Network Security

AERAsec
Network Security
Current Security Messages


Most of the links lead to the corresponding files at CERT or other organisations. So changes take place immediately, especially which patches should be installed or which changes in the configuration should be made to avoid this vulnerability. Some of the files are transferred by FTP.

By the way: If we're not publishing well-known risks inheritant in any widely used platform or program that doesn't mean this particular platform or program is safe to use!

Here you find our network security search engine!


This is some information you send:

Your Browser

CCBot/2.0 (http://commoncrawl.org/faq/)

Your IP address

ec2-54-211-181-45.compute-1.amazonaws.com [54.211.181.45]

Your referer

(filtered or not existing)

Current month, Last month, Last 10 messages, Last 20 messages (index only)

Chosen month 04 / 2012

System: Several
Topic: Vulnerability in samba / samba3x
Links: CVE-2012-2111,
RHSA-2012-0533, ESB-2012.0422, DSA-2463, ESB-2012.0426, MDVSA-2012:070
ID: ae-201204-086

Samba is an open-source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol. A flaw has been found in the way Samba handles certain Local Security Authority (LSA) Remote Procedure Calls (RPC). An authenticated user could use this flaw to issue an RPC call that would modify the privileges database on the Samba server, allowing them to steal the ownership of files and directories that are being shared by the Samba server, and create, delete, and modify user accounts, as well as other Samba server administration tasks.
For some systems updated packages are available now.

System: Several
Topic: Vulnerability in nss
Links: RHSA-2012-0532, ESB-2012.0421
ID: ae-201204-085

Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. It has been found that a Certificate Authority (CA) issues fraudulent HTTPS certificates. An update renders any HTTPS certificates signed by that CA as untrusted.

System: Red Hat Enterprise Linux
Topic: Vulnerabilities in Red Hat Enterprise MRG Messaging and rhev-hypervisor6
Links: RHSA-2012-0528, RHSA-2012-0529, CVE-2011-3620, ESB-2012.0419,
RHSA-2012-0531, CVE-2012-0864, CVE-2012-1569, CVE-2012-1573, ESB-2012.0420
ID: ae-201204-084

Red Hat Enterprise MRG (Messaging, Realtime, and Grid) is a next-generation IT infrastructure for enterprise computing. It has been found that a part of this solution accepts any password or SASL mechanism and provides the remote user with a valid cluster username.
The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. Some flaws allow remote Denial-of-Service (DoS), but remote code execution can be possible also.
Updated packages address these issues.

System: Microsoft Windows
Topic: Vulnerabilities in Rational AppScan Enterprise
Links: IBM_swg21592188, CVE-2007-3633, CVE-2012-0729, CVE-2012-0730, CVE-2012-0731, CVE-2012-0732, CVE-2012-0733, CVE-2012-0734, CVE-2012-0735, CVE-2012-0736, CVE-2012-0737, ESB-2012.0416
ID: ae-201204-083

IBM Rational AppScan Enterprise, IBM Rational AppScan Tester Edition, IBM Rational AppScan Reporting Console and IBM Rational Policy Tester show several vulnerabilities that involve different security risks. Exploiting them might allow e.g. Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) attacks but also remote code execution. These vulnerabilities are addressed in the 8.5.0.1 Fix Pack.

System: Debian GNU/Linux
Topic: Vulnerabilities in ImageMagick
Links: DSA-2462, CVE-2012-0259, CVE-2012-0260, CVE-2012-1185, CVE-2012-1186, CVE-2012-1610, CVE-2012-1798, ESB-2012.0418, ESB-2012.0433, RHSA-2012-0544, ESB-2012.0438
ID: ae-201204-082

Several integer overflows and missing input validations were discovered in the ImageMagick image manipulation suite, resulting in the execution of arbitrary code or Denial-of-Service. Updated packages are available now.

System: VMWare ESX Server
Topic: Vulnerabilities in VMware ESX 4.1
Links: VMSA-2012-0008, CVE-2010-4008, CVE-2011-0216, CVE-2011-1944, CVE-2011-2834, CVE-2011-3191, CVE-2011-3905, CVE-2011-3919, CVE-2011-4348, CVE-2012-0028, ESB-2012.0415
ID: ae-201204-081

Several vulnerabilities have been found in VMware ESX 4.1. Exploiting them might lead to a root compromise by a local account or a remote Denial-of-Service (DoS). It might also be possible to achive remote code execution. It's recommended to install the patches ESX410-201204401-SG and ESX410-201204402-SG.

System: Unix
Topic: Vulnerabilities in HP NonStop Servers
Links: HPSBNS02767, SSRT100829, CVE-2011-3547, CVE-2011-3551, CVE-2011-3553, CVE-2011-3556, CVE-2011-3557, ESB-2012.0414
ID: ae-201204-080

Potential vulnerabilities have been identified with HP NonStop Servers running Java 6.0. The vulnerabilities could be exploited remotely resulting in Denial-of-Service (DoS), unauthorized disclosure of information, or unauthorized access. Using Software Updates these problems can be resolved.

System: Debian GNU/Linux
Topic: Vulnerabilities in quagga and spip
Links: DSA-2459, CVE-2012-0249, CVE-2012-0250, CVE-2012-0255, ESB-2012.0412, ESB-2012.0435,
DSA-2461, ESB-2012.0413, ESB-2012.0417
ID: ae-201204-079

Quagga is a routing daemon. Several vulnerabilities have been found here. Vulnerabilities in the OSPFv2 implementation allows remote attackers to cause a Denial-of-Service (DoS) via Link State Updates. Besides this, the BGB implementation allows a Denial-of-Service by a malformed message.
Several vulnerabilities have been found in SPIP, a website engine for publishing, resulting in Cross-Site Scripting (XSS), script code injection and bypass of restrictions.
Updated packages are available now.

System: Red Hat Enterprise Linux
Topic: Vulnerability in libpng
Links: RHSA-2012-0523, CVE-2011-3048, ESB-2012.0409
ID: ae-201204-078

It was discovered that incorrect memory handling in the png_set_text2() function of the PNG library could lead to the execution of arbitrary code. An update is available now.

System: Red Hat Enterprise Linux 5
Topic: Vulnerability in Kernel
Links: RHSA-2012-0517, CVE-2011-3638, ESB-2012.0406
ID: ae-201204-077

The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw has been found in the Linux kernel. A local, unprivileged user with the ability to mount and unmount ext4 file systems is able to cause a Denial-of-Service (DoS). Updated packages are available now.

System: Many
Topic: Vulnerabilities in OpenSSL
Links: CVE-2012-0884, CVE-2012-1165, CVE-2012-2110, CVE-2012-2131, RHSA-2012-0518, RHSA-2012-0522, ESB-2012.0407, DSA-2454, ESB-2012.0408 , FreeBSD-SA-12:01, ESB-2012.0431
ID: ae-201204-076

Multiple vulnerabilities have been found in OpenSSL. A weakness in the CMS and PKCS #7 implementations could allow an attacker to decrypt data via a Million Message Attack (MMA). A NULL pointer could be dereferenced when parsing certain S/MIME messages, leading to Denial-of-Service (DoS). A vulnerability in the way DER-encoded ASN.1 data is parsed can result in a heap overflow. Besides this, it has been found that an earlier fix was not complete.
Updated packages are available now.

System: Red Hat Enterprise Linux
Topic: Vulnerabilities in java-1.6.0-ibm
Links: RHSA-2012-0514, ESB-2012.0403
ID: ae-201204-075

Several vulnerabilities have been found in Java. Exploiting them might lead to remote code execution as well as access to confidential data and a Denial-of-Service (DoS). All users of java-1.6.0-ibm are advised to upgrade to updated packages, containing the IBM Java 6 SR10-FP1 Java release.

System: Debian GNU/Linux
Topic: Vulnerability in Dropbear SSH Daemon
Links: DSA-2456, CVE-2012-0920, ESB-2012.0402
ID: ae-201204-074

A use-after-free in the Dropbear SSH daemon has been found. It might allow execution of arbitrary code. Exploitation is limited to users, who have been authenticated through public key authentication and for which command restrictions are in place. Updated packages are available now.

System: Many
Topic: Vulnerabilities in firefox, thunderbird, iceape and iceweasel
Links: CVE-2012-0467, CVE-2012-0470, CVE-2012-0471, CVE-2012-0477, CVE-2012-0479, CVE-2012-0455, CVE-2012-0456, CVE-2012-0458, CVE-2012-0461, ASB-2012.0063, RHSA-2012-0515, RHSA-2012-0516, ESB-2012.0405, DSA-2457, DSA-2458, ESB-2012.0404, MDVSA-2012:081
ID: ae-201204-073

Updated versions of the mentioned packages are available, which include multiple security vulnerabilities. Among other things, by a bug in "Open Type" an attacker can possibly crash the software or can execute arbitrary code with the privileges of the user who is running the program.

System: HP-UX
Topic: Vulnerabilities in Asterisk
Links: AST-2012-004, AST-2012-005, AST-2012-006, CVE-2012-1183, CVE-2012-2414, CVE-2012-2415, ESB-2012.0401,
DSA-2460, ESB-2012.0411
ID: ae-201204-072

A user of the Asterisk Manager Interface can bypass a security check and execute shell commands. In the Skinny channel driver, KEYPAD_BUTTON_MESSAGE events are queued for processing in a buffer allocated on the heap. Since the length of the buffer is never checked, an attacker could send sufficient events such that the buffer is overrun. A remotely exploitable crash vulnerability exists in the SIP channel driver if a SIP UPDATE request is processed within a particular window of time.
Updated packages are available now.

System: HP-UX
Topic: Vulnerabilities in Samba
Links: HPSBUX02768 SSRT100664 ESB-2012.0400
ID: ae-201204-071

Potential security vulnerabilities have been identified with HP-UX CIFS-Server (Samba). The vulnerabilities could be exploited remotely to create a Cross-Site Request Forgery (CSRF) or a Denial-of-Service (DoS). It's recommended to update affected systems to address these well known vulnerabilities.

System: Red Hat Enterprise Linux
Topic: Vulnerabilities in java-1.5.0-ibm and wireshark
Links: RHSA-2012-0508, ESB-2012.0398,
RHSA-2012-0509, ESB-2012.0399,
ID: ae-201204-070

Several vulnerabilities have been found in Java. Exploiting them might lead to remote code execution as well as access to confidential data. All users of java-1.5.0-ibm are advised to upgrade to updated packages, containing the IBM 1.5.0 SR13-FP1 Java release.
Several flaws have been found in Wireshark, a tool for monitoring network traffic. Updated packages are available now, so an update is recommended.

System: Mandriva Linux
Topic: Vulnerabilities in raptor and OpenOffice.org
Links: MDVSA-2012:061, CVE-2012-0037,
MDVSA-2012:062, CVE-2012-0037
ID: ae-201204-069

An XML External Entity expansion flaw was found in the way Raptor processes RDF files. If an application linked against Raptor opens a specially-crafted RDF file, it could possibly allow a remote attacker to obtain a copy of an arbitrary local file that the user running the application has access to. Due to a bug in the way Raptor handles external entities the application might crash or, possibly, execute arbitrary code with the privileges of the user running the application.
Updated packages are available now.

System: Network Appliance
Topic: Vulnerabilities in Scalance S602 V2
Links: ICSA-12-102-05, CVE-2012-1800, CVE-2012-1799, ESB-2012.0396
ID: ae-201204-068

Stack-based buffer overflow in the Profinet DCP protocol implementation on the Siemens Scalance S Security Module firewall S602 V2, S612 V2, and S613 V2 with firmware before 2.3.0.3 allows remote attackers to cause a denial of service (device outage) or possibly execute arbitrary code via a crafted DCP frame. A new Update is available.

System: Many
Topic: Vulnerability in TYPO3
Links: typo3-core-sa-2012-002, CVE-2012-2112, CVE-2012-0021, ESB-2012.0395, DSA-2455, ESB-2012.0397
ID: ae-201204-067

A potential security vulnerabilities has been identified in Typo3. Failing to properly encode the output, the default Exception Handler is susceptible to Cross-Site Scripting (XSS). A new Update is available.

System: HP-UX
Topic: Vulnerabilities in Apache
Links: CVE-2012-0053, CVE-2012-0031, CVE-2012-0021, CVE-2011-3607, ESB-2012.0394
ID: ae-201204-066

Potential security vulnerabilities have been identified with HP-UX Running Apache. These vulnerabilities could be exploited remotely to create a Denial of Service (DoS) or to gain a local increase of privilege. A new Update is available.

System: Many
Topic: Vulnerabilities in Data Protection Advisor Server
Links: CVE-2012-0407, CVE-2012-0406, ESB-2012.0393
ID: ae-201204-065

EMC Data Protection Advisor (DPA) contains vulnerabilities that can potentially be exploited by malicious users to cause denial of service. A new Update is available.

System: Microsoft Windows
Topic: Vulnerability in Shibboleth
Links: CVE-2012-2110, ESB-2012.0392
ID: ae-201204-064

The OpenSSL team disclosed and patched a security issue in functions that the Shibboleth Service Provider, and some related libraries, depend on for key and certificate processing. Updated Windows installer and postinstall ZIP files for V2.4.3 have been posted that replace the OpenSSL libraries included with OpenSSL V1.0.0i.

System: z/OS
Topic: Vulnerability in WebSphere Application Server
Links: swg21588312, CVE-2012-2162, ESB-2012.0391
ID: ae-201204-063

SSL connections between the plug-in and WebSphere Application Server might fail or revert to non-SSL after the shipped version of the plugin-key.kdb password expires. Please folow IBm guidelines to avoid security leaks.

System: Many
Topic: Vulnerabilities in Bugzilla
Links: CVE-2012-0466, CVE-2012-0465, ESB-2012.0390
ID: ae-201204-062

Bugzilla is a Web-based bug-tracking system used by a large number of software projects. The following security issues have been discovered in Bugzilla. When abusing the X-FORWARDED-FOR header, an attacker could bypass the lockout policy allowing a possible brute-force discovery of a valid user password. An attacker can get access to some bug information using the victim's credentials using a specially crafted HTML page. A new update is available.

System: Debian GNU/Linux
Topic: Vulnerabilities in OpenSSL
Links: dsa-2454, CVE-2012-2110, CVE-2012-1165, CVE-2012-0884, CVE-2011-4619, ESB-2012.0389
ID: ae-201204-061

Multiple vulnerabilities have been found in OpenSSL. These vulnerabilities may allow remote attackers to access confidential data, or execute a denial of service (DoS). A new update is available.

System: Many
Topic: Vulnerability in OpenSSL
Links: secadv_20120419, CVE-2012-2110, ESB-2012.0388
ID: ae-201204-060

The asn1_d2i_read_bio function in OpenSSL does not properly interpret integer data, which allows remote attackers to conduct buffer overflow attacks, and cause a denial of service or possibly have unspecified other impact. A new update is available.

System: OpenVMS
Topic: Vulnerabilities in IBM WebSphere Application Server
Links: swg21589257, CVE-2012-0720, CVE-2012-0716, CVE-2012-0193, CVE-2011-1377, ESB-2012.0385
ID: ae-201204-059

Multiple vulnerabilities have been addressed in WebSphere Application Server. These vulnerabilities could potentially allow an attacker to read or write to arbitrary files, bypass security restrictions, conduct cross-site scripting (XSS) attacks, or cause a denial of service (DoS). A new update is available.

System: OpenVMS
Topic: Vulnerability in HP OpenVMS
Links: CVE-2012-0134, ESB-2012.0384
ID: ae-201204-058

A potential security vulnerability has been identified with HP OpenVMS. The vulnerability could be locally exploited to cause a Denial of Service (DoS). A new update is available.

System: OpenVMS
Topic: Vulnerabilities in HP Secure Web Server
Links: CVE-2011-4885, CVE-2011-3190, CVE-2011-2729, CVE-2011-2526, CVE-2011-2204, CVE-2011-2202, CVE-2011-1938, CVE-2011-1464, CVE-2011-1184, ESB-2012.0383
ID: ae-201204-057

Potential vulnerabilities have been identified with HP Secure Web Server (SWS) for OpenVMS running CSWS_JAVA. The vulnerabilities could be remotely exploited to create a Denial of Service (DoS), unauthorized access, privilege escalation, unauthorized disclosure of information, or unauthorized modifications. A new update is available.

System: Red Hat Linux
Topic: Vulnerabilities in rhev-hypervisor5
Links: RHSA-2012-0488, CVE-2012-1583, CVE-2012-1573, CVE-2012-1569, CVE-2012-1165, CVE-2012-0884, CVE-2012-0864, CVE-2011-4128, CVE-2011-3045, ESB-2012.0382
ID: ae-201204-056

An updated rhev-hypervisor5 package that fixes three security issues and one bug is now available.

System: Red Hat Linux
Topic: Vulnerabilities in rhev-hypervisor5
Links: RHSA-2012-0488, CVE-2012-1583, CVE-2012-1573, CVE-2012-1569, CVE-2012-1165, CVE-2012-0884, CVE-2012-0864, CVE-2011-4128, CVE-2011-3045, ESB-2012.0382
ID: ae-201204-055

An updated rhev-hypervisor5 package that fixes three security issues and one bug is now available.

System: Red Hat Linux
Topic: Vulnerabilities in kernel
Links: RHSA-2012-0481, CVE-2012-1097, CVE-2012-1090, CVE-2012-0879, ESB-2012.0381
ID: ae-201204-054

Updated kernel packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6.

System: Red Hat Linux
Topic: Vulnerability in kernel
Links: RHSA-2012-0480, CVE-2012-1583, ESB-2012.0380
ID: ae-201204-053

Updated kernel packages that fix one security issue, various bugs, and add one enhancement are now available for Red Hat Enterprise Linux 5.

System: Many
Topic: Vulnerability in Apache HTTP Server
Links: CVE-2012-0883, ESB-2012.0379
ID: ae-201204-052

Envvars (aka envvars-std) in the Apache HTTP Server before 2.4.2 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse DSO in the current working directory during execution of apachectl. New updates are available.

System: Many
Topic: Vulnerabilities in IBM Tivoli Directory Server
Links: swg21591257, swg21591267, swg21591272, CVE-2012-0743, CVE-2012-0740, CVE-2012-0726, ESB-2012.0378
ID: ae-201204-051

IBM Tivoli Directory Server (TDS) is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the Web Admin Tool. A remote attacker could exploit this vulnerability to execute script in the user's Web browser. An attacker could use this vulnerability to steal the user's cookie-based authentication credentials. New updates are available.

System: Many
Topic: Vulnerabilities in HP System Management Homepage
Links: CVE-2012-1993, CVE-2012-0135, CVE-2011-4317, CVE-2011-3846, CVE-2011-3639, CVE-2011-3368, CVE-2011-3348, CVE-2011-3268, CVE-2011-3267, ESB-2012.0377,
ID: ae-201204-050

Potential security vulnerabilities have been identified with HP System Management Homepage running on Linux and Windows. The vulnerabilities could be exploited remotely and locally resulting in cross site request forgery (CSRF), Denial of Service (DoS), execution of arbitrary code, and other vulnerabilities. New updates are available.

System: Mandriva Enterprise Server
Topic: Vulnerability in python-sqlalchemy
Links: MDVSA-2012:059, CVE-2012-0805
ID: ae-201204-049

It was discovered that SQLAlchemy did not sanitize values for the limit and offset keywords for SQL select statements. If an application using SQLAlchemy accepted values for these keywords, and did not filter or sanitize them before passing them to SQLAlchemy, it could allow an attacker to perform an SQL injection attack against the application. The updated packages have been patched to correct this issue.

System: Many
Topic: Vulnerabilities in gajim
Links: dsa-2453, CVE-2012-2093, CVE-2012-2086, CVE-2012-2085, CVE-2012-1987, ESB-2012.0376
ID: ae-201204-048

Several vulnerabilities have been discovered in gajim, a feature-rich jabber client. These vulnerabilities may allow remote attackers to execute arbitrary code. New packages are available for download.

System: Mac OS X
Topic: Vulnerability in Mac OS X Lion
Links: RHSA-2012-0478, CVE-2012-1182, ESB-2012.0375
ID: ae-201204-047

A new update is available for MAC OSX. This update runs a malware removal tool that will remove the most common variants of the Flashback malware. If the Flashback malware is found, it presents a dialog notifying the user that malware was removed.

System: Red Hat Linux
Topic: Vulnerability in samba
Links: RHSA-2012-0478, CVE-2012-1182, ESB-2012.0374
ID: ae-201204-046

The RPC code generator in Samba 3.x before 3.4.16, 3.5.x before 3.5.14, and 3.6.x before 3.6.4 does not implement validation of an array length in a manner consistent with validation of array memory allocation, which allows remote attackers to execute arbitrary code via a crafted RPC call. Updated packages are available.

System: Debian GNU/Linux
Topic: Vulnerability in apache2
Links: dsa-2452, CVE-2012-0216, ESB-2012.0373
ID: ae-201204-045

A security issue with the default Apache configuration on Debian, if certain scripting modules like mod_php or mod_rivet are installed, was detected. The problem arises because the directory /usr/share/doc, which is mapped to the URL /doc, may contain example scripts that can be executed by requests to this URL. Updated packages are available.

System: Several
Topic: Vulnerability in IrfanView
Links: Secunia #48772, CVE-2012-0278, X-Force #74847
ID: ae-201204-044

IrfanView is vulnerable to a heap-based buffer overflow, caused by improper bounds checking when decompressing FlashPix images. By persuading a victim to open a specially-crafted FPX file, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. An upgrade to the latest version of IrfanView (4.3.4.0 or later) should be done.

System: Several
Topic: Vulnerability in VMware products
Links: VMSA-2012-0007, CVE-2012-1518, ESB-2012.0371
ID: ae-201204-043

The access control list of the VMware Tools folder is incorrectly set. Exploitation of this issue may lead to local privilege escalation on Windows-based Guest Operating Systems. Affected are most of the products published by VMware. A patch is available now.

System: Red Hat Enterprise Linux
Topic: Vulnerability in Red Hat Enterprise MRG Management Console
Links: RHSA-2012-0476, RHSA-2012-0477, CVE-2012-1575, ESB-2012.0370, X-Force #74844
ID: ae-201204-042

Red Hat Enterprise MRG (Messaging, Realtime, and Grid) is a next-generation IT infrastructure for enterprise computing. Several Cross-Site Scripting (XSS) flaws were found in the MRG Management Console (Cumin). An authorized user on the local network could use these flaws to perform Cross-Site Scripting attacks against MRG Management Console users. Updated packages are available now.

System: Mac OS X
Topic: Vulnerabilities in Java
Links: Apple_HT5247, ESB-2012.0370
ID: ae-201204-041

Java for OS X 2012-003 and Java for Mac OS X 10.6 Update 8 is now available and addresses some security related problems. As a security hardening measure, the Java browser plugin and Java Web Start are deactivated if they are unused for 35 days. Besides this, a malware removal tool is included in this update that will remove the most common variants of the Flashback malware.

System: Debian GNU/Linux
Topic: Vulnerabilities in sqlalchemy and puppet
Links: DSA-2449, CVE-2012-0805, ESB-2012.0367,
DSA-2451, CVE-2012-1906, CVE-2012-1986, CVE-2012-1987, CVE-2012-1988, ESB-2012.0372
ID: ae-201204-040

It has been found out that sqlalchemy, an SQL toolkit and object relational mapper for python, isn't sanitizing input passed to the limit/offset keywords to select() as well as the value passed to select.limit()/offset(). This allows an attacker to perform SQL injection attacks against applications using sqlalchemy that do not implement their own filtering.
Several vulnerabilities have been discovered in puppet, a centralized configuration management system. Puppet is using predictable temporary file names when downloading Mac OS X package files. When handling requests for a file from a remote filebucket, puppet can be tricked into overwriting its defined location for filebucket storage. It is incorrectly handling filebucket requests and filebucket store requests. Exploiting these vulnerabilities might allow local users to access confidential data, to overwrite arbitrary files as well as to conduct a Denial-of-Service (DoS).
Updated packages are available now.

System: Mandriva Linux
Topic: Several vulnerabilities in rpm and FreeType
Links: MDVSA-2012:056, CVE-2012-0060, CVE-2012-0061, CVE-2012-0815,
MDVSA-2012:057
ID: ae-201204-039

Multiple flaws were found in the way RPM parsed package file headers. An attacker could create a specially-crafted RPM package that, when its package header is accessed, or during package signature verification, could cause an application using the RPM library to crash or, potentially, execute arbitrary code.
FreeType is a free, high-quality, portable font engine that can open and manage font files. Multiple flaws were found in the way FreeType handles TrueType Font (TTF), Glyph Bitmap Distribution Format (BDF), Windows .fnt and .fon, and PostScript Type 1 fonts. If a specially-crafted font file is loaded by an application linked against FreeType, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. Besides this, multiple flaws were found in the way FreeType handles fonts in various other formats. If a specially-crafted font file was loaded by an application linked against FreeType, it could cause the application to crash.
Updated packages are available now.

System: Appliance
Topic: Vulnerability in HP Procurve 5400 zl Series Switches
Links: HPSBPV02754, SSRT100803, CVE-2012-0133, ESB-2012.0366
ID: ae-201204-038

A potential security vulnerability has been identified with certain HP ProCurve 5400 zl switches containing compact flash cards which may be infected with a virus. Reuse of an infected compact flash card in a personal computer could result in a compromise of that system's integrity. To resolve this problem, two possibilities are given: Software Purge or Hardware Replacement.

System: Red Hat Enterprise Linux
Topic: Vulnerabilities in Tomcat
Links: RHSA-2012-0474, RHSA-2012-0475, CVE-2011-4858, CVE-2012-0022, ESB-2012.0365
ID: ae-201204-037

Two vulnerabilities have been found in Tomcat 5 and Tomcat 6, respectively. Exploiting them might allow unauthenticated attackers a remote Denial-of-Service (DoS). Updated packages are available now.

System: Red Hat Enterprise Linux
Topic: Several vulnerabilities in FreeType
Links: RHSA-2012-0467, ESB-2012.0361
ID: ae-201204-036

FreeType is a free, high-quality, portable font engine that can open and manage font files. Multiple flaws were found in the way FreeType handles TrueType Font (TTF), Glyph Bitmap Distribution Format (BDF), Windows .fnt and .fon, and PostScript Type 1 fonts. If a specially-crafted font file is loaded by an application linked against FreeType, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. Besides this, multiple flaws were found in the way FreeType handles fonts in various other formats. If a specially-crafted font file was loaded by an application linked against FreeType, it could cause the application to crash. Updated packages are available now.

System: Various
Topic: Vulnerability in Samba
Links: CVE-2012-1182, RHSA-2012-0465, RHSA-2012-0466, ESB-2012.0360, MDVSA-2012:055, DSA-2450, ESB-2012.0369
ID: ae-201204-035

A flaw in the Samba suite's Perl-based DCE/RPC IDL (PIDL) compiler, used to generate code to handle RPC calls, results in multiple buffer overflows in Samba. A remote, unauthenticated attacker could send a specially-crafted RPC request that would cause the Samba daemon (smbd) to crash or, possibly, execute arbitrary code with the privileges of the root user. Updated packages are available now.

System: Various
Topic: Vulnerabilities in Adobe Reader and Acrobat
Links: APSB12-08, CVE-2012-0774, CVE-2012-0775, CVE-2012-0776, CVE-2012-0777, ESB-2012.0359,
RHSA-2012-0469, ESB-2012.0363
ID: ae-201204-034

Adobe has released security updates for Adobe Reader X (10.1.2) and earlier versions for Windows and Macintosh, Adobe Reader 9.4.6 and earlier 9.x versions for Linux, and Adobe Acrobat X (10.1.2) and earlier versions for Windows and Macintosh. These updates address vulnerabilities in the software that could cause the application to crash and potentially allow an attacker to take control of the affected system. It's recommended to install these updates.

System: Microsoft Windows
Topic: Vulnerability in Microsoft Office
Links: MS12-028, CVE-2012-0177, ESB-2012.0358
ID: ae-201204-033

No further comment due to legal reasons

System: Microsoft Windows
Topic: Vulnerability in Microsoft Windows Common Controls
Links: MS12-027, CVE-2012-0158, ISS Alert #445, ESB-2012.0357
ID: ae-201204-032

No further comment due to legal reasons

System: Microsoft Windows
Topic: Vulnerabilies in Microsoft Forefront Unified Access Gateway (UAG)
Links: MS12-026, CVE-2012-0146, CVE-2012-0147, ESB-2012.0356
ID: ae-201204-031

No further comment due to legal reasons

System: Microsoft Windows
Topic: Vulnerabiliy in Microsoft Windows .NET Framework
Links: MS12-025, CVE-2012-0163, ESB-2012.0355
ID: ae-201204-030

No further comment due to legal reasons

System: Microsoft Windows
Topic: Vulnerabiliy in Microsoft Windows
Links: MS12-024, CVE-2012-0151, ESB-2012.0354
ID: ae-201204-029

No further comment due to legal reasons

System: Microsoft Windows
Topic: Several vulnerabilites in Microsoft Internet Explorer
Links: MS12-023, CVE-2012-0168, CVE-2012-0169, CVE-2012-0170, CVE-2012-0171, CVE-2012-0172, ESB-2012.0353
ID: ae-201204-028

No further comment due to legal reasons

System: Debian GNU/Linux
Topic: Vulnerability in InspIRCd
Links: DSA-2448, CVE-2012-1836, ESB-2012.0351
ID: ae-201204-027

It was discovered that a heap-based buffer overflow in InspIRCd could allow remote attackers to execute arbitrary code via a crafted DNS query. Updated packages are available now.

System: Mac OS X
Topic: Vulnerabilities in Java
Links: Apple_HT5228, CVE-2011-3563, CVE-2011-5035, CVE-2012-0497, CVE-2012-0498, CVE-2012-0499, CVE-2012-0500, CVE-2012-0501, CVE-2012-0502, CVE-2012-0503, CVE-2012-0505, CVE-2012-0506, CVE-2012-0507
ID: ae-201204-026

Multiple vulnerabilities exist in Java 1.6.0_29, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_31.

System: SONY
Topic: Vulnerability in Sony BRAVIA TV
Links: Exploit_db_18705, CVE-2012-2210, Secunia #48705, X-Force #74644
ID: ae-201204-025

Sony BRAVIA TV KDL-32CX525 is vulnerable to a Denial-of-Service (DoS). A remote attacker could exploit this vulnerability via a datagram flood to cause the device to malfunction. After some attacks using hping the TV turns off automatically. Currently a patch isn't available, so network access access to these devices should be restricted if watching TV is important.

System: Juniper IVE OS
Topic: Vulnerability in SSL VPN Network Connect (NC)/Pulse
Links: Juniper PSN-2012-02-513, Secunia #48718, Secunia #48720, X-Force #74609, ESB-2012.0352
ID: ae-201204-024

Juniper IVE OS is vulnerable to Cross-Site Scripting (XSS), caused by improper validation of user-supplied input in the SSL VPN Network Connect (NC)/Pulse functionality. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. An official fix is available now.

System: Linux
Topic: Vulnerability in libtiff
Links: CVE-2012-1173, MDVSA-2012:054, RHSA-2012-0468, ESB-2012.0362
ID: ae-201204-023

An integer overflow was discovered in the libtiff/tiff_getimage.c file in the tiff library which could cause execution of arbitrary code using a specially crafted TIFF image file. A new update is available.

System: Microsoft Windows/Solaris
Topic: Vulnerability in HP Business Availability Center (BAC)
Links: HPSBMU02749 SSRT100793 rev.1, HPSBMU02753 SSRT100782 rev.1, CVE-2012-0132, CVE-2010-1452, CVE-2009-3095, CVE-2009-3094, CVE-2009-2699, ESB-2012.0348
ID: ae-201204-022

A potential security vulnerability has been identified with HP Business Availability Center (BAC) running on Windows and Solaris. The vulnerability could be remotely exploited to allow cross site scripting (XSS). A new update is available.

System: Many
Topic: Vulnerabilities in Cisco WebEx Player
Links: cisco-sa-20120404-webex, CVE-2012-1337, CVE-2012-1336, CVE-2012-1335, ESB-2012.0347
ID: ae-201204-021

Buffer overflow in the Cisco WebEx Recording Format (WRF) player allows remote attackers to execute arbitrary code via a crafted WRF file. A new update is available.

System: Debian GNU/Linux 6
Topic: Vulnerability in tiff
Links: dsa-2447, CVE-2012-1173, ESB-2012.0346
ID: ae-201204-020

An integer overflow in the TIFF library in the parsing of the TileSize entry, which could result in the execution of arbitrary code if a malformed image is opened, was discovered. A new update is available.

System: Debian GNU/Linux 6
Topic: Vulnerability in libpng
Links: dsa-2446, CVE-2011-3048, ESB-2012.0345
ID: ae-201204-019

It was discovered that incorrect memory handling in the png_set_text2() function of the PNG library could lead to the execution of arbitrary code. A new update is available.

System: Microsoft Windows/Solaris
Topic: Vulnerabilities in HP Business Availability Center
Links: HPSBMU02753 SSRT100782 rev.1, CVE-2010-1452, CVE-2009-3095, CVE-2009-3094, CVE-2009-2699, ESB-2012.0344
ID: ae-201204-018

Potential security vulnerabilities have been identified with HP Business Availability Center (BAC) running Apache. The vulnerabilities could be remotely exploited to allow execution of arbitrary commands or to create a Denial of Service (DoS). A new update is available.

System: HP-UX
Topic: Vulnerabilities in Java
Links: CVE-2012-0507, CVE-2012-0506, CVE-2012-0505, CVE-2012-0503, CVE-2012-0502, CVE-2012-0501, CVE-2012-0499, CVE-2012-0498, CVE-2011-3563, CVE-2011-3560, CVE-2011-3557, CVE-2011-3556, CVE-2011-3554, CVE-2011-3552, CVE-2011-3549, CVE-2011-3548, CVE-2011-3547, CVE-2011-3545, CVE-2011-3521, CVE-2011-3389, ESB-2012.0343
ID: ae-201204-017

Potential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. These vulnerabilities could allow remote unauthorized access, disclosure of information, and other vulnerabilities. A new update is available.

System: HP-UX
Topic: Vulnerability in DCE
Links: HPSBUX02758 SSRT100774 rev.1, CVE-2012-0131, ESB-2012.0342
ID: ae-201204-016

A potential security vulnerability has been identified in HP-UX running DCE. The vulnerability could be exploited remotely to create a Denial of Service (DoS). A new update is available.

System: Microsoft Windows
Topic: Vulnerabilities in Rockwell Automation FactoryTalk
Links: ICSA-12-088-01, CVE-2012-0222, CVE-2012-0221, ESB-2012.0341
ID: ae-201204-015

The FactoryTalk RNADiagReceiver service in Rockwell Automation Allen-Bradley FactoryTalk allows remote attackers to cause a denial of service (DoS) via a crafted packet. A new update is available.

System: Many
Topic: Vulnerability in IBM Tivoli Directory Server
Links: swg24032290, swg24032291, CVE-2010-4476, ESB-2012.0340
ID: ae-201204-014

Java Runtime Environment hangs when converting "2.2250738585072012e-308" to a binary floating-point number. This can be used as a denial of service attack against application servers. The prefered method for IBM Websphere Application Server is to upgrade your JDK to an Interim Fix JDK level containing a fix for this issue.

System: Mac OS X
Topic: Vulnerabilities in Java
Links: HT5228, CVE-2012-0507, CVE-2012-0506, CVE-2012-0505, CVE-2012-0503, CVE-2012-0502, CVE-2012-0501, CVE-2012-0500, CVE-2012-0499, CVE-2012-0498, CVE-2012-0497, CVE-2011-5035, CVE-2011-3563, ESB-2012.0339
ID: ae-201204-013

Java for OS X 2012-001 and Java for Mac OS X 10.6 Update 7 is now available and addresses multiple vulnerabilities.

System: Red Hat Linux
Topic: Vulnerabilities in rpm
Links: RHSA-2012-0451, CVE-2012-0815, CVE-2012-0061, CVE-2012-00601, ESB-2012.0338
ID: ae-201204-012

Updated rpm packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6, Red Hat Enterprise Linux 3 and 4 Extended Life Cycle Support, Red Hat Enterprise Linux 5.3 Long Life, and Red Hat Enterprise Linux 5.6, 6.0 and 6.1 Extended Update Support.

System: Mandriva Enterprise Server
Topic: Vulnerability in ocsinventory
Links: MDVSA-2012:053, CVE-2011-4024
ID: ae-201204-011

A vulnerability has been found and corrected in ocsinventory. Cross-site scripting (XSS) vulnerability in ocsinventory in OCS Inventory NG 2.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. New updates are available.

System: Mandriva Enterprise Server
Topic: Vulnerabilities in libvorbis
Links: MDVSA-2012:051, CVE-2009-3379, CVE-2012-0444
ID: ae-201204-010

Multiple vulnerabilities has been found and corrected in libvorbis. A specially-crafted Ogg Vorbis media format file (Ogg) could cause an application using libvorbis to crash or, possibly, execute arbitrary code when opened. If a specially-crafted Ogg Vorbis media file was opened by an application using libvorbis, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application. New updates are available.

System: Mandriva Enterprise Server
Topic: Vulnerabilities in phpmyadmin
Links: MDVSA-2012:050, CVE-2012-1190, CVE-2012-1902
ID: ae-201204-009

Multiple vulnerabilities has been found and corrected in phpmyadmin. It was possible to conduct XSS using a crafted database name. The show_config_errors.php scripts did not validate the presence of the configuration file, so an error message shows the full path of this file, leading to possible further attacks. New updates are available.

System: Microsoft Windows
Topic: Vulnerabilities in Invensys Wonderware Information Server
Links: CVE-2012-0258, CVE-2012-0257, CVE-2012-0228, CVE-2012-0226, CVE-2012-0225, ESB-2012.0337
ID: ae-201204-008

Multiple vulnerabilities in the Invensys Wonderware Information Server have been identified. These vulnerabilities may lead to cross site scripting attacks (XSS), may allow denial of service (DoS), and may allow remote attackers to execute arbitrary code. Invensys has developed a security update to address these affected products.

System: Many
Topic: Vulnerabilities in HP Onboard Administrator
Links: CVE-2012-0130, CVE-2012-0129, CVE-2012-0128, CVE-2010-4180, CVE-2009-3555, CVE-2008-7270, ESB-2012.0336
ID: ae-201204-007

Potential security vulnerabilities have been identified with HP Onboard Administrator. The vulnerabilities could be exploited remotely resulting in unauthorized access, unauthorized information disclosure, Denial of Service (DoS), and URL redirection. HP has made Onboard Administrator v3.50 or subsequent available to resolve the vulnerabilities.

System: Red Hat Linux
Topic: Vulnerabilities in JBoss Enterprise BRMS Platform
Links: RHSA-2012-0441, RHSA-2012-0519, CVE-2012-0818, CVE-2011-4314, ESB-2012.0335, ESB-2012.0409
ID: ae-201204-006

JBoss Enterprise BRMS Platform 5.2.0 roll up patch 1, which fixes two security issues, various bugs, and adds enhancements, is now available from the Red Hat Customer Portal.

System: Mandriva
Topic: Vulnerability in nagios
Links: MDVSA-2012:049, CVE-2011-1523
ID: ae-201204-005

A vulnerability has been found and corrected in nagios. Cross-site scripting (XSS) vulnerability in statusmap.c in statusmap.cgi in Nagios 3.2.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the layer parameter. The updated packages have been patched to correct this issue.

System: Mandriva
Topic: Vulnerability in libpng
Links: MDVSA-2012:046, CVE-2011-3048
ID: ae-201204-004

A potential memory corruption has been found and corrected in libpng. The updated packages have been patched to correct this issue.

System: Mandriva
Topic: Vulnerability in gnutls
Links: MDVSA-2012:045, CVE-2011-4128
ID: ae-201204-003

A vulnerability has been found and corrected in GnuTLS. A Buffer overflow in the gnutls_session_get_data function in lib/gnutls_session.c in GnuTLS 2.12.x before 2.12.14 and 3.x before 3.0.7, allows remote TLS servers to cause a denial of service via a large SessionTicket. The updated packages have been patched to correct this issue.

System: Many
Topic: Vulnerabilities in TYPO3/typo3-src
Links: typo3-core-sa-2012-001, CVE-2012-1608, CVE-2011-1607, CVE-2011-1606, ESB-2012.0330.2
ID: ae-201204-002

Several cross-site-scripting (xss) vulnerabilities have been identified in TYPO3. These vulnerabilities may allow remote attackers to execute html or script code, using the privileges of the current TYPO3 user. Furthermore it is possible to guess the name of the TYPO3 database. Updated packages are available now.

System: Many
Topic: Vulnerabilities in curl
Links: dsa-2398, CVE-2012-0036, CVE-2011-3389, ESB-2012.0097.2
ID: ae-201204-001

Several vulnerabilities have been discovered in cURL, an URL transfer library. Curl is vulnerable to a data injection attack for certain protocols through control characters embedded or percent-encoded in URLs. The SSL protocol encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack on an HTTPS session, in conjunction with JavaScript code that uses the HTML5 WebSocket API, the Java URLConnection API, or the Silverlight WebClient API. Updated packages are available now.



(c) 2000-2014 AERAsec Network Services and Security GmbH