Network Security

AERAsec
Network Security
Current Security Messages


Most of the links lead to the corresponding files at CERT or other organisations. So changes take place immediately, especially which patches should be installed or which changes in the configuration should be made to avoid this vulnerability. Some of the files are transferred by FTP.

By the way: If we're not publishing well-known risks inheritant in any widely used platform or program that doesn't mean this particular platform or program is safe to use!

Here you find our network security search engine!


This is some information you send:

Your Browser

CCBot/2.0 (http://commoncrawl.org/faq/)

Your IP address

ec2-54-196-162-238.compute-1.amazonaws.com [54.196.162.238]

Your referer

(filtered or not existing)

Current month, Last month, Last 10 messages, Last 20 messages (index only)

Chosen month 03 / 2012

System: VMWare ESX Server
Topic: Multiple vulnerabilities in VMware
Links: VMSA-2012-0006, ESB-2012.0333
ID: ae-201203-086

Updates address several vulnerabilities in VMware ESXi and ESX. Their installation is strongly recommended since a remote root exploit as well as remote code execution is possible.

System: Several
Topic: Several vulnerabilities in TYPO3
Links: TYPO3_SA_2012-001, ESB-2012.0330
ID: ae-201203-085

Several vulnerabilities have been found in TYPO3 core. Exploiting them might allow Cross-Site Scripting (XSS) attacks, Information disclosure and other exploits. So it's recommended to update all affected systems.

System: Mandriva Linux
Topic: Vulnerability in CVS
Links: MDVSA-2012:044, CVE-2012-0804
ID: ae-201203-084

A heap-based buffer overflow flaw was found in the way the CVS client handles responses from HTTP proxies. A malicious HTTP proxy could use this flaw to cause the CVS client to crash or, possibly, execute arbitrary code with the privileges of the user running the CVS client. Updated packages are available now.

System: Debian GNU/Linux
Topic: Vulnerability in tryton-server
Links: DSA-2444, CVE-2012-0215, ESB-2012.0329
ID: ae-201203-083

It was discovered that the Tryton application framework for Python allows authenticated users to escalate their privileges by editing the Many2Many field. Updated packages are available now.

System: Cisco IOS
Topic: Several vulnerabilities in Cisco IOS
Links: Cisco_ike, Cisco_pai, Cisco_msdp, Cisco_nat, Cisco_rsvp, Cisco_ssh, Cisco_smartinstall, Cisco_zbfw, Cisco_mace, ESB-2012.0328
ID: ae-201203-082

Nine vulnerabilities in Cisco IOS can now be solved by installing the latest patches.

System: HP-UX
Topic: Vulnerabilities in Java
Links: HPSBUX02755, SSRT100667, ESB-2012.0327
ID: ae-201203-081

Several potential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. These vulnerabilities could allow remote unauthorized access, disclosure of information, and other vulnerabilities. HP has provided Java version upgrades to resolve these vulnerabilities.

System: HP-UX
Topic: Vulnerabilities in HP-UX WBEM
Links: HPSBUX02755, SSRT100667, CVE-2012-0125, CVE-2012-0126, ESB-2012.0325
ID: ae-201203-080

A potential security vulnerability has been identified with certain HP-UX WBEM components. The vulnerability could be exploited remotely in HP-UX 11.11 and HP-UX 11.23 to gain unauthorized access to diagnostic data. The vulnerability could be exploited locally in HP-UX 11.31 also to gain unauthorized access to diagnostic data. Patches are available now.

System: Many
Topic: Vulnerability in HP Performance Manager
Links: HPSBMU02756, SSRT100596, CVE-2012-0127, ESB-2012.0324
ID: ae-201203-079

A potential security vulnerability has been identified with HP Performance Manager v9.00 running on HP-UX, Linux, Solaris, and Windows. The vulnerability could be exploited remotely to execute arbitrary code and to create a Denial-of-Service (DoS). HP has provided patches to resolve the vulnerability.

System: Various
Topic: Vulnerabilities in HP OpenView Network Node Manager
Links: HPSBMU02748, SSRT100772, ESB-2012.0323
ID: ae-201203-078

Potential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM) running Apache HTTP Server. The vulnerabilities could be exploited remotely resulting in unauthorized disclosure of information, unauthorized modification, or Denial-of-Service (DoS). HP has provided a hotfix to resolve the vulnerabilities.

System: Many
Topic: Vulnerability in phpMyAdmin
Links: PMASA-2012-2, CVE-2012-1902, ESB-2012.0322
ID: ae-201203-077

The show_config_errors.php scripts did not validate the presence of the configuration file, so an error message shows the full path of this file, leading to possible further attacks. Upgrade to phpMyAdmin 3.4.10.2 or newer is recommended.

System: Many
Topic: Vulnerabilities in Adobe Flash Player
Links: APSB12-07, CVE-2012-0772, CVE-2012-0773, ESB-2012.0326, ISS Alert #446,
RHSA-2012-0434, ESB-2012.0331
ID: ae-201203-076

Updates address critical vulnerabilities in Adobe Flash Player 11.1.102.63 and earlier versions for Windows, Macintosh, Linux and Solaris, and Adobe Flash Player 11.1.111.7 and earlier versions for Android 3.x and 2.x. These vulnerabilities could cause a crash and potentially allow an attacker to take control of the affected system. So it's recommended to update as soon as possible.

System: HP-UX, Solaris, Linux
Topic: Vulnerabilities in HP OpenView Network Node Manager
Links: HPSBMU02747SSRT100771rev.1, CVE-2012-0022, CVE-2011-4858, ESB-2012.0321
ID: ae-201203-075

Potential security vulnerabilities have been identified with HP OpenView Network Node Manager running Apache Tomcat. The vulnerabilities could be exploited remotely to create a Denial of Service (DoS). Updated packages are available now.

System: Mandriva
Topic: Vulnerabilities in expat
Links: MDVSA-2012:041, CVE-2012-0876, CVE-2012-1148
ID: ae-201203-074

A memory leak and a hash table collision flaw in expat could cause denial of service (DoS) attacks. Updated packages are available now.

System: Red Hat Enterprise Linux/Mandriva
Topic: Vulnerabilities in gnutls
Links: RHSA-2012-0428, MDVSA-2012:040, CVE-2012-1573, CVE-2012-1569, CVE-2012-4128, ESB-2012.0320
ID: ae-201203-073

A flaw was found in the way GnuTLS decrypted malformed TLS records. This could cause a TLS/SSL client or server to crash when processing a specially-crafted TLS record from a remote TLS/SSL connection peer. A flaw was found in the way libtasn1 decoded DER data. An attacker could create a carefully-crafted X.509 certificate that, when parsed by an application that uses GnuTLS, could cause the application to crash. A boundary error was found in the gnutls_session_get_data() function. A malicious TLS/SSL server could use this flaw to crash a TLS/SSL client or, possibly, execute arbitrary code as the client, if the client passed a fixed-sized buffer to gnutls_session_get_data() before checking the real size of the session data provided by the server. Updated packages are available now.

System: Red Hat Enterprise Linux
Topic: Vulnerabilities in openssl
Links: RHSA-2012-0426, CVE-2012-1165, CVE-2012-0884, CVE-2011-4619, ESB-2012.0318
ID: ae-201203-072

Updated openssl packages that fix two security issues and one bug are now available for Red Hat Enterprise Linux 5 and 6.

System: Red Hat Enterprise Linux/Mandriva
Topic: Vulnerability in libtasn1
Links: RHSA-2012-0427, MDVSA-2012:039, CVE-2012-1569, ESB-2012.0319
ID: ae-201203-071

A flaw was found in the way libtasn1 decoded DER data. An attacker could create carefully-crafted DER encoded input that, when parsed by an application that uses libtasn1, could cause the application to crash. Updated packages are available now.

System: Debian GNU/Linux
Topic: Vulnerability in openarena
Links: dsa-2442, CVE-2010-5077
ID: ae-201203-070

It has been discovered that spoofed "getstatus" UDP requests are being sent by attackers to servers for use with games derived from the Quake 3 engine such as openarena. These servers respond with a packet flood to the victim whose IP address was impersonated by the attackers, causing a denial of service. Updated packages are available now.

System: Debian GNU/Linux
Topic: Vulnerabilities in linux-2.6
Links: dsa-2443, CVE-2012-1097, CVE-2012-1090, CVE-2012-0045, CVE-2011-4347, CVE-2011-1833, CVE-2009-4307, ESB-2012.0317
ID: ae-201203-069

Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation. Updated packages are available now.

System: Red Hat Enterprise Linux
Topic: Vulnerabilities in rhev-hypervisor6
Links: RHSA-2012-0422, CVE-2012-0841, CVE-2012-0444, CVE-2012-0207, CVE-2012-0045, CVE-2012-0038, CVE-2011-4622, CVE-2011-4611, CVE-2011-4594, CVE-2011-4347, CVE-2011-4132, CVE-2011-4081, CVE-2011-4077, ESB-2012.0316
ID: ae-201203-068

An updated rhev-hypervisor6 package that fixes two security issues and one bug is now available.

System: Red Hat Enterprise Linux
Topic: Vulnerability in rhevm
Links: RHSA-2012-0421, CVE-2012-0818, ESB-2012.0315
ID: ae-201203-067

A vulnerability was reported in Red Hat Enterprise Virtualization Manager. A remote user can submit a REST API request with a specially crafted XML external entity that refers to file system resources on the target user's system. When the entity is resolved by the target RESTEasy process, the remote user can read files on the target system with the privileges of the application server process. Updated packages are available now.

System: Several
Topic: Vulnerabilities in quagga
Links: Quagga #705, CVE-2012-0249, CVE-2012-0250, CVE-2012-0255, VU #551715
ID: ae-201203-066

Quagga, a routing software suite, contains multiple vulnerabilities that result in a Denial-of-Service (DoS) condition. An upgrade to Quagga 0.99.20.1 either through the GIT master version or by applying a patch is recommended.

System: Mandriva Linux
Topic: Vulnerabilities in openssl
Links: MDVSA-2012:038, CVE-2012-0884, CVE-2012-1165
ID: ae-201203-065

Multiple vulnerabilities has been found and corrected in openssl. These vulnerabilities may lead to denial of service (DoS) attacks, or may allow context-dependent attackers to decrypt data via a Million Message Attack (MMA). Updated packages are available now.

System: Many
Topic: Vulnerability in gnutls26
Links: dsa-2441, CVE-2012-1573, ESB-2012.0314
ID: ae-201203-064

It was discovered that GNUTLS does not properly handle truncated GenericBlockCipher structures nested inside TLS records, leading to crashes in applications using the GNUTLS library (DoS). Updated packages are available now.

System: Many
Topic: Vulnerability in libtasn1-3
Links: dsa-2440, CVE-2012-1569, ESB-2012.0313
ID: ae-201203-063

It was discovered that many callers of the asn1_get_length_der function did not check the result against the overall buffer length before processing it further. This could result in out-of-bounds memory accesses and application crashes. Applications using GNUTLS are exposed to this issue. Updated packages are available now.

System: Debian GNU/Linux
Topic: Vulnerability in file
Links: dsa-2422, CVE-2012-1571, ESB-2012.0233.2
ID: ae-201203-062

The file type identification tool, file, and its associated library, libmagic, do not properly process malformed files in the Composite Document File (CDF) format, leading to crashes. Updated packages are available now.

System: Mandriva Linux
Topic: Vulnerabilities in RealPlayer
Links: MDVSA-2012:034, CVE-2012-1162, CVE-2012-1163,
MDVSA-2012:036, CVE-2011-2524,
MDVSA-2012:037, CVE-2011-3481
ID: ae-201203-061

libzip (version <= 0.10) uses an incorrect loop construct, which can result in a heap overflow on corrupted zip files. This might allow access to sensitive information. A directory traversal vulnerability in soup-uri.c in SoupServer in libsoup before 2.35.4 allows remote attackers to read arbitrary files via a encoded dot dot in a an URI. The index_get_ids function in index.c in imapd in Cyrus IMAP Server before 2.4.11, when server-side threading is enabled, allows remote attackers to cause a Denial-of-Service (NULL pointer dereference and daemon crash) via a crafted References header in an e-mail message.
Updated packages are available now.

System: Various
Topic: Vulnerabilities in RealPlayer
Links: ZDI-12-048, ZDI-12-049, RealNetworks, CVE-2012-0924, CVE-2012-0927, ESB-2012.0312
ID: ae-201203-060

Two vulnerabilities have been found in RealPlayer. They can be exploited by remote attackers to execute arbitrary code on a vulnerable system. User interaction is required because a file or a stream needs to be opened and decoded, respectively. RealNetworks has issued updates to correct these vulnerabilities.

System: Various
Topic: Vulnerability in raptor
Links: CVE-2012-0037, DSA-2438, ESB-2012.0308, RHSA-2012-0410, ESB-2012.0310, RHSA-2012-0411, ESB-2012.0311
ID: ae-201203-059

Raptor is a RDF parser and serializer library. It allows file inclusion through XML entities, resulting in information disclosure. Affected is software that is linked against Raptor, e.g. OpenOffice.org. For some systems an update is available now.

System: Various
Topic: Vulnerability in IBM Tivoli Endpoint Manager
Links: X-Force #74039, CVE-2011-0719, ESB-2012.0307
ID: ae-201203-058

IBM Tivoli Endpoint Manager is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using the ScheduleParam parameter in a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. It's recommended that administrators upgrade to the latest version of Tivoli Endpoint Manager.

System: Microsoft Windows
Topic: Vulnerabilities in Citrix XenServer
Links: CTX132476, ESB-2012.0306
ID: ae-201203-057

A number of security vulnerabilities have been identified in the management web interface of Citrix XenServer vSwitch Controller. These vulnerabilities affect all currently supported versions of vSwitch Controller prior to version 6.0.2. These vulnerabilities have been addressed in a new version of the vSwitch Controller virtual appliance. Citrix recommends that customers using vSwitch Controller upgrade their virtual appliance to version 6.0.2.

System: Microsoft Windows
Topic: Vulnerability in CA ARCserve Backup
Links: CA20120320-01, CVE-2012-1662, ESB-2012.0304
ID: ae-201203-056

A potential risk with CA ARCserve Backup for Windows has been found. A vulnerability exists that can allow a remote attacker to cause a Denial-of-Service (DoS) condition. CA Technologies has issued fixes to address the vulnerability.

System: Debian GNU/Linux
Topic: Vulnerabilities in icedove
Links: DSA-2437, CVE-2012-0455, CVE-2012-0456, CVE-2012-0458, CVE-2012-0461, ESB-2012.0303
ID: ae-201203-055

Several vulnerabilities have been discovered in Icedove, an unbranded version of the Thunderbird mail/news client. They might allow remote execution of arbitrary code as well as a Cross-Site Scripting (XSS) attack. Updated packages are available now.

System: Nortel
Topic: Vulnerabilities in LG-Nortel ELO GS24M Switch
Links: VU #523027
ID: ae-201203-054

The LG-Nortel ELO GS24M switch web management interface authentication can be bypassed by accessing URL's for configuration web pages directly. Web pages exist that can download the current device configuration that also includes credentials in cleartext. So a remote unauthenticated attacker may be able to operate and configure the device with the permissions of an administrator. This product is considered end-of-life by the vendor and is no longer supported. As a workaround appropriate firewall rules should be configured.

System: Several
Topic: Vulnerabilities in IBM WebSphere Application Server
Links: IBM swg21587015, CVE-2011-1376, CVE-2011-4889, CVE-2012-0193, CVE-2012-0716, CVE-2012-0717, CVE-2012-0720, X-Force #71230, X-Force #72581, X-Force #73748, X-Force #73479, X-Force #74044, ESB-2012.0302
ID: ae-201203-053

Several vulnerabilities have been found in IBM WebSphere Application Server. Exploiting them might lead to remote unautorized access, Cross-Site Scripting (XSS) or Denial-of-Service (DoS). If an attacker has an existing account, modification of arbitrary files is possible. Please refer to the advisory regarding the availability of fixes.

System: Several
Topic: Vulnerabilities in HP Insight Control Software
Links: HPSBMU02752, SSRT100802, CVE-2010-4645, CVE-2011-0762, CVE-2011-0997, CVE-2011-1097, CVE-2011-3207, CVE-2011-3210, ESB-2012.0301
ID: ae-201203-052

Potential security vulnerabilities have been identified with HP Insight Control Software for Linux (IC-Linux). The vulnerabilities could be exploited remotely to execute arbitrary code or to create a Denial-of-Service (DoS). HP has provided HP Insight Control Software for Linux (IC-Linux) v7.0 to resolve the vulnerabilities.

System: Many
Topic: Vulnerabilities in IBM DB2
Links: IBM swg21588090, IBM swg21588093, IBM swg21588098, IBM swg21588100, CVE-2012-0709, CVE-2012-0710, CVE-2012-0711, CVE-2012-0712, ESB-2012.0298
ID: ae-201203-051

Several vulnerabilities have been found in DB2 products. Exploiting them might lead to remote Denial-of-Service (DoS) or increased privileges. Users with an existing account might access privileged data, too. Fixes for these vulnerabilities are available for most affected and supported systems.

System: Microsoft Windows
Topic: Vulnerabilities in VLC media player
Links: videolan_sa1201, videolan_sa1202, CVE-2012-1775, CVE-2012-1776, ESB-2012.0297
ID: ae-201203-050

Two vulnerabilities have been found in the VLC media player. Using a crafted file, an attacker is able to crash the VLC media player. Arbitrary code execution could be possible on some systems. VLC media player 2.0.1 addresses this issue.

System: Microsoft Windows
Topic: Vulnerabilities in RSA enVision 4.x
Links: ESA-2012-014, CVE-2012-0399, CVE-2012-0400, CVE-2012-0401, CVE-2012-0402, CVE-2012-0403, X-Force #74136, X-Force #74137, X-Force #74138, X-Force #74139, X-Force #74140, ESB-2012.0296
ID: ae-201203-049

RSA, The Security Division of EMC, announces security fixes to address multiple vulnerabilities and provide enhancements in RSA enVision software. An upgrade to RSA enVision 4.1 Patch 4 solves security problems like remote code execution, unauthorized access as well as Cross-Site Scripting (XSS). So this upgrade is recommended.

System: Several Linux
Topic: Vulnerability in libpng
Links: CVE-2011-3045, MDVSA-2012:033, RHSA-2012-0407, ESB-2012.0300, DSA-2439, ESB-2012.0309
ID: ae-201203-048

A heap-based buffer overflow flaw was found in the way libpng processes compressed chunks in PNG image files. An attacker could create a specially-crafted PNG image file that, when opened, could cause an application using libpng to crash or, possibly, execute arbitrary code with the privileges of the user running the application. For some systems updates are available.

System: Several
Topic: Vulnerabilities in JBoss Operations Network
Links: RHSA-2012-0396, RHSA-2012-0406, CVE-2011-4858, CVE-2012-0032, CVE-2012-0052, CVE-2012-0062, CVE-2012-1100, ESB-2012.0294, ESB-2012.0299
ID: ae-201203-047

JBoss Operations Network (JBoss ON) is a middleware management solution that provides a single point of control to deploy, manage, and monitor JBoss Enterprise Middleware, applications, and services. An update for JBoss Operations Network 2.4.2 that fixes one security issue, as well as an update for JBoss Operations Network 3.0.1, which fixes multiple security vulnerabilities, is available now.

System: Debian GNU/Linux
Topic: Vulnerabilities in nginx, gnash, and libapache2-mod-fcgid
Links: DSA-2434, CVE-2012-1180, ESB-2012.0291,
DSA-2435, CVE-2010-4337, CVE-2011-4328, CVE-2012-1175, ESB-2012.0292,
DSA-2436, CVE-2012-1181, ESB-2012.0293
ID: ae-201203-046

A memory disclosure vulnerability has been found in nginx. In previous versions of this web server, an attacker can receive the content of previously freed memory if an upstream server returned a specially crafted HTTP response, potentially exposing sensitive information.
Several vulnerabilities have been identified in Gnash, the GNU Flash player. HTTP cookies are managed in an unsafe manner. They have predictable names, so attackers can overwrite arbitrary files the user of the browser has write access to. Besides this, using specially crafted SWF files may lead to a heap based buffer overflow when such a file is opened. Additionally, temporary files in /tmp are handled in an insecure manner, allowing write access.
The Apache FCGID module, a FastCGI implementation, doesn't properly enforce the FcgidMaxProcessesPerClass resource limit, rendering this control ineffective and potentially allowing a virtual host to consume excessive resources.
Updated packages are available now.

System: Appliance
Topic: Vulnerability in several tape libraries
Links: VU #913483, Quantum, Dell, IBM, X-Force #74159, X-Force #74160, X-Force #74161
ID: ae-201203-045

Cross scripting and preconfigured password vulnerabilities have been reported to exist in the Quantum Scalar i500, Dell ML6000 and IBM TS3310 tape libraries. The preconfigured passwords for certain accounts are considered to be weak and could be exploited allowing an attacker user access. An attacker with access to a local user account or via malicious URL can execute arbitrary code or commands on the vulnerable system.
Upgrades for affected firmware are available now.

System: Several
Topic: Vulnerabilities in several VMware products
Links: VMSA-2012-0005, ESB-2012.0289
ID: ae-201203-044

Updates for VMware vCenter Server, Orchestrator, Update Manager, vShield, vSphere Client, ESXi and ESX are available. They address several security issues, so an update is recommended.

System: Microsoft Windows
Topic: Vulnerabilities in VMware View
Links: VMSA-2012-0004 CVE-2012-1508, CVE-2012-1509, CVE-2012-1510, CVE-2012-1511, ESB-2012.0288
ID: ae-201203-043

The VMware XPDM and WDDM display drivers contain buffer overflow vulnerabilities and the XPDM display driver does not properly check for NULL pointers. Exploitation of these issues may lead to local privilege escalation on View virtual desktops. A Cross-Site scripting (XSS) vulnerability in View Manager Portal may allow a remote attacker to run scripts in the victim's browser. The attacker can trigger this vulnerability by supplying a crafted URL to the victim and convincing them to click on the link.
View 5.0 isn't affected, an upgrade to View 4.6.1 is recommended. If still 4.0 is used, an upgrade is strongly recommended since for this version a patch is not planned.

System: Mandriva
Topic: Vulnerabilities in pidgin
Links: MDVSA-2012:029, CVE-2011-4939, CVE-2012-1178, ESB-2012.0290
ID: ae-201203-042

The pidgin_conv_chat_rename_user function in gtkconv.c in Pidgin before 2.10.2 allows remote attackers to cause a denial of service by changing a nickname while in an XMPP chat room. The msn_oim_report_to_user function in oim.c in the MSN protocol plugin in libpurple in Pidgin before 2.10.2 allows remote attackers to cause a denial of service via an OIM message that lacks UTF-8 encoding. New packets are available.

System: Unix, Linux, OSX
Topic: Vulnerability in Asterisk
Links: AST-2012-002, AST-2012-003, ESB-2012.0286
ID: ae-201203-041

A remote crash vulnerability in Milliwatt application and a possible exploitable stack buffer overflow have been identified to Asterisk. This may allow remote attackers to execute a denial of service (DoS), or execute arbitrary code. A new patch is available for download.

System: Red Hat Enterprise Linux
Topic: Vulnerability in glibc
Links: RHSA-2012-0393, RHSA-2012-0397, CVE-2012-0864, ESB-2012.0285, ESB-2012.0295
ID: ae-201203-040

An integer overflow flaw was found in the implementation of the printf functions family. This could allow an attacker to bypass FORTIFY_SOURCE protections and execute arbitrary code using a format string flaw in an application. New packets are available for download.

System: Debian GNU/Linux
Topic: Vulnerabilities in iceweasel
Links: DSA-2433, CVE-2012-0461, CVE-2012-0458, CVE-2012-0456, CVE-2012-0455, ESB-2012.0284, ESB-2012.0287
ID: ae-201203-039

Multiple vulnerabilities in Iceweasel may allow remote attackers to execute arbitrary commands, using the applications privileges. New packets are available for download.

System: Cisco
Topic: Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliance
Links: sa-20120314-asa, CVE-2012-0356, CVE-2012-0355, CVE-2012-0354, CVE-2012-0353, ESB-2012.0283
ID: ae-201203-038

Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module have been identified. Cisco has released free software updates that address these vulnerabilities. Workarounds are available to mitigate some of the vulnerabilities.

System: Cisco
Topic: Vulnerability in Cisco Firewall Services Module
Links: sa-20120314-fwsm, CVE-2012-0356, ESB-2012.0282
ID: ae-201203-037

Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, and the Firewall Services Module in Cisco Catalyst 6500 series devices allow remote attackers to cause a denial of service (DoS) via a crafted IPv4 PIM message, when multicast routing is enabled. A new update is available.

System: Cisco, Microsoft Windows
Topic: Vulnerability in Cisco ASA 5500 Series
Links: sa-20120314-asaclient, CVE-2012-0358, ESB-2012.0281
ID: ae-201203-036

Buffer overflow in the Cisco Port Forwarder ActiveX control in cscopf.ocx, as distributed through the Clientless VPN feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices, allows remote attackers to execute arbitrary code via unspecified vectors. A new update is available.

System: Red Hat Enterprise Linux
Topic: Vulnerabilities in Firefox/Thunderbird
Links: RHSA-2012-0388, RHSA-2012-0387
ID: ae-201203-035

Updated thunderbird anf firefox packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6.

System: Many
Topic: Vulnerability in Adobe ColdFusion
Links: CVE-2012-0770, ESB-2012.0278
ID: ae-201203-034

Adobe ColdFusion 8.0, 8.0.1, 9.0, and 9.0.1 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service by sending many crafted parameters. A new update is available.

System: Microsoft Windows
Topic: Vulnerabilities in EMC Documentum eRoom
Links: CVE-2012-0404, CVE-2012-0398, ESB-2012.0277
ID: ae-201203-033

Two vulnerabilities have been identified in EMC Documentum eRoom, which can be potentially exploited by malicious users to conduct session replay and cross-site scripting attacks. A new update is available.

System: Microsoft Windows
Topic: Vulnerability in Microsoft Expression Design
Links: MS12-022, CVE-2012-0016
ID: ae-201203-032

No further comment due to legal reasons

System: Microsoft Windows
Topic: Vulnerability in Microsoft Visual Studio
Links: MS12-021, CVE-2012-0008
ID: ae-201203-031

No further comment due to legal reasons

System: Microsoft Windows
Topic: Vulnerabilities in Microsoft Remote Desktop
Links: MS12-020, CVE-2012-0002, CVE-2012-0152
ID: ae-201203-030

No further comment due to legal reasons

System: Microsoft Windows
Topic: Vulnerability in Microsoft Windows DirectWrite
Links: MS12-019, CVE-2012-0156
ID: ae-201203-029

No further comment due to legal reasons

System: Microsoft Windows
Topic: Vulnerability in Microsoft Windows Kernel mode driver
Links: MS12-018, CVE-2012-0157
ID: ae-201203-028

No further comment due to legal reasons

System: Microsoft Windows
Topic: Vulnerability in Microsoft DNS Server
Links: MS12-017, CVE-2012-0006
ID: ae-201203-027

No further comment due to legal reasons

System: Various
Topic: Vulnerabilities in HP Data Protector Express
Links: HPSBMU02746. SSRT100781, CVE-2012-0121, CVE-2012-0122, CVE-2012-0123, CVE-2012-0124, ESB-2012.0270
ID: ae-201203-026

Potential security vulnerabilities have been identified with HP Data Protector Express (DPX) 5.0 and 6.0. The vulnerabilities could be exploited remotely to create a Denial-of-Service (DoS) or to execute arbitrary code. HP has provided upgrades to resolve these vulnerabilities.

System: Various
Topic: Vulnerability in OpenSSL
Links: OpenSSL_20120312, CVE-2012-0884, ESB-2012.0269,
IBM #5748, ESB-2012.0305
ID: ae-201203-025

A weakness in the OpenSSL CMS and PKCS #7 code can be exploited using Bleichenbacher's attack on PKCS #1 v1.5 RSA padding also known as the million message attack (MMA). Only users of CMS, PKCS #7, or S/MIME decryption operations are affected. A successful attack needs on average 2^20 messages. In practice only automated systems will be affected as humans will not be willing to process this many messages. SSL/TLS applications are *NOT* affected by this problem since this code doesn't use the PKCS#7 or CMS decryption code. Affected users should upgrade to OpenSSL 1.0.0h or 0.9.8u.

System: Red Hat Enterprise Linux
Topic: Vulnerability in JBoss Enterprise SOA Platform
Links: RHSA-2012-0378, CVE-2011-4314, ESB-2012.0268
ID: ae-201203-024

JBoss Enterprise SOA Platform 5.2.0 roll up patch 1, which fixes one security issue and various bugs, is now available from the Red Hat Customer Portal.

System: Debian GNU/Linux
Topic: Vulnerability in libyaml-libyaml-perl
Links: DSA-2432, CVE-2012-1152, ESB-2012.0267
ID: ae-201203-023

Two format string vulnerabilities in YAML::LibYAML, a Perl Interface to the libyaml library have been found. Updated packages are available now.

System: Apple iOS, Windows
Topic: Vulnerabilities in Apple Safari
Links: APPLE-SA-2012-03-12-1, ESB-2012.0266
ID: ae-201203-022

More than 80 vulnerabilities can be corrected now by installing Apple Safari 5.1.4. Exploiting the vulnerabilities might lead to reduced security, Cross-Site Scripting, Denial-of-Service as well as remote code execution and unauthorized access. So this update is recommended.

System: Linux
Topic: Vulnerability in F-Secure Linux Security
Links: FSC-2012-1
ID: ae-201203-021

F-Secure Linux Security 9.10 and 9.11 are not the latest in the product line. In these versions, RedirFS based implementation of real-time (on-access) scanning in Linux Security product will not work on non-root filesystems. Not affected are other scanning mechanisms like manual scanning or commandline-only scanning. It's strongly recommended to install version 9.12 or the corresponding hotfix.

System: Microsoft Windows, VMWare ESX Server
Topic: Several vulnerabilities in VMware VirtualCenter
Links: VMSA-2012-0003, ESB-2012.0265
ID: ae-201203-020

Oracle (Sun) JRE can now be updated to version 1.5.0_32, which addresses multiple security issues that existed in earlier releases of Oracle (Sun) JRE.

System: Microsoft Windows
Topic: Vulnerability in VMware vCenter Chargeback Manager
Links: VMSA-2012-0002, CVE-2012-1472, ESB-2012.0264
ID: ae-201203-019

The vCenter Chargeback Manager (CBM) contains a flaw in its handling of XML API requests. This vulnerability allows an unauthenticated remote attacker to download files from the CBM server or conduct a Denial-of-Service (DoS) against the server. Updated software is available now.

System: Debian GNU/Linux
Topic: Vulnerability in libdbd-pg-perl
Links: DSA-2431, CVE-2012-1151, ESB-2012.0263
ID: ae-201203-018

Two format string vulnerabilities in DBD::Pg, a Perl DBI driver for the PostgreSQL database server have been found. They can be exploited by a rogue database server. Updated packages are available now.

System: Debian GNU/Linux
Topic: Vulnerability in python-pam
Links: DSA-2430, CVE-2012-1502, ESB-2012.0262
ID: ae-201203-017

A double free vulnerability in the Python interface to the PAM library might lead to a Denial-of-Service (DoS). Updated packages are available now.

System: Several
Topic: Vulnerability in HP Network Node Manager i
Links: HPSBMU02744, SSRT100776, CVE-2007-1858, ESB-2012.0261
ID: ae-201203-016

A potential security vulnerability has been identified with HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows. The vulnerability could be remotely exploited resulting in unauthorized disclosure of information. HP has made a procedure available to resolve this vulnerability.

System: Red Hat Enterprise Linux
Topic: Vulnerability in systemtap
Links: RHSA-2012-0376, CVE-2012-0875, ESB-2012.0259
ID: ae-201203-015

An invalid pointer read flaw has been found in the way SystemTap handles malformed debugging information in DWARF format. When SystemTap unprivileged mode is enabled, an unprivileged user in the stapusr group could use this flaw to crash the system or, potentially, read arbitrary kernel memory.
Updated packages are available now.

System: Apple Appliance
Topic: Vulnerability in Apple TV
Links: APPLE-SA-2012-03-07-3, CVE-2011-3453, ESB-2012.0260
ID: ae-201203-014

Apple TV 5.0 is now available and addresses an integer overflow in the handling of DNS resource records by the library libresolv.

System: Apple iOS
Topic: Vulnerabilities in Apple iOS
Links: APPLE-SA-2012-03-07-2, ESB-2012.0257
ID: ae-201203-013

More than 80 vulnerabilities can be corrected now by installing iOS 5.1 on iPad, iPhone, iPod and other devices. Exploiting the vulnerabilities might lead to reduced security, Cross-Site Scripting, Denial-of-Service as well as remote code execution and unauthorized access. So this update is recommended.

System: Microsoft Windows
Topic: Vulnerabilities in Apple iTunes
Links: APPLE-SA-2012-03-07-1, ESB-2012.0256
ID: ae-201203-012

More than 70 vulnerabilities can be corrected now by installing iTunes 10.6. The vulnerabilities might lead to reduced security, Denial-of-Service as well as remote code execution. So this update is recommended.

System: Debian GNU/Linux
Topic: Vulnerabilities in freetype and mysql-5.1
Links: DSA-2428, CVE-2012-1133, CVE-2012-1134, CVE-2012-1136, CVE-2012-1142, CVE-2012-1144, ESB-2012.0258,
DSA-2429, ESB-2012.0252
ID: ae-201203-011

Several vulnerabilties in Freetype's parsing of BDF, Type1 and TrueType fonts might result in the execution of arbitrary code if a malformed font file is processed. Updated packages are available now.
Several security vulnerabilities were discovered in MySQL, a database management system. The vulnerabilities are addressed by upgrading MySQL to a new upstream version, 5.1.61, which includes additional changes, such as performance improvements and corrections for data loss defects.

System: Red Hat Enterprise Linux
Topic: Vulnerabilities in python-sqlalchemy and XEN
Links: RHSA-2012-0369, CVE-2012-0805, ESB-2012.0253,
RHSA-2012-0370, CVE-2012-0029, ESB-2012.0254
ID: ae-201203-010

SQLAlchemy is an Object Relational Mapper (ORM) that provides an interface to SQL databases. It has been discovered that SQLAlchemy doesn't sanitize values for the limit and offset keywords for SQL select statements. If an application using SQLAlchemy accepts values for these keywords and doesn't filter or sanitize them before passing them to SQLAlchemy, it could allow an attacker to perform an SQL injection attack against the application.
The xen packages contain administration tools and the xend service for managing the kernel-xen kernel for virtualization on Red Hat Enterprise Linux. A heap overflow flaw has been found in the way QEMU emulates the e1000 network interface card. A privileged guest user in a virtual machine whose network interface is configured to use the e1000 emulated driver could use this flaw to crash QEMU or, possibly, escalate their privileges on the host.
Updated packages address these issues.

System: Several
Topic: Vulnerability in RSA SecurID Software Token Converter
Links: ESA-2012-013, CVE-2012-0397, ESB-2012.0251
ID: ae-201203-009

All versions of RSA SecurID Software Token Converter contain a buffer overflow vulnerability that could allow a malicious user to cause a Denial-of-Service (DoS) or possibly execute arbitrary code on a system running the Token Converter. RSA strongly recommends that all customers using RSA SecurID Software Token Converter upgrade to version 2.6.1 which can be downloaded now.

System: Red Hat Enterprise Linux
Topic: Vulnerabilities in kernel
Links: RHSA-2012-0350, ESB-2012.0248,
RHSA-2012-0358, ESB-2012.029
ID: ae-201203-008

Updated kernel packages that fix various security issues and several bugs are now available for Red Hat Enterprise Linux 6 and for Red Hat Enterprise Linux 5.6 Extended Update Support, respectively. Since some of the vulnerabilities might lead to remote Denial-of-Service and other problems, updates are recommended.

System: Debian GNU/Linux
Topic: Vulnerabilities in gimp and imagemagick
Links: DSA-2426, CVE-2010-4540, CVE-2010-4541, CVE-2010-4542, CVE-2010-4543, CVE-2011-1782, CVE-2011-2896, ESB-2012.0246,
DSA-2427, CVE-2012-0247, CVE-2012-0248, ESB-2012.0247
ID: ae-201203-007

GIMP is the GNU Image Manipulation Program. Because of several vulnerabilities remote attackers are able to execute arbitrary code on vulnerable systems as well as conduct a Denial-of-Service (DoS). Two security vulnerabilities related to EXIF processing were discovered in ImageMagick, a suite of programs to manipulate images. Attackers with an existing account might be able to reduce security or to reach a DoS.
Updated packages are available now.

System: Many
Topic: Vulnerabilities in Adobe Flash Player
Links: APSB12-05, CVE-2012-0768, CVE-2012-0769, ESB-2012.0245, X-Force #73683, X-Force #73684
RHSA-2012-0359, ESB-2012.0247
ID: ae-201203-006

Updates address critical vulnerabilities in Adobe Flash Player 11.1.102.62 and earlier versions for Windows, Macintosh, Linux and Solaris, Adobe Flash Player 11.1.115.6 and earlier versions for Android 4.x, and Adobe Flash Player 11.1.111.6 and earlier versions for Android 3.x and 2.x. These vulnerabilities could cause a crash and potentially allow an attacker to take control of the affected system. Updates should be installed as soon as possible.

System: Debian GNU/Linux
Topic: Vulnerabilities in libxml-atom-perl and plib
Links: DSA-2424, ESB-2012.0243, X-Force #73659,
DSA-2425, CVE-2011-4620, ESB-2012.0244
ID: ae-201203-005

It has been discovered that the XML::Atom Perl module doesn't disable external entities when parsing XML from potentially untrusted sources. This may allow attackers to gain read access to otherwise protected ressources, depending on how the library is used.
PLIB, a library used by TORCS, contains a buffer overflow in error message processing, which could allow remote attackers to execute arbitrary code.
Updated packages are available now.

System: Microsoft Windows
Topic: Vulnerabilities in IBM Tivoli Provisioning Manager Express
Links: IBM-ENUS211-048, CVE-2012-0198, CVE-2012-0199, ZDI-12-040, X-Force #73033, X-Force #73034
ID: ae-201203-004

IBM Tivoli Provisioning Manager Express for Software Distribution 4.1.1 ActiveX control (Isig.isigCtl.1) is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the RunAndUploadFile() method. By persuading a victim to visit a specially-crafted Web page, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the victim's browser to crash. It's also vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the GetAttachmentServlet, logon.do, register.do, addAsset.do, SoapServlet, or CallHomeExec servlets or via a specially-crafted EG2 file using various parameters, which could allow the attacker to view, add, modify or delete information in the back-end database.
There is no replacement for IBM Tivoli Provisioning Manager Express for Inventory (5724-N88) and IBM Tivoli Provisioning Manager Express for Software (5724-N89) Distribution. However a follow-on product, IBM Tivoli Endpoint Manager for Lifecycle Management v8.1 (5725-C43), is available.

System: Debian GNU/Linux
Topic: Vulnerabilities in movabletype-opensource
Links: DSA-2423, ESB-2012.0242
ID: ae-201203-003

Several vulnerabilities were discovered in Movable Type, a blogging system. Exploiting them might lead to command injection, Cross-Site Request Forgery (CSRF) or Cross-Site Scripting (XSS) attacks. It's recommended to install updated packages which are available now.

System: Microsoft Windows
Topic: Vulnerability in IBM Personal Communications WorkStation
Links: IBM, CVE-2012-0201, ESB-2012.0241
ID: ae-201203-002

A buffer overflow vulnerability in the handling of WorkStation files (.ws) by IBM Personal Communications could allow a remote attacker to cause a Denial-of-Service (application crash) or potentially execute arbitrary code on vulnerable installations of IBM Personal Communications. A fix is available now.

System: Red Hat Enterprise Linux
Topic: Vulnerability in jbossweb
Links: RHSA-2012-0345, CVE-2012-0022, ESB-2012.0239
ID: ae-201203-001

JBoss Enterprise Portal Platform is the open source implementation of the Java EE suite of services and Portal services running atop JBoss Enterprise Application Platform. It was found that JBoss Web doesn't handle large numbers of parameters and large parameter values efficiently. A remote attacker could make JBoss Web use an excessive amount of CPU time by sending an HTTP request containing a large number of parameters or large parameter values. This Denial-of-Service (DoS) can be avoided by installing an update for JBoss Enterprise Portal Platform 4.3 CP07.



(c) 2000-2014 AERAsec Network Services and Security GmbH