035, CVE-2011-3571, CVE-2011-3563, ESB-2012.0182
ID: ae-201202-067

Updated java-1.6.0-sun packages that fix several security issues are now available for Red Hat Enterprise Linux 4 Extras, and Red Hat Enterprise Linux 5 and 6 Supplementary.

System: Cisco
Topic: Vulnerability in Cisco NX-OS
Links: cisco-sa-20120215-nxos, CVE-2012-0352, ESB-2012.0181
ID: ae-201202-066

Cisco NX-OS Software is affected by a denial of service (DoS) vulnerability that could cause Cisco Nexus 1000v, 5000, and 7000 Series Switches that are running affected versions of Cisco NX-OS Software to reload when the IP stack processes a malformed IP packet. New updates are available.

System: Many
Topic: Vulnerabilities in Adobe Flash Player
Links: APSB12-03, CVE-2012-0767, CVE-2012-0756, CVE-2012-0755, CVE-2012-0754, CVE-2012-0753, CVE-2012-0752, CVE-2012-0751, ESB-2012.0180,
RHSA-2012-0144, ESB-2012.0185
ID: ae-201202-065

Several vulnerabilities have been discovered in Adobe Flash player. New updates are available for download.

System: Many
Topic: Vulnerability in IBM Rational License Key Server
Links: swg21579415, CVE-2011-3547, ESB-2012.0179
ID: ae-201202-064

IBM Rational License Key Server and IBM Rational License Key Administrator have upgraded the JRE that they package in order to mitigate a security vulnerability in Java Runtime Environment.

System: Many
Topic: Vulnerability in libpng
Links: dsa-2410, CVE-2011-3026, ESB-2012.0178
ID: ae-201202-063

An integer overflow in the libpng PNG library, which could lead to the execution of arbitrary code if a malformed image is processed, was discovered. New packets are available for download to address this issue.

System: Debian GNU/Linux
Topic: Vulnerabilities in devscripts
Links: dsa-2409, CVE-2012-0212, CVE-2012-0211, CVE-2012-0210, ESB-2012.0177
ID: ae-201202-062

Several vulnerabilities have been discovered in debdiff, a script used to compare two Debian packages, which is part of the devscripts package. New packets are available for download.

System: Red Hat Enterprise Linux
Topic: Vulnerabilities in texlive
Links: RHSA-2012-0137, CVE-2011-1554, CVE-2011-1553, CVE-2011-1552, CVE-2011-0764, CVE-2011-0433, CVE-2010-2642, ESB-2012.0176
ID: ae-201202-061

Off-by-one error in t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6 and other products, allows remote attackers to cause a denial of service via a PDF document containing a crafted Type 1 font that triggers an invalid memory read, integer overflow, and invalid pointer dereference. New packets are available for download.

System: Red Hat Enterprise Linux
Topic: Vulnerabilities in rhev-hypervisor6
Links: RHSA-2012-0109, CVE-2012-0056, CVE-2012-0050, CVE-2012-0029, CVE-2011-4619, CVE-2011-4609, CVE-2011-4577, CVE-2011-4576, CVE-2011-4108, CVE-2009-5029, ESB-2012.0174
ID: ae-201202-060

An updated rhev-hypervisor6 package that fixes multiple security issues and various bugs is now available.

System: Microsoft Windows
Topic: Vulnerabilities in Adobe RoboHelp
Links: apsb12-04, CVE-2012-0765, ESB-2012.0173
ID: ae-201202-059

Multiple cross-site scripting (XSS) vulnerabilities in Adobe RoboHelp 8 and 9 for Word allow remote attackers to inject arbitrary web script or HTML via a crafted URL. New updates are available.

System: Mandriva
Topic: Vulnerability in phpldapadmin
Links: MDVSA-2012:020, CVE-2012-0834
ID: ae-201202-058

Cross-site scripting (XSS) vulnerability in lib/QueryRender.php in phpLDAPadmin 1.2.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the base parameter in a query_engine action to cmd.php. New packets are available.

System: Many
Topic: Vulnerabilities in java-1.6.0-openjdk
Links: RHSA-2012-0135, CVE-2012-0506, CVE-2012-0505, CVE-2012-0503, CVE-2012-0502, CVE-2012-0501, CVE-2012-0497, CVE-2011-5035, CVE-2011-3571, CVE-2011-3563, ESB-2012.0171
ID: ae-201202-057

Updated java-1.6.0-openjdk packages that fix several security issues are now available for Red Hat Enterprise Linux 6.

System: Red Hat Enterprise Linux
Topic: Vulnerability in libvorbis
Links: RHSA-2012-0136, CVE-2012-0444
ID: ae-201202-056

Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize nsChildView data structures, which allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted Ogg Vorbis file. New updates are available for download, to eliminate these vulnerability.

System: Red Hat Enterprise Linux Server 6
Topic: Vulnerabilities in Red Hat
Links: RHSA-2012-0116, CVE-2011-4110, CVE-2011-3638, CVE-2011-3637, CVE-2011-3347, CVE-2011-1020, ESB-2012.0170
ID: ae-201202-055

Multiple vulnerabilities in the Linux kernel may allow local attackers to execute arbitrary code with the privileges of the kernel. New updates are available for download, to eliminate these vulnerabilities.

System: Microsoft Windows, OSX
Topic: Vulnerabilities in Microsoft .NET Framework
Links: ms12-016, CVE-2012-0015, CVE-2012-0014, ESB-2012.0169
ID: ae-201202-054

Microsoft .NET Framework 2.0 SP2 and 3.5.1 does not properly calculate the length of an unspecified buffer, which allows remote attackers to execute arbitrary code via a crafted XAML browser application. New updates are available.

System: Microsoft Windows
Topic: Vulnerabilities in Microsoft Visio Viewer
Links: ms12-015, CVE-2012-0138, CVE-2012-0137, CVE-2012-0136, CVE-2012-0020, CVE-2012-0019, ESB-2012.0168
ID: ae-201202-053

Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files, which allows remote attackers to execute arbitrary code via crafted attributes in a Visio file. New updates are available.

System: Microsoft Windows
Topic: Vulnerability in Microsoft Windows
Links: ms12-014, CVE-2010-3138, ESB-2012.0167
ID: ae-201202-052

Untrusted search path vulnerability in the Indeo filter (iac25_32.ax) in Microsoft Windows allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse iacenc.dll that is located in the same folder as an AVI. New updates are available.

System: Microsoft Windows
Topic: Vulnerability in Microsoft Windows
Links: ms12-013, CVE-2012-0150, ESB-2012.0166
ID: ae-201202-051

Buffer overflow in msvcrt.dll in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted media file. New updates are available.

System: Microsoft Windows
Topic: Vulnerability in Microsoft Windows
Links: ms12-012, CVE-2010-5082, ESB-2012.0165
ID: ae-201202-050

A vulnerability in color control panel could allow remote attackers to execute arbitrary code. New updates are available.

System: Microsoft Windows
Topic: Vulnerabilities in Microsoft SharePoint
Links: ms12-011, CVE-2012-0145, CVE-2012-0144, CVE-2012-0017, ESB-2012.0164
ID: ae-201202-049

Cross-site scripting (XSS) vulnerability in wizardlist.aspx in Microsoft Office SharePoint Server 2010 Gold and SP1 and SharePoint Foundation 2010 Gold and SP1 allows remote attackers to inject arbitrary web script or HTML via JavaScript sequences in a URL. New updates are available.

System: Microsoft Windows
Topic: Vulnerabilities in Microsoft Internet Explorer
Links: ms12-010, CVE-2012-0155, CVE-2012-0012, CVE-2012-0011, CVE-2012-0010, ESB-2012.0163
ID: ae-201202-048

Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object. New updates are available.

System: Microsoft Windows
Topic: Vulnerabilities in Microsoft Windows
Links: ms12-009, CVE-2012-0149, CVE-2012-0148, ESB-2012.0162
ID: ae-201202-047

Afd.sys in the Ancillary Function Driver in Microsoft Windows Server 2003 SP2 does not properly validate user-mode input passed to kernel mode, which allows local users to gain privileges via a crafted application. New updates are available.

System: Microsoft Windows
Topic: Vulnerabilities in Microsoft Windows
Links: ms12-008, CVE-2012-0154, CVE-2011-5046, ESB-2012.0161
ID: ae-201202-046

Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows allows local users to gain privileges via a crafted application that triggers keyboard layout errors. New updates are available.

System: Mandriva Enterprise Server
Topic: Vulnerabilities in apr
Links: MDVSA-2012:019, CVE-2012-0840
ID: ae-201202-045

A vulnerability has been found and corrected in ASF APR. tables/apr_hash.c in the Apache Portable Runtime (APR) library through 1.4.5 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service via crafted input to an application that maintains a hash table. A new update is available.

System: Many
Topic: Vulnerabilities in IBM solidDB
Links: swg1IC81244, ESB-2012.0160
ID: ae-201202-044

The solidDB server can shut down abnormally when running a query where a part of WHERE condition is fully redundant by other conditions. A new update is available.

System: Debian GNU/Linux
Topic: Vulnerabilities in php5
Links: dsa-2408, CVE-2012-0831, CVE-2012-0788, CVE-2012-0781, CVE-2011-4153, CVE-2011-3267, CVE-2011-3182, CVE-2011-1657, CVE-2011-1470, CVE-2011-1469, CVE-2011-1468, CVE-2011-1467, CVE-2011-1464, CVE-2011-1148, CVE-2011-1092, CVE-2011-1072, CVE-2010-4697, ESB-2012.0159
ID: ae-201202-043

Several vulnerabilities have been discovered in PHP, the web scripting language. New packets are available for download, to fix this issues.

System: Red Hat Enterprise Linux
Topic: Vulnerabilities in httpd
Links: RHSA-2012-0128, CVE-2012-0053, CVE-2012-0031, CVE-2011-4317, CVE-2011-3639, CVE-2011-3368, ESB-2012.0158
ID: ae-201202-042

Updated httpd packages that fix multiple security issues are now available for Red Hat Enterprise Linux.

System: Red Hat Enterprise Linux
Topic: Vulnerabilities in mysql
Links: RHSA-2012-0127, CVE-2012-0490, CVE-2012-0484, CVE-2012-0114, CVE-2012-0102, CVE-2012-0101, CVE-2012-0087, CVE-2012-0075, ESB-2012.0157
ID: ae-201202-041

Updated mysql packages that fix several security issues are now available for Red Hat Enterprise Linux.

System: Red Hat Enterprise Linux
Topic: Vulnerabilities in glibc
Links: RHSA-2012-0125, RHSA-2012-0126, CVE-2011-4609, CVE-2011-1659, CVE-2011-1095, CVE-2011-1089, CVE-2011-1071, CVE-2011-0830, CVE-2010-0296, CVE-2009-5064, CVE-2009-5029, ESB-2012.0156
ID: ae-201202-040

Updated glibc packages that fix multiple security issues and one bug are now available for Red Hat Enterprise Linux.

System: Windows
Topic: Vulnerabilities in Ing. Punzenberger COPA-DATA GmbH Zenon
Links: CVE-2011-4039, CVE-2011-4038, ESB-2012.0153
ID: ae-201202-039

Multiple denial of service (DoS) vulnerabilities in the Ing. Punzenberger COPA-DATA GmbH zenon human-machine interface (HMI) system have been identified. Successful exploitation of these vulnerabilities may allow an attacker to execute a denial of service (DoS) attack and potentially execute arbitrary code. New updates are available.

System: Windows
Topic: Vulnerabilities in Invensys Wonderware HMI Reports
Links: CVE-2011-4039, CVE-2011-4038, ESB-2012.0153
ID: ae-201202-038

Cross-site scripting (XSS) and write access violation vulnerabilities in the Invensys Wonderware HMI reports product have been identified. Successful attacks could result in data leakage, denial of service, or remote code execution. New updates are available.

System: Mandriva Linux
Topic: Vulnerability in GLPI
Links: FullDisclosure, MDVSA-2012:016, CVE-2012-1037
ID: ae-201202-037

A File Inclusion vulnerability was discovered and corrected in GLPI. The advisory provides the latest version of GLPI (0.80.7) that is not vulnerable to this issue.

System: Several
Topic: Vulnerabilities in jbosscache
Links: RHSA-2012-0108, CVE-2012-0034, ESB-2012.0151
ID: ae-201202-036

An update for JBoss Enterprise Application Platform 5.1.2 that fixes one security issue is now available from the Red Hat Customer Portal. If not fixed, a local user might access privileged data.

System: Red Hat Enterprise Linux 5
Topic: Vulnerabilities in Kernel
Links: RHSA-2012-0107, CVE-2011-3638, CVE-2011-4086, CVE-2011-4127, CVE-2012-0028, CVE-2012-0207, ESB-2012.0150
ID: ae-201202-035

Updated kernel packages that fix multiple security issues and two bugs are now available for Red Hat Enterprise Linux 5. Exploiting them might allow local users a Denial-of-Service (DoS) or a root compromise. So installing this update is recommended.

System: Debian GNU/Linux
Topic: Vulnerabilities in icedove and cvs
Links: dsa-2406, CVE-2011-3670, CVE-2012-0442, CVE-2012-0444, CVE-2012-0449, ESB-2012.0148,
dsa-2407, CVE-2012-0804, ESB-2012.0149
ID: ae-201202-034

Several vulnerabilities have been discovered in Icedove, Debian's variant of the Mozilla Thunderbird code base. Exploiting them might lead to a Denial-of-Service (DoS), access to confidential data or remote code execution.
It has been discovered that a malicious CVS server could cause a heap overflow in the CVS client, potentially allowing the server to execute arbitrary code on the client.
Updated packages are available now.

System: Various
Topic: Vulnerability in HP System Management Homepage (SMH)
Links: HPSBMU02742 SSRT100740, CVE-2011-3869, ESB-2012.0147
ID: ae-201202-033

A potential security vulnerability has been identified with HP System Management Homepage (SMH) for Linux and Windows. The vulnerability could be exploited remotely resulting in unauthorized disclosure of information. HP has referenced a workaround to resolve the vulnerabilities.

System: Red Hat Enterprise Linux
Topic: Vulnerabilities in Squirrelmail, MySQL, and libxml2
Links: RHSA-2012-0103, CVE-2010-1637, CVE-2010-2813, CVE-2010-4554, CVE-2010-4555, CVE-2011-2023, CVE-2011-2752, CVE-2011-2753,
RHSA-2012-0104, CVE-2011-3919, ESB-2012.0145,
RHSA-2012-0105, ESB-2012.0146
ID: ae-201202-032

SquirrelMail is a standards-based webmail package written in PHP. Some vulnerabilities have been found, allowing e.g. Cross-Site Scripting (XSS) attacks, Cross-Site Request Forgery (CSRF) attacks or a Denial-of-Service (DoS).
The libxml2 library is a development toolbox providing the implementation of various XML standards. A heap-based buffer overflow flaw was found in the way libxml2 decoded entity references with long names. A remote attacker could provide a specially-crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application.
MySQL is a multi-user, multi-threaded SQL database server. Several vulnerabilities might allow local users a Denial-of-Service (DoS) or access to confidential data.
Updated packages address these issues.

System: Many
Topic: Vulnerability in several DNS resolvers
Links: ISC, NDSS 2012, CVE-2012-1033, VU #542123, ESB-2012.0152
ID: ae-201202-031

ISC BIND 9 resolver contains a vulnerability that could allow a attacker to keep a domain name in the cache even after it has been deleted from registration. This is not only a problem of BIND because it's due to design issues in the DNS protocol. A solution isn't available now.

System: Various
Topic: Vulnerability in several products of HP
Links: HPSBMU02736 SSRT100699, CVE-2008-3273, CVE-2010-1428, CVE-2010-1429, ESB-2012.0144
ID: ae-201202-030

Potential security vulnerabilities have been identified with HP Business Availability Center (BAC) and Business Service Management (BSM). The vulnerabilities could be remotely exploited to allow unauthorized access to sensitive information. HP has made procedures available to resolve the vulnerabilities.

System: HP-UX
Topic: Vulnerabilities in Tomcat
Links: HPSBUX02741 SSRT100728, CVE-2006-7243, CVE-2011-4858, CVE-2011-4885, CVE-2012-0022, ESB-2012.0143
ID: ae-201202-029

Several vulnerabilities have been found in Tomcat, a servlet and JSP engine, which may lead to information disclosure, reduced security, or may enable Denial-of-Service (DoS). New updates are available.

System: Mandriva Linux
Topic: Vulnerability in GLPI
Links: MDVSA-2012:014, CVE-2011-2720
ID: ae-201202-028

GLPI is a web-based software for IT resource management. The autocompletion functionality in GLPI before 0.80.2 doesn't blacklist certain username and password fields, which allows remote attackers to obtain sensitive information via a crafted POST request. Updated packages are available now.

System: Red Hat Enterprise Linux
Topic: Vulnerability in Red Hat Network
Links: RHSA-2012-0101, RHSA-2012-0102, CVE-2012-0059, ESB-2012.0141
ID: ae-201202-027

Red Hat Network (RHN) Proxy provides a mechanism for caching content, such as package updates from Red Hat. If a user submits a system registration XML-RPC call to a RHN Proxy server and that call fails, their RHN user password is included in plain text in the error messages. With an update, user passwords are excluded from these error messages to avoid the exposure of authentication credentials.

System: Red Hat Enterprise Linux
Topic: Vulnerability in Red Hat Enterprise MRG
Links: RHSA-2012-0099, RHSA-2012-0100, CVE-2011-4930, ESB-2012.0142
ID: ae-201202-026

Red Hat Enterprise MRG (Messaging, Realtime, and Grid) is a next-generation IT infrastructure for enterprise computing. Updated Grid component packages that fix multiple security issues, multiple bugs, and add various enhancements are now available for Red Hat Enterprise MRG 2 for Red Hat Enterprise Linux.

System: Various
Topic: Vulnerability in various HP products
Links: HPSBGN02740 SSRT100741, CVE-2010-3864, ESB-2012.0139
ID: ae-201202-025

A potential security vulnerability has been identified with HP Operations Manager, Operations Agent, Performance Agent, Service Health Reporter, Service Health Optimizer, and Performance Manager. The vulnerability can be remotely exploited to execute arbitrary code. HP has made a hotfix available.

System: Mac OS X
Topic: Vulnerabilities in Apple Mac OS X
Links: HT5130, CVE-2011-2895, CVE-2011-1167, ESB-2012.0138
ID: ae-201202-024

Security Update 2012-001 v1.1 is now available for Mac OS X v10.6.8 systems to address a compatibility issue. Version 1.1 of this update removes the ImageIO security fixes released in Security Update 2012-001.

System: Debian GNU/Linux
Topic: Vulnerabilities in cacti
Links: dsa-2384, CVE-2011-4824, CVE-2011-2545, CVE-2011-2543, CVE-2010-1645, CVE-2010-1644, ESB-2012.0137
ID: ae-201202-023

Several vulnerabilities have been discovered in Cacti, a graphing tool for monitoring data. Multiple cross site scripting issues allow remote attackers to inject arbitrary web script or HTML. An SQL injection vulnerability allows remote attackers to execute arbitrary SQL commands. New packets are available.

System: Debian GNU/Linux
Topic: Vulnerability in xen-qemu-dm-4.0
Links: dsa-2404, CVE-2012-0029, ESB-2012.0136
ID: ae-201202-022

Heap-based buffer overflow in the process_tx_desc function in the e1000 emulation (hw/e1000.c) in qemu-kvm 0.12, and possibly other versions, allows guest OS users to cause a denial of service (QEMU crash) and possibly execute arbitrary code via crafted legacy mode packets. New packets are available.

System: Debian GNU/Linux
Topic: Vulnerability in php5
Links: dsa-2403, CVE-2012-0830, ESB-2012.0135
ID: ae-201202-021

It was discovered that the implementation of the max_input_vars configuration variable in a recent PHP security update was flawed such that it allows remote attackers to crash PHP or potentially execute code. New updates are available.

System: Debian GNU/Linux
Topic: Vulnerabilities in iceape
Links: dsa-2402, CVE-2012-0449, CVE-2012-0444, CVE-2012-0442, CVE-2011-3670, ESB-2012.0134
ID: ae-201202-020

Several vulnerabilities have been found in the Iceape internet suite, an unbranded version of Seamonkey. These vulnerabilities may allow remote attackers to execute arbitrary code. New updates are available.

System: Debian GNU/Linux
Topic: Vulnerabilities in iceweasel
Links: dsa-2400, CVE-2012-0449, CVE-2012-0444, CVE-2012-0442, CVE-2011-3670, CVE-2011-4858, ESB-2012.0133
ID: ae-201202-019

Several vulnerabilities have been discovered in Iceweasel, a web browser based on Firefox. The included XULRunner library provides rendering services for several other applications included in Debian. New updates are available.

System: Debian GNU/Linux
Topic: Vulnerabilities in tomcat6
Links: dsa-2401, CVE-2012-0022, CVE-2011-5064, CVE-2011-5063, CVE-2011-5062, CVE-2011-4858, CVE-2011-3375, CVE-2011-3190, CVE-2011-2526, CVE-2011-2204, CVE-2011-1184, ESB-2012.0132
ID: ae-201202-018

Several vulnerabilities have been found in Tomcat, a servlet and JSP engine, which may lead to information disclosure, reduced security, or may enable denial of service (DoS). New updates are available.

System: AIX
Topic: Vulnerability in AIX
Links: CVE-2012-0194, ESB-2012.0131
ID: ae-201202-017

AIX could allow a remote attacker to cause a denial of service, caused by an error when the TCP large send offload option is enabled on a network interface. By sending a specially-crafted sequence of packets, an attacker could exploit this vulnerability to cause a kernel panic. A new update is available.

System: Many
Topic: Vulnerability in EMC Documentum xPlore
Links: CVE-2012-0396, ESB-2012.0130, X-Force #72994
ID: ae-201202-016

EMC Documentum xPlore contains an information disclosure vulnerability that may allow unauthorized users, under certain circumstances, to see certain information on protected objects in an xPlore search result. A new update is available.

System: Debian GNU/Linux
Topic: Vulnerabilities in cacti
Links: DSA-2384, CVE-2010-1644, CVE-2010-1645, CVE-2010-2543, CVE-2010-2545, CVE-2011-4824
ID: ae-201202-015

Several vulnerabilities have been discovered in Cacti, a graphing tool for monitoring data. Multiple Cross-Site Scripting (XSS) issues allow remote attackers to inject arbitrary web script or HTML. An SQL injection vulnerability allows remote attackers to execute arbitrary SQL commands.
Updated packages are available now.

System: Various
Topic: Vulnerability in Project Open
Links: VU #732115
ID: ae-201202-014

Project Open is the link between ERP and Project Management. A Cross-Site Scripting (XSS) vulnerability might allow attackers to run script code in a victims browser in the context of the web server. Until now, an update isn't available.

System: Various
Topic: Vulnerability in EMC Documentum Content Server
Links: ESA-2012-009, CVE-2011-4144, ESB-2012.0129
ID: ae-201202-013

The EMC Documentum Content Server 6.x contains a privilege elevation vulnerability that may allow an unauthorized user to obtain highest administrative privileges on the system. Patches are available now.

System: Various
Topic: Vulnerability in several products of HP
Links: HPSBGN02740 SSRT100741, CVE-2010-3864, ESB-2012.0128
ID: ae-201202-012

A potential security vulnerability has been identified with HP Operations Manager, Operations Agent, Performance Agent, Service Health Reporter, Service Health Optimizer, and Performance Manager. The vulnerability can be remotely exploited to execute arbitrary code. HP has made a hotfix available for affected products.

System: Microsoft Windows
Topic: Vulnerability in RSA enVision 4.x
Links: ESA-2012-007, CVE-2011-4143, ESB-2012.0127
ID: ae-201202-011

An environmental variable disclosure vulnerability has been found in RSA enVision. This could allow an unauthenticated user to gain information about the web system setup. RSA strongly recommends an upgrade to RSA enVision 4.1 P3 or V4.0 SP4 P5.

System: Microsoft Windows
Topic: Vulnerability in HP Data Protector Media Operations
Links: HPSBMU02739, SSRT100280, CVE-2011-4791, ESB-2012.0126
ID: ae-201202-010

A potential security vulnerability has been identified with HP Data Protector Media Operations. This vulnerabilities could be remotely exploited to allow execution of arbitrary code.
HP has provided a patch to resolve this vulnerability.

System: Various
Topic: Vulnerabilities in Bugzilla
Links: Bugzilla, CVE-2012-0440, CVE-2012-0448, ESB-2012.0125
ID: ae-201202-009

Bugzilla is a Web-based bug-tracking system. Two vulnerabilities have been found within Bugzilla. When a user creates a new account, Bugzilla doesn't correctly reject E-Mail addresses containing non-ASCII characters, which could be used to impersonate another user account. Additionally, a Cross-Site Request Forgery (CSRF) vulnerability in the implementation of the JSON-RPC API could be used to make changes to bugs or execute some admin tasks without the victim's knowledge.
The fixes for these issues are included in the 3.4.14, 3.6.8, 4.0.4, and 4.2rc2 releases of Bugzilla.

System: Red Hat Enterprise Linux
Topic: Vulnerabilities in PHP, freetype, and ghostscript
Links: RHSA-2012-0092, RHSA-2012-0093, CVE-2011-4885, CVE-2012-0830, ESB-2012.0121, ESB-2012.0120,
RHSA-2012-0094, CVE-2011-3256, CVE-2011-3439, ESB-2012.0123,
RHSA-2012-0095, RHSA-2012-0096, CVE-2009-3743, CVE-2010-2055, CVE-2010-4054, CVE-2010-4820, ESB-2012.0124
ID: ae-201202-008

It has been discovered that the implementation of the max_input_vars configuration variable in a recent PHP security update was flawed such that it allows remote attackers to crash PHP or potentially execute code.
FreeType is a font engine that can open and manage font files. Multiple input validation flaws have been found found in the way FreeType processes bitmap font files and CID-keyed fonts. Specially crafted files might cause an application linked against FreeType to crash or allow an attacker to execute arbitrary code on the vulnerable system.
Ghostscript is a set of software that provides e.g. a PostScript interpreter. Several well known vulnerabilities might cause a Denial-of-Service (DoS) or remote code execution.
Updated packages are available now.

System: Debian GNU/Linux
Topic: Vulnerabilities in tomcat6 and php5
Links: DSA-2401, ESB-2012.0116,
DSA-2403, CVE-2012-0830, ESB-2012.0119
ID: ae-201202-007

Several vulnerabilities have been found in Tomcat, a servlet and JSP engine. Exploiting them might allow remote and unauthenticated attackers access to confidential data or Denial-of-Service (DoS).
It has been discovered that the implementation of the max_input_vars configuration variable in a recent PHP security update was flawed such that it allows remote attackers to crash PHP or potentially execute code.
Updated packages are available now.

System: Various
Topic: Vulnerabilities in Drupal Core
Links: DRUPAL_SA-CORE-2012-001, CVE-2012-0825, CVE-2012-0826, CVE-2012-0827, ESB-2012.0115
ID: ae-201202-006

Multiple vulnerabilities have been found in Drupal Core. They might allow a Cross-Site Request Forgery (XSRF) attack, a Denial-of-Service (DoS) or unauthorized access. Users should upgrade to Drupal 6.23 or 7.11, respectively.

System: Mac OS X
Topic: Several vulnerabilities in Apple Mac OS X fixed
Links: APPLE-SA-2012-02-01-1, ESB-2012.0114,
VU #403593, VU #410281
ID: ae-201202-005

OS X Lion v10.7.3 and Security Update 2012-001 is now available and addresses many security related problems. This update is recommended.

System: Red Hat Enterprise Linux 4
Topic: Vulnerabilities in OpenSSL
Links: RHSA-2012-0086, CVE-2011-4576, CVE-2011-4619, ESB-2012.0113
ID: ae-201202-004

Updated openssl packages that fix two security issues are now available for Red Hat Enterprise Linux 4. Please regard that RHEL 4 is supported until end of February 2012 only!

System: Red Hat Enterprise Linux
Topic: Vulnerabilities in JBoss Enterprise Middleware
Links: RHSA-2012-0089, CVE-2011-1184, CVE-2011-2526, CVE-2011-4610, CVE-2012-0052, CVE-2012-0062, ESB-2012.0112
ID: ae-201202-003

JBoss Operations Network 2.4.2, which fixes multiple security issues and several bugs, is now available from the Red Hat Customer Portal. Since some relevant security issues are fixed with this version, an upgrade ist recommended.

System: VMware ESX / ESXi
Topic: Multiple vulnerabilities in VMware ESXi and VMware ESX
Links: VMSA-2012-0001, ESB-2012.0109
ID: ae-201202-002

VMware ESXi and ESX updates to third party library and ESX Service Console address several security issues. So it's strongly recommended to upgrade as soon as possible.

System: Android
Topic: Vulnerability in HTC Android devices
Links: Bret Jordan, CVE-2011-4872, VU #763355
ID: ae-201202-001

A user's 802.1X WiFi credentials and SSID information may be exposed to any application with basic WiFi permissions on certain HTC builds of Android. An attacker may be able to view and exfiltrate WiFi SSID information and credentials. Updating vulnerable phones remedies this problem.



(c) 2000-2014 AERAsec Network Services and Security GmbH