VARIoT IoT vulnerabilities database

QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted AVI file. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the code responsible for parsing rec chunks within an AVI media file. By modifying specific values within the data structure a heap corruption condition can be triggered. An attacker can abuse this to execute arbitrary code under the context of the user running QuickTime. This issue affects Apple Mac OS X 10.6 to 10.6.4 and Mac OS X Server 10.6 to 10.6.4. NOTE: This issue was previously covered in BID 44778 (Apple Mac OS X Prior to 10.6.5 Multiple Security Vulnerabilities), but has been given its own record to better document it. -- Vendor Response: Apple states: Fixed in Mac OS X 10.6.5: http://support.apple.com/kb/HT4435 -- Disclosure Timeline: 2010-04-13 - Vulnerability reported to vendor 2010-11-10 - Coordinated public release of advisory -- Credit: This vulnerability was discovered by: * Damian Put -- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities. Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at: http://www.zerodayinitiative.com The ZDI is unique in how the acquired vulnerability information is used. TippingPoint does not re-sell the vulnerability details or any exploit code. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product. Our vulnerability disclosure policy is available online at: http://www.zerodayinitiative.com/advisories/disclosure_policy/ Follow the ZDI on Twitter: http://twitter.com/thezdi

Heap-based buffer overflow in QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JP2 image. Apple QuickTime is prone to a remote heap-based buffer-overflow vulnerability. Successful exploits may allow attackers to execute arbitrary code in the context of the currently logged-in user; failed exploit attempts will cause denial-of-service conditions. NOTE: This issue was previously covered in BID 44778 (Apple Mac OS X Prior to 10.6.5 Multiple Security Vulnerabilities), but has been given its own record to better document it. Apple QuickTime is a very popular multimedia player

QuickTime in Apple Mac OS X 10.6.x before 10.6.5 accesses uninitialized memory locations during processing of JP2 image data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JP2 file. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the application's support for a component within the SIZ marker in a JPEG 2000 image. When the component contains a malicious value, the application will add a corrupted object to a queue of data which will be processed by the Component Manager's JP2 decompressor. Later when attempting to decompress this data, the application will use the corrupted object. This can lead to code execution under the context of the application. Successful exploits may allow attackers to execute arbitrary code in the context of the currently logged-in user; failed exploit attempts will cause denial-of-service conditions. This issue affects Apple Mac OS X 10.6 to 10.6.4 and Mac OS X Server 10.6 to 10.6.4. NOTE: This issue was previously covered in BID 44778 (Apple Mac OS X Prior to 10.6.5 Multiple Security Vulnerabilities), but has been given its own record to better document it. Apple QuickTime is a very popular multimedia player. ZDI-10-252: Apple QuickTime JP2 SIZ Chunk Uninitialized Object Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-252 November 10, 2010 -- CVE ID: CVE-2010-3788 -- CVSS: 9, (AV:N/AC:L/Au:N/C:P/I:P/A:C) -- Affected Vendors: Apple -- Affected Products: Apple Quicktime -- TippingPoint(TM) IPS Customer Protection: TippingPoint IPS customers have been protected against this vulnerability by Digital Vaccine protection filter ID 10292. -- Vendor Response: Apple states: Fixed in Mac OS X 10.6.5: http://support.apple.com/kb/HT4435 -- Disclosure Timeline: 2010-06-01 - Vulnerability reported to vendor 2010-11-10 - Coordinated public release of advisory -- Credit: This vulnerability was discovered by: * Damian Put * Procyun -- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities. Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at: http://www.zerodayinitiative.com The ZDI is unique in how the acquired vulnerability information is used. TippingPoint does not re-sell the vulnerability details or any exploit code. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product. Our vulnerability disclosure policy is available online at: http://www.zerodayinitiative.com/advisories/disclosure_policy/ Follow the ZDI on Twitter: http://twitter.com/thezdi

Buffer overflow in QuickLook in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Microsoft Office document. Apple Mac OS X is prone to a buffer-overflow vulnerability that affects the QuickLook feature. An attacker can exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions. This issue affects Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X 10.6 to 10.6.4 and Mac OS X Server 10.6 to 10.6.4. NOTE: This issue was previously covered in BID 44778 (Apple Mac OS X Prior to 10.6.5 Multiple Security Vulnerabilities), but has been given its own record to better document it. CVE-ID CVE-2010-3786 : Tobias Klein, working with VeriSign iDefense Labs Numbers for iOS v1.5 is available for download via the App Store. To check the current version of software, select "Settings -> Numbers -> Version". -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2011-07-20-2 iWork 9.1 Update iWork 9.1 Update is now available and addresses the following: Numbers Available for: iWork 9.0 through 9.0.5 Impact: Opening a maliciously crafted Excel file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in the handling of Excel files. Opening a maliciously crafted Excel file in Numbers may lead to an unexpected application termination or arbitrary code execution. CVE-ID CVE-2010-3785 : Apple Numbers Available for: iWork 9.0 through 9.0.5 Impact: Opening a maliciously crafted Excel file may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in the handling of Excel files. Opening a maliciously crafted Excel file in Numbers may lead to an unexpected application termination or arbitrary code execution. CVE-ID CVE-2010-3786 : Tobias Klein, working with VeriSign iDefense Labs Pages Available for: iWork 9.0 through 9.0.5 Impact: Opening a maliciously crafted Microsoft Word document may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in the handling of Microsoft Word documents. Opening a maliciously crafted Microsoft Word document in Pages may lead to an unexpected application termination or arbitrary code execution. CVE-ID CVE-2011-1417 : Charlie Miller and Dion Blazakis working with TippingPoint's Zero Day Initiative iWork 9.1 Update is available via the Apple Software Update application, or Apple's Software Downloads web site: http://www.apple.com/support/downloads/ The download file is named: iWork9.1Update.dmg Its SHA-1 digest is: ecb38db74d7d1954cbcee9220c73dac85cace3e1 Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (Darwin) iQEcBAEBAgAGBQJOKcGrAAoJEGnF2JsdZQeewcYH/RhHdLa6x14PX+ZTC+sm1Mjc W1xBpOxMuBpAx3Li6INXXLvMablTgPIs5e3pbtsV0RYtsJy99JdPySPI8bpQu0Si CVWuXXSBYy2gdTtRAf6MI3j+oOyM1JhE7GunLBWcmAzv5TxS8TRf0HtNErFEe8NA StV8QBWLErNyHxqjUQsIb5d1KbIbOysFQZy3O6pyZ6SRwr8tlIPKnY4KsaDYS5Ry tpv3lMysde5NqCy8BeOQEtW/WAmE7i9NCCNfU2L+OfGQOXIdXmKl7Orjj+d9l23L umGo9GCACvBVO1Ot6jKDlCW+ZuDRGuz+fhQnwOdyoqtwUwiNCsS6VIwuYYrcmxw= =wrny -----END PGP SIGNATURE-----

The PMPageFormatCreateWithDataRepresentation API in Printing in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 does not properly handle XML data, which allows attackers to cause a denial of service (NULL pointer dereference and application crash) via unspecified API calls. Attackers can exploit this issue to crash the application using the vulnerable API, denying service to legitimate users. Due to the nature of this issue, arbitrary code-execution may be possible; this has not been confirmed. NOTE: This issue was previously covered in BID 44778 (Apple Mac OS X Prior to 10.6.5 Multiple Security Vulnerabilities), but has been given its own record to better document it. This issue affects Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X 10.6 to 10.6.4, and Mac OS X Server 10.6 to 10.6.4

Password Server in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 does not properly perform replication, which allows remote authenticated users to bypass verification of the current password via unspecified vectors. An attacker can exploit this issue to gain unauthorized access to the affected computer. The following are affected: Mac OS X 10.6 through 10.6.4 Mac OS X Server 10.6 through 10.6.4 NOTE: This issue was previously covered in BID 44778 (Apple Mac OS X Prior to 10.6.5 Multiple Security Vulnerabilities), but has been given its own record to better document it

QuickLook in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Excel file. The Apple Mobile OfficeImport Framework is prone to a remote memory-corruption vulnerability. Successful exploits may allow attackers to execute arbitrary code with the privileges of the victim user. On Apple devices, successful exploits will completely compromise the affected device. The following products are affected: Mac OS X 10.6 to 10.6.4 Mac OS X Server 10.6 to 10.6.4 iPod Touch iPad IOS 3.1.3 IOS 3.2.1 NOTE: This issue was previously covered in BID 44778 (Apple Mac OS X Prior to 10.6.5 Multiple Security Vulnerabilities), but has been given its own record to better document it. iDefense Security Advisory 11.11.10 http://labs.idefense.com/intelligence/vulnerabilities/ Nov 11, 2010 I. BACKGROUND The OfficeImport framework is an API used by Apple's mobile devices, including the iPod Touch, iPhone, and iPad. The framework is used to parse and display Microsoft Office file formats, such as Excel, Word, and PowerPoint. The OfficeImport framework is used by several applications, including MobileMail and MobileSafari. Both of these applications are attack vectors for this vulnerability. For more information, see the vendor's site found at the following link. http://www.apple.com/iphone/softwareupdate/ II. The vulnerability occurs when parsing an Excel file with a maliciously constructed Excel record. Specific values within this record can trigger a memory corruption vulnerability, and result in values from the file being used as function pointers. III. To exploit this vulnerability, an attacker has several attack vectors. The most dangerous vector is through MobileSafari, which will automatically open and parse Office files embedded in web pages. This behavior is similar to Microsoft Office 2000, in that it enables drive-by style attacks without any user interaction beyond visiting a web page (no file open dialog is displayed, the file is simply opened). Additionally, an attacker can email a targeted user and attach a malicious file. The user will then have to view the email and attachment with MobileMail to trigger the vulnerability. IV. V. WORKAROUND iDefense is currently unaware of any workarounds for this issue. There is no configuration option to disable the parsing of Office files in the browser. Additionally, due to a lack of control over file system permissions on Apple devices (and the method of library loading) it is not possible to remove or block access to the OfficeImport binary. VI. VENDOR RESPONSE Apple Inc. has released patches which addresses this issue. For more information, consult their advisory at the following URL: http://support.apple.com/kb/HT4435 VII. CVE INFORMATION The Common Vulnerabilities and Exposures (CVE) project has assigned the name CVE-2010-3786 to this issue. This is a candidate for inclusion in the CVE list (http://cve.mitre.org/), which standardizes names for security problems. VIII. DISCLOSURE TIMELINE 08/25/2010 Initial Vendor Notification 08/25/2010 Initial Vendor Reply 11/11/2010 Coordinated Public Disclosure IX. CREDIT This vulnerability was reported to iDefense by Tobias Klein. Get paid for vulnerability research http://labs.idefense.com/methodology/vulnerability/vcp.php Free tools, research and upcoming events http://labs.idefense.com/ X. LEGAL NOTICES Copyright \xa9 2010 iDefense, Inc. Permission is granted for the redistribution of this alert electronically. It may not be edited in any way without the express written consent of iDefense. If you wish to reprint the whole or any part of this alert in any other medium other than electronically, please e-mail customerservice@idefense.com for permission. Disclaimer: The information in the advisory is believed to be accurate at the time of publishing based on currently available information. Use of the information constitutes acceptance for use in an AS IS condition. There are no warranties with regard to this information. Neither the author nor the publisher accepts any liability for any direct, indirect, or consequential loss or damage arising from use of, or reliance on, this information. CVE-ID CVE-2010-3786 : Tobias Klein, working with VeriSign iDefense Labs Numbers for iOS v1.5 is available for download via the App Store. To check the current version of software, select "Settings -> Numbers -> Version". -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2011-07-20-2 iWork 9.1 Update iWork 9.1 Update is now available and addresses the following: Numbers Available for: iWork 9.0 through 9.0.5 Impact: Opening a maliciously crafted Excel file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in the handling of Excel files. CVE-ID CVE-2010-3786 : Tobias Klein, working with VeriSign iDefense Labs Pages Available for: iWork 9.0 through 9.0.5 Impact: Opening a maliciously crafted Microsoft Word document may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in the handling of Microsoft Word documents. CVE-ID CVE-2011-1417 : Charlie Miller and Dion Blazakis working with TippingPoint's Zero Day Initiative iWork 9.1 Update is available via the Apple Software Update application, or Apple's Software Downloads web site: http://www.apple.com/support/downloads/ The download file is named: iWork9.1Update.dmg Its SHA-1 digest is: ecb38db74d7d1954cbcee9220c73dac85cace3e1 Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (Darwin) iQEcBAEBAgAGBQJOKcGrAAoJEGnF2JsdZQeewcYH/RhHdLa6x14PX+ZTC+sm1Mjc W1xBpOxMuBpAx3Li6INXXLvMablTgPIs5e3pbtsV0RYtsJy99JdPySPI8bpQu0Si CVWuXXSBYy2gdTtRAf6MI3j+oOyM1JhE7GunLBWcmAzv5TxS8TRf0HtNErFEe8NA StV8QBWLErNyHxqjUQsIb5d1KbIbOysFQZy3O6pyZ6SRwr8tlIPKnY4KsaDYS5Ry tpv3lMysde5NqCy8BeOQEtW/WAmE7i9NCCNfU2L+OfGQOXIdXmKl7Orjj+d9l23L umGo9GCACvBVO1Ot6jKDlCW+ZuDRGuz+fhQnwOdyoqtwUwiNCsS6VIwuYYrcmxw= =wrny -----END PGP SIGNATURE----- . ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Apple iOS Multiple Vulnerabilities SECUNIA ADVISORY ID: SA42314 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42314/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42314 RELEASE DATE: 2010-11-24 DISCUSS ADVISORY: http://secunia.com/advisories/42314/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42314/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42314 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Apple iOS, which can be exploited by malicious people to conduct cross-site scripting and spoofing attacks, disclose sensitive information, bypass certain security restrictions, or to compromise a user's system. For more information: SA40257 SA41328 SA42151 SA42312 SOLUTION: Upgrade to iOS 4.2 (downloadable and installable via iTunes). ORIGINAL ADVISORY: Apple: http://support.apple.com/kb/HT4456 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor

OpenSSL in Apple Mac OS X 10.6.x before 10.6.5 does not properly perform arithmetic, which allows remote attackers to bypass X.509 certificate authentication via an arbitrary certificate issued by a legitimate Certification Authority. Apple Mac OS X OpenSSL is prone to a security-bypass vulnerability. Successful exploit may allow attackers to potentially bypass the TLS authentication or spoof a certificate. NOTE: This issue was previously covered in BID 44778 (Apple Mac OS X Prior to 10.6.5 Multiple Security Vulnerabilities), but has been given its own record to better document it. OpenSSL is an open source SSL implementation, used to implement high-strength encryption of network communications, and is now widely used in various network applications

The D-Link DIR-300 is a wireless router device. When an attacker accesses the D-Link DIR-300, he or she can exploit the vulnerability bypass authentication for management configuration. The control panel script tools_admin.php allows an attacker to change the administrator's name, password, and other variables. An unauthorized attacker can send a specially crafted HTTP POST request to change these parameters: POST http://192.168.1.1:80/tools_admin.php HTTP/ 1.1Host: 192.168.1.2Keep-Alive: 115Content-Type: application/x-www-form-urlencodedContent-length: 0ACTION_POST=LOGIN&LOGIN_USER=a&LOGIN_PASSWD=b&login=+Log+In+&NO_NEED_AUTH=1&AUTH_GROUP=0&admin_name=admin&admin_password1=uhOHahEh. Remote attackers can exploit these issues to bypass security restrictions, access certain administrative functions, alter configuration, and compromise the affected device. D-Link DIR-300 running firmware 2.01B1, 1.04, 1.05 are vulnerable. Additional models and firmware versions may also be affected

Cross-site scripting (XSS) vulnerability in the mobile portal in Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, 2010 Update 1, and 2010 Update 2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "XSS Issue on UAG Mobile Portal Website in Forefront Unified Access Gateway Vulnerability.". This is a non-persistent cross-site scripting vulnerability that allows an attacker to send commands to a UAG server in the target user context. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal potentially sensitive information and launch other attacks. The solution mainly provides application intelligence technology and fine-grained access control functions. Remote attackers can inject arbitrary web scripts or HTML with unknown vectors. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA10-313A Microsoft Updates for Multiple Vulnerabilities Original release date: November 09, 2010 Last revised: -- Source: US-CERT Systems Affected * Microsoft Forefront United Access Gateway * Microsoft Office Overview There are multiple vulnerabilities in Microsoft Office, and Microsoft Forefront United Access Gateway. Microsoft has released updates to address these vulnerabilities. I. Microsoft has released updates to address the vulnerabilities. II. III. Solution Apply updates Microsoft has provided updates for these vulnerabilities in the Microsoft Security Bulletin Summary for November 2010. That bulletin describes any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. In addition, administrators should consider using an automated update distribution system such as Windows Server Update Services (WSUS). IV. References * Microsoft Security Bulletin Summary for November 2010 - <http://www.microsoft.com/technet/security/bulletin/ms10-nov.mspx> * Microsoft Windows Server Update Services - <http://technet.microsoft.com/en-us/wsus/default.aspx> ____________________________________________________________________ The most recent version of this document can be found at: <http://www.us-cert.gov/cas/techalerts/TA10-313A.html> ____________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to <cert@cert.org> with "TA10-313A Feedback VU#885756" in the subject. ____________________________________________________________________ For instructions on subscribing to or unsubscribing from this mailing list, visit <http://www.us-cert.gov/cas/signup.html>. ____________________________________________________________________ Produced 2010 by US-CERT, a government organization. Terms of use: <http://www.us-cert.gov/legal.html> ____________________________________________________________________ Revision History November 09, 2010: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iQEVAwUBTNnAcT6pPKYJORa3AQL5sAf+M/weZ9AAw0AHsHEvP6YONTiKyN/cXWr/ qwX6gVDZcU0VTbDRGrLxuCPwAkF/EpWEX0TeYlGmv67az5lQgnKoDZxPYRi8yCHy +DxC0RDcZJssjilanhbk/8UlECeKZDrED/wFbXxvReyUffYXjgbWPh+a5Fe8Mwbq BpmCcmSTqFq53RLwn8c6li7cFtah0zJ88NHACknC5PPjPNCmSsOiYZM3/mEEolIi OIQG3HOpV+XfzCsFGNPT5rm+9xvXIseFibSJcp+OtUBS81sPO63tJiPbsvLDwmbD 1Dgu2MPusnokIVDSB0LLf3IIkpf1vAh6Idkilhf/FfThHa9VCOUcoA== =Xbxy -----END PGP SIGNATURE----- . ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM) Beta. Join the beta: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Microsoft Forefront Unified Access Gateway Multiple Vulnerabilities SECUNIA ADVISORY ID: SA42131 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42131/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42131 RELEASE DATE: 2010-11-11 DISCUSS ADVISORY: http://secunia.com/advisories/42131/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42131/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42131 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Forefront Unified Access Gateway (UAG), which can be exploited by malicious people to conduct spoofing and cross-site scripting attacks. 1) A weakness in UAG allows redirecting users to an untrusted site e.g. spoofing a legitimate UAG Web interface. 2) Unspecified input is not properly sanitised before being returned to the user. 3) Unspecified input passed to the UAG Mobile Portal website is not properly sanitised before being returned to the user. 4) Unspecified input passed to Signurl.asp is not properly sanitised before being returned to the user. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: MS10-089 (KB2316074, KB2418933, KB2433584, KB2433585): http://www.microsoft.com/technet/security/Bulletin/MS10-089.mspx OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Cross-site scripting (XSS) vulnerability in Signurl.asp in Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, 2010 Update 1, and 2010 Update 2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "XSS in Signurl.asp Vulnerability.". This is a non-persistent cross-site scripting vulnerability that allows an attacker to send commands to a UAG server in the target user context. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal potentially sensitive information and launch other attacks. The solution mainly provides application intelligence technology and fine-grained access control functions. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA10-313A Microsoft Updates for Multiple Vulnerabilities Original release date: November 09, 2010 Last revised: -- Source: US-CERT Systems Affected * Microsoft Forefront United Access Gateway * Microsoft Office Overview There are multiple vulnerabilities in Microsoft Office, and Microsoft Forefront United Access Gateway. Microsoft has released updates to address these vulnerabilities. I. Microsoft has released updates to address the vulnerabilities. II. III. Solution Apply updates Microsoft has provided updates for these vulnerabilities in the Microsoft Security Bulletin Summary for November 2010. That bulletin describes any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. In addition, administrators should consider using an automated update distribution system such as Windows Server Update Services (WSUS). IV. References * Microsoft Security Bulletin Summary for November 2010 - <http://www.microsoft.com/technet/security/bulletin/ms10-nov.mspx> * Microsoft Windows Server Update Services - <http://technet.microsoft.com/en-us/wsus/default.aspx> ____________________________________________________________________ The most recent version of this document can be found at: <http://www.us-cert.gov/cas/techalerts/TA10-313A.html> ____________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to <cert@cert.org> with "TA10-313A Feedback VU#885756" in the subject. ____________________________________________________________________ For instructions on subscribing to or unsubscribing from this mailing list, visit <http://www.us-cert.gov/cas/signup.html>. ____________________________________________________________________ Produced 2010 by US-CERT, a government organization. Terms of use: <http://www.us-cert.gov/legal.html> ____________________________________________________________________ Revision History November 09, 2010: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iQEVAwUBTNnAcT6pPKYJORa3AQL5sAf+M/weZ9AAw0AHsHEvP6YONTiKyN/cXWr/ qwX6gVDZcU0VTbDRGrLxuCPwAkF/EpWEX0TeYlGmv67az5lQgnKoDZxPYRi8yCHy +DxC0RDcZJssjilanhbk/8UlECeKZDrED/wFbXxvReyUffYXjgbWPh+a5Fe8Mwbq BpmCcmSTqFq53RLwn8c6li7cFtah0zJ88NHACknC5PPjPNCmSsOiYZM3/mEEolIi OIQG3HOpV+XfzCsFGNPT5rm+9xvXIseFibSJcp+OtUBS81sPO63tJiPbsvLDwmbD 1Dgu2MPusnokIVDSB0LLf3IIkpf1vAh6Idkilhf/FfThHa9VCOUcoA== =Xbxy -----END PGP SIGNATURE----- . ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM) Beta. Join the beta: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Microsoft Forefront Unified Access Gateway Multiple Vulnerabilities SECUNIA ADVISORY ID: SA42131 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42131/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42131 RELEASE DATE: 2010-11-11 DISCUSS ADVISORY: http://secunia.com/advisories/42131/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42131/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42131 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Forefront Unified Access Gateway (UAG), which can be exploited by malicious people to conduct spoofing and cross-site scripting attacks. 1) A weakness in UAG allows redirecting users to an untrusted site e.g. spoofing a legitimate UAG Web interface. 2) Unspecified input is not properly sanitised before being returned to the user. 3) Unspecified input passed to the UAG Mobile Portal website is not properly sanitised before being returned to the user. 4) Unspecified input passed to Signurl.asp is not properly sanitised before being returned to the user. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: MS10-089 (KB2316074, KB2418933, KB2433584, KB2433585): http://www.microsoft.com/technet/security/Bulletin/MS10-089.mspx OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Cross-site scripting (XSS) vulnerability in the Web Monitor in Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, 2010 Update 1, and 2010 Update 2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "UAG XSS Allows EOP Vulnerability.". Microsoft Forefront Unified Access Gateway is a Microsoft SSL VPN gateway server. This is a non-persistent cross-site scripting vulnerability that allows an attacker to send commands to a UAG server in the target user context. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal potentially sensitive information and launch other attacks. The solution mainly provides application intelligence technology and fine-grained access control functions. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA10-313A Microsoft Updates for Multiple Vulnerabilities Original release date: November 09, 2010 Last revised: -- Source: US-CERT Systems Affected * Microsoft Forefront United Access Gateway * Microsoft Office Overview There are multiple vulnerabilities in Microsoft Office, and Microsoft Forefront United Access Gateway. Microsoft has released updates to address these vulnerabilities. I. Microsoft has released updates to address the vulnerabilities. II. III. Solution Apply updates Microsoft has provided updates for these vulnerabilities in the Microsoft Security Bulletin Summary for November 2010. That bulletin describes any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. In addition, administrators should consider using an automated update distribution system such as Windows Server Update Services (WSUS). IV. References * Microsoft Security Bulletin Summary for November 2010 - <http://www.microsoft.com/technet/security/bulletin/ms10-nov.mspx> * Microsoft Windows Server Update Services - <http://technet.microsoft.com/en-us/wsus/default.aspx> ____________________________________________________________________ The most recent version of this document can be found at: <http://www.us-cert.gov/cas/techalerts/TA10-313A.html> ____________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to <cert@cert.org> with "TA10-313A Feedback VU#885756" in the subject. ____________________________________________________________________ For instructions on subscribing to or unsubscribing from this mailing list, visit <http://www.us-cert.gov/cas/signup.html>. ____________________________________________________________________ Produced 2010 by US-CERT, a government organization. Terms of use: <http://www.us-cert.gov/legal.html> ____________________________________________________________________ Revision History November 09, 2010: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iQEVAwUBTNnAcT6pPKYJORa3AQL5sAf+M/weZ9AAw0AHsHEvP6YONTiKyN/cXWr/ qwX6gVDZcU0VTbDRGrLxuCPwAkF/EpWEX0TeYlGmv67az5lQgnKoDZxPYRi8yCHy +DxC0RDcZJssjilanhbk/8UlECeKZDrED/wFbXxvReyUffYXjgbWPh+a5Fe8Mwbq BpmCcmSTqFq53RLwn8c6li7cFtah0zJ88NHACknC5PPjPNCmSsOiYZM3/mEEolIi OIQG3HOpV+XfzCsFGNPT5rm+9xvXIseFibSJcp+OtUBS81sPO63tJiPbsvLDwmbD 1Dgu2MPusnokIVDSB0LLf3IIkpf1vAh6Idkilhf/FfThHa9VCOUcoA== =Xbxy -----END PGP SIGNATURE----- . ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM) Beta. Join the beta: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Microsoft Forefront Unified Access Gateway Multiple Vulnerabilities SECUNIA ADVISORY ID: SA42131 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42131/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42131 RELEASE DATE: 2010-11-11 DISCUSS ADVISORY: http://secunia.com/advisories/42131/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42131/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42131 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Forefront Unified Access Gateway (UAG), which can be exploited by malicious people to conduct spoofing and cross-site scripting attacks. 1) A weakness in UAG allows redirecting users to an untrusted site e.g. spoofing a legitimate UAG Web interface. 2) Unspecified input is not properly sanitised before being returned to the user. 3) Unspecified input passed to the UAG Mobile Portal website is not properly sanitised before being returned to the user. 4) Unspecified input passed to Signurl.asp is not properly sanitised before being returned to the user. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: MS10-089 (KB2316074, KB2418933, KB2433584, KB2433585): http://www.microsoft.com/technet/security/Bulletin/MS10-089.mspx OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Open redirect vulnerability in the web interface in Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, 2010 Update 1, and 2010 Update 2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, aka "UAG Redirection Spoofing Vulnerability.". Microsoft Forefront Unified Access Gateway is a Microsoft SSL VPN gateway server. An attacker can send a specially crafted URL to a user of the UAG server, redirecting the WEB to a malicious site with a content similar to the original website, so that the attacker can obtain sensitive information, such as the user's credential information. An attacker can exploit this issue to spoof a UAG server or redirect legitimate network traffic intended for a UAG server. This may allow the attacker to masquerade as a legitimate server, aiding in further attacks. The solution mainly provides application intelligence technology and fine-grained access control functions. Microsoft has released updates to address these vulnerabilities. I. Microsoft has released updates to address the vulnerabilities. II. Impact A remote, unauthenticated attacker could execute arbitrary code or gain unauthorized access to your files or system. III. Solution Apply updates Microsoft has provided updates for these vulnerabilities in the Microsoft Security Bulletin Summary for November 2010. That bulletin describes any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. In addition, administrators should consider using an automated update distribution system such as Windows Server Update Services (WSUS). IV. References * Microsoft Security Bulletin Summary for November 2010 - <http://www.microsoft.com/technet/security/bulletin/ms10-nov.mspx> * Microsoft Windows Server Update Services - <http://technet.microsoft.com/en-us/wsus/default.aspx> ____________________________________________________________________ The most recent version of this document can be found at: <http://www.us-cert.gov/cas/techalerts/TA10-313A.html> ____________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to <cert@cert.org> with "TA10-313A Feedback VU#885756" in the subject. ____________________________________________________________________ For instructions on subscribing to or unsubscribing from this mailing list, visit <http://www.us-cert.gov/cas/signup.html>. ____________________________________________________________________ Produced 2010 by US-CERT, a government organization. Terms of use: <http://www.us-cert.gov/legal.html> ____________________________________________________________________ Revision History November 09, 2010: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iQEVAwUBTNnAcT6pPKYJORa3AQL5sAf+M/weZ9AAw0AHsHEvP6YONTiKyN/cXWr/ qwX6gVDZcU0VTbDRGrLxuCPwAkF/EpWEX0TeYlGmv67az5lQgnKoDZxPYRi8yCHy +DxC0RDcZJssjilanhbk/8UlECeKZDrED/wFbXxvReyUffYXjgbWPh+a5Fe8Mwbq BpmCcmSTqFq53RLwn8c6li7cFtah0zJ88NHACknC5PPjPNCmSsOiYZM3/mEEolIi OIQG3HOpV+XfzCsFGNPT5rm+9xvXIseFibSJcp+OtUBS81sPO63tJiPbsvLDwmbD 1Dgu2MPusnokIVDSB0LLf3IIkpf1vAh6Idkilhf/FfThHa9VCOUcoA== =Xbxy -----END PGP SIGNATURE----- . ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM) Beta. Join the beta: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Microsoft Forefront Unified Access Gateway Multiple Vulnerabilities SECUNIA ADVISORY ID: SA42131 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42131/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42131 RELEASE DATE: 2010-11-11 DISCUSS ADVISORY: http://secunia.com/advisories/42131/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42131/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42131 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Forefront Unified Access Gateway (UAG), which can be exploited by malicious people to conduct spoofing and cross-site scripting attacks. 1) A weakness in UAG allows redirecting users to an untrusted site e.g. spoofing a legitimate UAG Web interface. 2) Unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 3) Unspecified input passed to the UAG Mobile Portal website is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 4) Unspecified input passed to Signurl.asp is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: MS10-089 (KB2316074, KB2418933, KB2433584, KB2433585): http://www.microsoft.com/technet/security/Bulletin/MS10-089.mspx OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SAP NetWeaver Composition Environment. Authentication is not required to exploit this vulnerability. The specific flaw exists within the sapstartsrv.exe process which listens by default on ports 50013 and 50113. A malformed SOAP request (via POST) can be used to reach an unbounded copy loop which results in attacker-supplied data being written into existing function pointers. It is possible for a remote attacker to leverage this vulnerability to execute arbitrary code. ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM) Beta. Join the beta: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: SAP NetWeaver Composition Environment Memory Corruption Vulnerability SECUNIA ADVISORY ID: SA42110 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42110/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42110 RELEASE DATE: 2010-11-10 DISCUSS ADVISORY: http://secunia.com/advisories/42110/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42110/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42110 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in SAP NetWeaver, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an error in the NetWeaver Composition Environment component when processing SOAP requests within sapstartsrv.exe. This can be exploited to e.g. overwrite certain function pointers and execute arbitrary code by sending specially crafted SOAP requests to port 50013 or 50113. SOLUTION: Reportedly, a patch is available via SAP Note 1414444. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: AbdulAziz Hariri, reported via ZDI ORIGINAL ADVISORY: http://www.zerodayinitiative.com/advisories/ZDI-10-236/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . -- Vendor Response: SAP states: A solution was provided via SAP note 1414444 https://service.sap.com/sap/support/notes/1414444 -- Disclosure Timeline: 2010-10-18 - Vulnerability reported to vendor 2010-11-08 - Coordinated public release of advisory -- Credit: This vulnerability was discovered by: * AbdulAziz Hariri -- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities. Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at: http://www.zerodayinitiative.com The ZDI is unique in how the acquired vulnerability information is used. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product. Our vulnerability disclosure policy is available online at: http://www.zerodayinitiative.com/advisories/disclosure_policy/ Follow the ZDI on Twitter: http://twitter.com/thezdi

The SAP NetWeaver Composition Environment provides a set of tools for developing, running, and managing SOA-based composite applications. The SAP NetWeaver Composition Environment defaults to a security vulnerability in the sapstartsrv.exe process on ports 50013 and 50113. If a user submits a malformed SOAP request through a POST request, it may result in writing controllable data to an existing function pointer. An attacker can exploit this issue to execute arbitrary code with user-level privileges. Failed exploit attempts will result in a denial-of-service condition

Integer signedness error in Apple Type Services (ATS) in Apple Mac OS X 10.5.8 allows remote attackers to execute arbitrary code via a crafted embedded Compact Font Format (CFF) font in a document. Apple Mac OS X is prone to a remote code-execution vulnerability that exists in the ATSServer component. An attacker can exploit this issue by enticing an unsuspecting victim to do one of the following: 1. Create a thumbnail of an image file. 2. Open an image using the Preview application. 3. View a file that is hosted on a webserver. 4. View an embedded file contained in an email. Successfully exploiting this issue will allow attackers to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. This issue only affects Apple Mac OS X 10.5. NOTE: This issue may be related to a vulnerability discussed in BID 42241 (FreeType Compact Font Format (CFF) Multiple Stack Based Buffer Overflow Vulnerabilities)

libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44, Apple Safari 5.0.2 and earlier, and other products, reads from invalid memory locations during processing of malformed XPath expressions, which allows context-dependent attackers to cause a denial of service (application crash) via a crafted XML document. The 'libxml2' library is prone to a memory-corruption vulnerability. An attacker can exploit this issue by tricking a victim into opening a specially crafted XML file. A successful attack can allow attacker-supplied code to run in the context of the application using the vulnerable library or can cause a denial-of-service condition. 'libxml2' versions prior to 2.7.8 are affected. Google Chrome is an open source web browser released by Google. It supports multiple encoding formats, XPath analysis, Well-formed and valid verification, etc. 6) - i386, x86_64 3. (CVE-2010-4008, CVE-2010-4494, CVE-2011-2821, CVE-2011-2834) Note: Red Hat does not ship any applications that use libxml2 in a way that would allow the CVE-2011-1944, CVE-2010-4008, CVE-2010-4494, CVE-2011-2821, and CVE-2011-2834 flaws to be exploited; however, third-party applications may allow XPath expressions to be passed which could trigger these flaws. This update also fixes the following bugs: * A number of patches have been applied to harden the XPath processing code in libxml2, such as fixing memory leaks, rounding errors, XPath numbers evaluations, and a potential error in encoding conversion. The desktop must be restarted (log out, then log back in) for this update to take effect. ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Libxml2 XPath Double Free Vulnerability SECUNIA ADVISORY ID: SA42721 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42721/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42721 RELEASE DATE: 2010-12-28 DISCUSS ADVISORY: http://secunia.com/advisories/42721/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42721/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42721 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Libxml2, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library. For more information see vulnerability #11: SA42472 The vulnerability is reported in version 2.7.8. SOLUTION: Do not process untrusted XML content using the library. PROVIDED AND/OR DISCOVERED BY: Yang Dingning from NCNIPC, Graduate University of Chinese Academy of Sciences. ORIGINAL ADVISORY: http://code.google.com/p/chromium/issues/detail?id=63444 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . =========================================================== Ubuntu Security Notice USN-1016-1 November 10, 2010 libxml2 vulnerability CVE-2010-4008 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 8.04 LTS Ubuntu 9.10 Ubuntu 10.04 LTS Ubuntu 10.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: libxml2 2.6.24.dfsg-1ubuntu1.6 Ubuntu 8.04 LTS: libxml2 2.6.31.dfsg-2ubuntu1.5 Ubuntu 9.10: libxml2 2.7.5.dfsg-1ubuntu1.2 Ubuntu 10.04 LTS: libxml2 2.7.6.dfsg-1ubuntu1.1 Ubuntu 10.10: libxml2 2.7.7.dfsg-4ubuntu0.1 After a standard system update you need to restart your session to make all the necessary changes. Details follow: Bui Quang Minh discovered that libxml2 did not properly process XPath namespaces and attributes. Updated packages for Ubuntu 6.06 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.24.dfsg-1ubuntu1.6.diff.gz Size/MD5: 63134 53c8d42d671011985cd9d8ea5608fcde http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.24.dfsg-1ubuntu1.6.dsc Size/MD5: 1543 a1e7586fca56d8893b202f3b69a9874b http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.24.dfsg.orig.tar.gz Size/MD5: 3293814 461eb1bf7f0c845f7ff7d9b1a4c4eac8 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-doc_2.6.24.dfsg-1ubuntu1.6_all.deb Size/MD5: 1253388 179adb134ac8a7e1764af4bb4b665dca http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2_2.6.24.dfsg-1ubuntu1.6_all.deb Size/MD5: 19552 c7a28c7f3cac1b4353736c53c3f5476e amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.6.24.dfsg-1ubuntu1.6_amd64.deb Size/MD5: 916230 c9d559f9efc45459b7eb043c391977f6 http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.6.24.dfsg-1ubuntu1.6_amd64.deb Size/MD5: 737032 ee6a12097f34fd11d45cc4a5e7f1203b http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.6.24.dfsg-1ubuntu1.6_amd64.deb Size/MD5: 36682 4f1a34fe46aba5c064665013533de1f0 http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.24.dfsg-1ubuntu1.6_amd64.deb Size/MD5: 753256 299c9a814aa4130ed68c747f3a563cc7 http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python2.4-libxml2_2.6.24.dfsg-1ubuntu1.6_amd64.deb Size/MD5: 184058 46dec69a1fb70a3ecca3561fd0a29911 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.6.24.dfsg-1ubuntu1.6_i386.deb Size/MD5: 766048 0e6d13b2ef51ab33afdfe237accc18a1 http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.6.24.dfsg-1ubuntu1.6_i386.deb Size/MD5: 642032 3eed65e83955272fce82bffb76dd5dcd http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.6.24.dfsg-1ubuntu1.6_i386.deb Size/MD5: 32964 9cb389f28a51e1c2aefe275b03e8050d http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.24.dfsg-1ubuntu1.6_i386.deb Size/MD5: 685400 db4f6c390f9d3f69a9e9e2cee344266a http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python2.4-libxml2_2.6.24.dfsg-1ubuntu1.6_i386.deb Size/MD5: 166406 7ce05a2f0a2a90120f5d439f6501d97f powerpc architecture (Apple Macintosh G3/G4/G5): http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.6.24.dfsg-1ubuntu1.6_powerpc.deb Size/MD5: 905204 9a77daba94a9be111628a338c5ffb154 http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.6.24.dfsg-1ubuntu1.6_powerpc.deb Size/MD5: 761222 e4800dc38f61dced6126e885ac09454c http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.6.24.dfsg-1ubuntu1.6_powerpc.deb Size/MD5: 37436 e71f758acefe2915ed1fea5cc2a30ac7 http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.24.dfsg-1ubuntu1.6_powerpc.deb Size/MD5: 734368 6de873b8e7a8cb058bcc44a4975eeada http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python2.4-libxml2_2.6.24.dfsg-1ubuntu1.6_powerpc.deb Size/MD5: 170816 b2129478b4ddc2b383b43ba8ab276cbb sparc architecture (Sun SPARC/UltraSPARC): http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.6.24.dfsg-1ubuntu1.6_sparc.deb Size/MD5: 745794 65b0e3448860c893924c1576a263140d http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.6.24.dfsg-1ubuntu1.6_sparc.deb Size/MD5: 703540 2fff002190f407fc8722b387b8248790 http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.6.24.dfsg-1ubuntu1.6_sparc.deb Size/MD5: 34316 694551e56718a4e9b9dbec0be5e00704 http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.24.dfsg-1ubuntu1.6_sparc.deb Size/MD5: 717042 6e608e7a8d60dda1a3c547f84b2fe0e2 http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python2.4-libxml2_2.6.24.dfsg-1ubuntu1.6_sparc.deb Size/MD5: 174782 9efd16bc6f12a4cbecbb33eedf0f59bb Updated packages for Ubuntu 8.04 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.31.dfsg-2ubuntu1.5.diff.gz Size/MD5: 67529 1b207152b6226f5940685b8b2fea1f24 http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.31.dfsg-2ubuntu1.5.dsc Size/MD5: 1713 f7e1e6005b976b150e3661bb26a94ecc http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.31.dfsg.orig.tar.gz Size/MD5: 3442959 8498d4e6f284d2f0a01560f089cb5a3e Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-doc_2.6.31.dfsg-2ubuntu1.5_all.deb Size/MD5: 1302598 efe04e483b0d7f4e7667b3a4ecc94586 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.6.31.dfsg-2ubuntu1.5_amd64.deb Size/MD5: 939326 0eb784ef2f0ecf982497b4201613af2e http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.6.31.dfsg-2ubuntu1.5_amd64.deb Size/MD5: 754052 49b2c14eefae312826d03c7b7be1c4c7 http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-udeb_2.6.31.dfsg-2ubuntu1.5_amd64.udeb Size/MD5: 580512 1e7766fb0e468b40651ce755dbdfea54 http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.6.31.dfsg-2ubuntu1.5_amd64.deb Size/MD5: 37046 4a40bba60cac475aeb1d0a3cfea6eb0a http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.31.dfsg-2ubuntu1.5_amd64.deb Size/MD5: 833220 1c60c32bec1bc2ae88d06ae3c0f32a95 http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2-dbg_2.6.31.dfsg-2ubuntu1.5_amd64.deb Size/MD5: 872894 9b0be2a97aca74569cec755fe3d0a35d http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2_2.6.31.dfsg-2ubuntu1.5_amd64.deb Size/MD5: 297968 93374d18fc52deb80af072a2c42e046b i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.6.31.dfsg-2ubuntu1.5_i386.deb Size/MD5: 904954 490548308483e84c7c09ac5c15de00c7 http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.6.31.dfsg-2ubuntu1.5_i386.deb Size/MD5: 676546 d297e5fd2ef1f31269493a041ea1704a http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-udeb_2.6.31.dfsg-2ubuntu1.5_i386.udeb Size/MD5: 533336 f4f60677db9cceec342896a2879bde36 http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.6.31.dfsg-2ubuntu1.5_i386.deb Size/MD5: 34048 6bee617039e92ab6e3c4dd0ab264cb6b http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.31.dfsg-2ubuntu1.5_i386.deb Size/MD5: 786298 d0b012bfd7f93f4ca584e86a211dc4fa http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2-dbg_2.6.31.dfsg-2ubuntu1.5_i386.deb Size/MD5: 796240 3ceba723ea50566efa344bcd5c5eb182 http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2_2.6.31.dfsg-2ubuntu1.5_i386.deb Size/MD5: 262970 ca1f5f0cd0e148e898932807e87d2f52 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dbg_2.6.31.dfsg-2ubuntu1.5_lpia.deb Size/MD5: 930900 b6dc34ab449a620190690388ec88ebe9 http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dev_2.6.31.dfsg-2ubuntu1.5_lpia.deb Size/MD5: 679624 ac0fad1977d0787fc303cc01654a524c http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-udeb_2.6.31.dfsg-2ubuntu1.5_lpia.udeb Size/MD5: 529252 19e39c71310a2af86851806e5654fd77 http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-utils_2.6.31.dfsg-2ubuntu1.5_lpia.deb Size/MD5: 34502 f86e1e7a8b80b081feaa844e5d330ee1 http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2_2.6.31.dfsg-2ubuntu1.5_lpia.deb Size/MD5: 781692 9144099311803e4bbc553e00aefb6356 http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2-dbg_2.6.31.dfsg-2ubuntu1.5_lpia.deb Size/MD5: 788522 8abc293e1cf971d68002f28a7f0b628d http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2_2.6.31.dfsg-2ubuntu1.5_lpia.deb Size/MD5: 259640 c3f498ebd7e12d7ad25aabaa4f684051 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dbg_2.6.31.dfsg-2ubuntu1.5_powerpc.deb Size/MD5: 923260 f44687101d3bbe816ca5bce88f9f85ac http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dev_2.6.31.dfsg-2ubuntu1.5_powerpc.deb Size/MD5: 776324 33b0a1aaf57bb567346f80176cf7156d http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-udeb_2.6.31.dfsg-2ubuntu1.5_powerpc.udeb Size/MD5: 564064 92f0b140ed8c2a0ea1ac6473ef0d1a03 http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-utils_2.6.31.dfsg-2ubuntu1.5_powerpc.deb Size/MD5: 42066 afb5063ea0543d0f512b95735908f5a8 http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2_2.6.31.dfsg-2ubuntu1.5_powerpc.deb Size/MD5: 816958 6e8f7442a159472b1086449fd10de422 http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2-dbg_2.6.31.dfsg-2ubuntu1.5_powerpc.deb Size/MD5: 841302 69d3545dd6d37bca91705d1612d6183b http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2_2.6.31.dfsg-2ubuntu1.5_powerpc.deb Size/MD5: 285366 7588b17997df1e729ceb5b86a8b52a91 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dbg_2.6.31.dfsg-2ubuntu1.5_sparc.deb Size/MD5: 826472 07939676f60cf0ead2cb2f3591413fd4 http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dev_2.6.31.dfsg-2ubuntu1.5_sparc.deb Size/MD5: 719780 870ca497bb44e66cb5bd8ef8ef046e70 http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-udeb_2.6.31.dfsg-2ubuntu1.5_sparc.udeb Size/MD5: 541104 3125fa7538b2daa2b13ff7efd86685a7 http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-utils_2.6.31.dfsg-2ubuntu1.5_sparc.deb Size/MD5: 36188 73a56340014168d1f3375a416caf244a http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2_2.6.31.dfsg-2ubuntu1.5_sparc.deb Size/MD5: 793652 a238e613e270df78278c3160bfd7bb0e http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2-dbg_2.6.31.dfsg-2ubuntu1.5_sparc.deb Size/MD5: 807904 5f51dfbfa67369bfe0859bddc5fc5438 http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2_2.6.31.dfsg-2ubuntu1.5_sparc.deb Size/MD5: 277528 c103ddc0e75de2769a88a2f25746c3d0 Updated packages for Ubuntu 9.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.7.5.dfsg-1ubuntu1.2.diff.gz Size/MD5: 108519 d17730e785decf28f5a416834ed9ea0d http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.7.5.dfsg-1ubuntu1.2.dsc Size/MD5: 2285 1140833c76ef5ba2fe0a9a64c4d707df http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.7.5.dfsg.orig.tar.gz Size/MD5: 3484976 fee69f57cb5a0653de8c5ef4a281de4d Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-doc_2.7.5.dfsg-1ubuntu1.2_all.deb Size/MD5: 1370078 bbbc21ce6cdc64e0ff475d7c3dc7161b amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.7.5.dfsg-1ubuntu1.2_amd64.deb Size/MD5: 1016094 d9d5851fa2d930b3923b3a54d5c8b812 http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.7.5.dfsg-1ubuntu1.2_amd64.deb Size/MD5: 827046 c870d00d09bc9b0f0136bb354a07d08f http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-udeb_2.7.5.dfsg-1ubuntu1.2_amd64.udeb Size/MD5: 602736 bc7e90b01c56cd8800a54872b8de7f26 http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.7.5.dfsg-1ubuntu1.2_amd64.deb Size/MD5: 89876 4588f1042574779b2ec91889c07c2cb3 http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.7.5.dfsg-1ubuntu1.2_amd64.deb Size/MD5: 868622 2551a75c15d409ca15b697315efd2e4b http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2-dbg_2.7.5.dfsg-1ubuntu1.2_amd64.deb Size/MD5: 850160 139bc53131b27b1325861a8438263054 http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2_2.7.5.dfsg-1ubuntu1.2_amd64.deb Size/MD5: 410194 4d0995f2adfb808f9c6926e1a40e14d5 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.7.5.dfsg-1ubuntu1.2_i386.deb Size/MD5: 1007478 45ee3f9bbd9c876a1363aff43de44e18 http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.7.5.dfsg-1ubuntu1.2_i386.deb Size/MD5: 748544 a6114bf08366737b775420e09e1bc34c http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-udeb_2.7.5.dfsg-1ubuntu1.2_i386.udeb Size/MD5: 558030 d62d06b344fd266d871c907c5af54cd7 http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.7.5.dfsg-1ubuntu1.2_i386.deb Size/MD5: 86070 96be1603f40d35fff3396df16a30bcc3 http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.7.5.dfsg-1ubuntu1.2_i386.deb Size/MD5: 825052 a08dd54b981c75b34ab6d1ed4bafeab0 http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2-dbg_2.7.5.dfsg-1ubuntu1.2_i386.deb Size/MD5: 791128 ce3d1cafa4bb01b89e9e177b50550b34 http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2_2.7.5.dfsg-1ubuntu1.2_i386.deb Size/MD5: 375674 bf0562bcaaad0ad309dd81c8e3ef5aae armel architecture (ARM Architecture): http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dbg_2.7.5.dfsg-1ubuntu1.2_armel.deb Size/MD5: 966100 07cb46b46002b9c7946b0299b2d205ed http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dev_2.7.5.dfsg-1ubuntu1.2_armel.deb Size/MD5: 741884 11d83fd85814365fc008cea1bd1e52f6 http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-udeb_2.7.5.dfsg-1ubuntu1.2_armel.udeb Size/MD5: 533862 96e6d3c71db9545c2d57d89f4db995f3 http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-utils_2.7.5.dfsg-1ubuntu1.2_armel.deb Size/MD5: 86218 4e151382e236cde0f3f82fd37b18538d http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2_2.7.5.dfsg-1ubuntu1.2_armel.deb Size/MD5: 801872 5b97fdc90993421880237019f9d02fff http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2-dbg_2.7.5.dfsg-1ubuntu1.2_armel.deb Size/MD5: 770238 039f0a0e344d2365f8552890efbc0975 http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2_2.7.5.dfsg-1ubuntu1.2_armel.deb Size/MD5: 355422 ba8244dc1fe423b437c7375d92bebaca lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dbg_2.7.5.dfsg-1ubuntu1.2_lpia.deb Size/MD5: 1031316 c420343bbfc991c8516b9999a25319db http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dev_2.7.5.dfsg-1ubuntu1.2_lpia.deb Size/MD5: 750944 5246772971938955e71d41e1b512a31a http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-udeb_2.7.5.dfsg-1ubuntu1.2_lpia.udeb Size/MD5: 554900 d7243b2c416f40a0c2eb9dec56d1f13c http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-utils_2.7.5.dfsg-1ubuntu1.2_lpia.deb Size/MD5: 86656 9617c05a80c2daf1e48bfd9ee02192b4 http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2_2.7.5.dfsg-1ubuntu1.2_lpia.deb Size/MD5: 821118 bd776da273176465c61cd80b6fd0df50 http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2-dbg_2.7.5.dfsg-1ubuntu1.2_lpia.deb Size/MD5: 791212 5241180abd33029d3f7a301c1417e0b8 http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2_2.7.5.dfsg-1ubuntu1.2_lpia.deb Size/MD5: 371718 8525951d5522f336195908f5b7565982 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dbg_2.7.5.dfsg-1ubuntu1.2_powerpc.deb Size/MD5: 1026720 5a5f7d31182ee933df689a6fce886290 http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dev_2.7.5.dfsg-1ubuntu1.2_powerpc.deb Size/MD5: 843438 ba2b87a71d381e20536f4ecad1867db4 http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-udeb_2.7.5.dfsg-1ubuntu1.2_powerpc.udeb Size/MD5: 580232 e23caecfdfd8455e1f5c494c8f53cb34 http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-utils_2.7.5.dfsg-1ubuntu1.2_powerpc.deb Size/MD5: 87994 7375a59258b793f45c135a53467569db http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2_2.7.5.dfsg-1ubuntu1.2_powerpc.deb Size/MD5: 847482 4ebe08b7a0cf73fde545f3d730dfca47 http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2-dbg_2.7.5.dfsg-1ubuntu1.2_powerpc.deb Size/MD5: 872254 29bde0024ed0d4b6668df02527b459b8 http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2_2.7.5.dfsg-1ubuntu1.2_powerpc.deb Size/MD5: 392332 7f004d30c9f3bd6df7625fe0eaf4e535 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dbg_2.7.5.dfsg-1ubuntu1.2_sparc.deb Size/MD5: 907352 da88f76309b2a8c48962149977edfd9b http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dev_2.7.5.dfsg-1ubuntu1.2_sparc.deb Size/MD5: 783932 32611c28a876dffbc1d16e4908bb49ee http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-udeb_2.7.5.dfsg-1ubuntu1.2_sparc.udeb Size/MD5: 551652 dd8fa2492883b434b204cbac0663d998 http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-utils_2.7.5.dfsg-1ubuntu1.2_sparc.deb Size/MD5: 88430 ba62c89a6bbc3ed93f8a74c4fdcb12b2 http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2_2.7.5.dfsg-1ubuntu1.2_sparc.deb Size/MD5: 818776 24627327b5d831853f3df15351e5e68f http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2-dbg_2.7.5.dfsg-1ubuntu1.2_sparc.deb Size/MD5: 798896 095a6e4fa17217dc8d84bd8514580784 http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2_2.7.5.dfsg-1ubuntu1.2_sparc.deb Size/MD5: 387620 0aa93f7fdf4e0196954aebe2335b90cc Updated packages for Ubuntu 10.04 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.7.6.dfsg-1ubuntu1.1.diff.gz Size/MD5: 110351 9d323231c795dff76aa84b0f8a5eb02b http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.7.6.dfsg-1ubuntu1.1.dsc Size/MD5: 2280 e079d8aace6383ccab67894bb3fc1be1 http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.7.6.dfsg.orig.tar.gz Size/MD5: 3485094 6cf87a92f1909a2bf5882ec4fcdc330f Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-doc_2.7.6.dfsg-1ubuntu1.1_all.deb Size/MD5: 1373840 a9d176b929003fd3cdf8f47042c36c11 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.7.6.dfsg-1ubuntu1.1_amd64.deb Size/MD5: 1018594 07ad3507748fe97fe7c5bbffb6627bba http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.7.6.dfsg-1ubuntu1.1_amd64.deb Size/MD5: 830410 b2cc75eb53c3fd7e0feace4d6a2bc4dd http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-udeb_2.7.6.dfsg-1ubuntu1.1_amd64.udeb Size/MD5: 603402 724f18ac82a5117fbdcd9db2da5d4cc5 http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.7.6.dfsg-1ubuntu1.1_amd64.deb Size/MD5: 92832 c64573abff217544c6c3ebd036de0e10 http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.7.6.dfsg-1ubuntu1.1_amd64.deb Size/MD5: 872622 af44b596e3b5e54a63b25a144e3141a3 http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2-dbg_2.7.6.dfsg-1ubuntu1.1_amd64.deb Size/MD5: 427924 520a505f7e0e8260dc76648a192a949c http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2_2.7.6.dfsg-1ubuntu1.1_amd64.deb Size/MD5: 243162 f29b62078718bc5166428ad04905af85 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.7.6.dfsg-1ubuntu1.1_i386.deb Size/MD5: 1011598 8f775cdeec8e7746b9d00ccbcffc3cb9 http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.7.6.dfsg-1ubuntu1.1_i386.deb Size/MD5: 752616 6b834b5db6934bee9b1d9274d6b8c6d3 http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-udeb_2.7.6.dfsg-1ubuntu1.1_i386.udeb Size/MD5: 559356 7a3b9fa67dcefef1db2d291405d89126 http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.7.6.dfsg-1ubuntu1.1_i386.deb Size/MD5: 89106 30b7426457ae058d19e6690cf895876b http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.7.6.dfsg-1ubuntu1.1_i386.deb Size/MD5: 828650 506946d08ba270fa443d52863ce4f7d8 http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2-dbg_2.7.6.dfsg-1ubuntu1.1_i386.deb Size/MD5: 397706 289461cbc775ab5f313a1f5c65b2329b http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2_2.7.6.dfsg-1ubuntu1.1_i386.deb Size/MD5: 223218 1c11d23305651a7be9debd3949732fb2 armel architecture (ARM Architecture): http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dbg_2.7.6.dfsg-1ubuntu1.1_armel.deb Size/MD5: 1007268 2a77cf53837addf247f4f17a3026b05e http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dev_2.7.6.dfsg-1ubuntu1.1_armel.deb Size/MD5: 709586 3ad0e0068ba20fbe18b14a961067b674 http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-udeb_2.7.6.dfsg-1ubuntu1.1_armel.udeb Size/MD5: 509658 e01637a709c3bd04628a2174a436efb3 http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-utils_2.7.6.dfsg-1ubuntu1.1_armel.deb Size/MD5: 89626 b8c5ee54cd1a2537888d4a8e0b9188fb http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2_2.7.6.dfsg-1ubuntu1.1_armel.deb Size/MD5: 778570 35904427a3a58b3e1325814bbe2ec6da http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2-dbg_2.7.6.dfsg-1ubuntu1.1_armel.deb Size/MD5: 400192 0c140a1dc5a3973c7b6567f505952f85 http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2_2.7.6.dfsg-1ubuntu1.1_armel.deb Size/MD5: 217942 da390ef06bd0af9894122840fcc89fa3 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dbg_2.7.6.dfsg-1ubuntu1.1_powerpc.deb Size/MD5: 1028910 5d5b6be31a893bec95adca86166767d7 http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dev_2.7.6.dfsg-1ubuntu1.1_powerpc.deb Size/MD5: 846878 330ebfd36ea6886b2712beda9fa9252d http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-udeb_2.7.6.dfsg-1ubuntu1.1_powerpc.udeb Size/MD5: 580398 772db7b7970a6d590d2173c8579f5600 http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-utils_2.7.6.dfsg-1ubuntu1.1_powerpc.deb Size/MD5: 91112 83a93bea1349f77d92019d235e063851 http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2_2.7.6.dfsg-1ubuntu1.1_powerpc.deb Size/MD5: 850418 f6ffb84375ec32ba7aa43eca456f4ec1 http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2-dbg_2.7.6.dfsg-1ubuntu1.1_powerpc.deb Size/MD5: 438684 c475d1d1f871613025dbd879da702c70 http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2_2.7.6.dfsg-1ubuntu1.1_powerpc.deb Size/MD5: 233396 2a14191af5956291d5011663ec20806a sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dbg_2.7.6.dfsg-1ubuntu1.1_sparc.deb Size/MD5: 917026 aa3d5dd2f398297813d571f25ae7f303 http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dev_2.7.6.dfsg-1ubuntu1.1_sparc.deb Size/MD5: 804466 88ef9a818f8a9484b19c3738b19ca741 http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-udeb_2.7.6.dfsg-1ubuntu1.1_sparc.udeb Size/MD5: 571556 2805248d8c2de8303e5771207e0a7731 http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-utils_2.7.6.dfsg-1ubuntu1.1_sparc.deb Size/MD5: 91870 abe6e39306064725418c5dfa7dacb79b http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2_2.7.6.dfsg-1ubuntu1.1_sparc.deb Size/MD5: 840796 d8a397c919f2a9fb2f0e8123ef6e7234 http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2-dbg_2.7.6.dfsg-1ubuntu1.1_sparc.deb Size/MD5: 402706 e3d516ea07a17b95a248d44466f40c70 http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2_2.7.6.dfsg-1ubuntu1.1_sparc.deb Size/MD5: 231210 e275401867ac1840b77c1a80bc2aa3c1 Updated packages for Ubuntu 10.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.7.7.dfsg-4ubuntu0.1.diff.gz Size/MD5: 102171 77d4263441c905b5746d227d7524131c http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.7.7.dfsg-4ubuntu0.1.dsc Size/MD5: 2292 bab4c046375ed48fd2b6046a80ef0c86 http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.7.7.dfsg.orig.tar.gz Size/MD5: 3498133 b1bc5a12294ab660436e4ce5d7090096 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-doc_2.7.7.dfsg-4ubuntu0.1_all.deb Size/MD5: 1341608 97295138f4a44f154090762b8fae6227 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.7.7.dfsg-4ubuntu0.1_amd64.deb Size/MD5: 374942 0a8c8b7474783031cdf0ebb3c2596491 http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.7.7.dfsg-4ubuntu0.1_amd64.deb Size/MD5: 832846 ebf5cc81726da51d2b541b9f4f96d815 http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-udeb_2.7.7.dfsg-4ubuntu0.1_amd64.udeb Size/MD5: 168702 915b2dbb665b4c68c8b2e14dee7c2989 http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.7.7.dfsg-4ubuntu0.1_amd64.deb Size/MD5: 92656 119c5b98e1f56e874dd34999ba4cad92 http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.7.7.dfsg-4ubuntu0.1_amd64.deb Size/MD5: 869490 8e20cf0a406048031938b898f56e9344 http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2-dbg_2.7.7.dfsg-4ubuntu0.1_amd64.deb Size/MD5: 462604 586d4a79a4a938bacfd39bc7f367c17a http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2_2.7.7.dfsg-4ubuntu0.1_amd64.deb Size/MD5: 233354 558cc0eace45dc7b7164665703750ba4 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dbg_2.7.7.dfsg-4ubuntu0.1_i386.deb Size/MD5: 376084 d0b92ffdd68204a6835359651d205d9b http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-dev_2.7.7.dfsg-4ubuntu0.1_i386.deb Size/MD5: 752970 bdefd733d9f1b701229d10e450e09d4b http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-udeb_2.7.7.dfsg-4ubuntu0.1_i386.udeb Size/MD5: 155050 168aa6ba5e8f073636ec4576e96e7aa5 http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2-utils_2.7.7.dfsg-4ubuntu0.1_i386.deb Size/MD5: 89374 4babb1e9d4a528f57017115b1264d2b6 http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.7.7.dfsg-4ubuntu0.1_i386.deb Size/MD5: 823482 6f5685d22535a5874121bbf72e6dec79 http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2-dbg_2.7.7.dfsg-4ubuntu0.1_i386.deb Size/MD5: 436746 99fecc2fe692be90a0284d9f087b43c0 http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/python-libxml2_2.7.7.dfsg-4ubuntu0.1_i386.deb Size/MD5: 216480 b51359f40c9b66496439031128091043 armel architecture (ARM Architecture): http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dbg_2.7.7.dfsg-4ubuntu0.1_armel.deb Size/MD5: 372674 5f2aa59a517edc7e73628337169daa8d http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dev_2.7.7.dfsg-4ubuntu0.1_armel.deb Size/MD5: 786014 aca5a8d28aed279a6871dfc663a68ac5 http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-udeb_2.7.7.dfsg-4ubuntu0.1_armel.udeb Size/MD5: 150910 d086027bfdbf11916c6534b8ea5085f1 http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-utils_2.7.7.dfsg-4ubuntu0.1_armel.deb Size/MD5: 90220 b67c2ecb3a39fa455cc00a3e25699146 http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2_2.7.7.dfsg-4ubuntu0.1_armel.deb Size/MD5: 810658 7f35e76cb03d3804cb040bb0df9da45d http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2-dbg_2.7.7.dfsg-4ubuntu0.1_armel.deb Size/MD5: 438750 b89297a4581a0efbd4ead1ea4ae7240b http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2_2.7.7.dfsg-4ubuntu0.1_armel.deb Size/MD5: 211510 5f3562bd3a3bde7b35607b7e9e3ce74c powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dbg_2.7.7.dfsg-4ubuntu0.1_powerpc.deb Size/MD5: 379506 a4ccee80dcfa63fba143a4e5edce0412 http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-dev_2.7.7.dfsg-4ubuntu0.1_powerpc.deb Size/MD5: 848288 399d84c1209a554afc9189c9004772cf http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-udeb_2.7.7.dfsg-4ubuntu0.1_powerpc.udeb Size/MD5: 159394 10b406b39207921540d2c7bf1ae6b5e3 http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2-utils_2.7.7.dfsg-4ubuntu0.1_powerpc.deb Size/MD5: 90994 ace5b65acf4959eb1ea896c93c0adb4a http://ports.ubuntu.com/pool/main/libx/libxml2/libxml2_2.7.7.dfsg-4ubuntu0.1_powerpc.deb Size/MD5: 844276 25e575e50a2bffb8cd90308403d1475e http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2-dbg_2.7.7.dfsg-4ubuntu0.1_powerpc.deb Size/MD5: 478842 2d127f16857d270232010a9f79bcc0cb http://ports.ubuntu.com/pool/main/libx/libxml2/python-libxml2_2.7.7.dfsg-4ubuntu0.1_powerpc.deb Size/MD5: 225856 f4e24a71d303f4a2c963c9a66122dfd8 . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201110-26 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: libxml2: Multiple vulnerabilities Date: October 26, 2011 Bugs: #345555, #370715, #386985 ID: 201110-26 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities were found in libxml2 which could lead to execution of arbitrary code or a Denial of Service. Background ========== libxml2 is the XML C parser and toolkit developed for the Gnome project. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-libs/libxml2 < 2.7.8-r3 >= 2.7.8-r3 Description =========== Multiple vulnerabilities have been discovered in libxml2. Please review the CVE identifiers referenced below for details. Workaround ========== There is no known workaround at this time. Resolution ========== All libxml2 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/libxml2-2.7.8-r3" References ========== [ 1 ] CVE-2010-4008 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4008 [ 2 ] CVE-2010-4494 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4494 [ 3 ] CVE-2011-1944 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1944 [ 4 ] CVE-2011-2821 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2821 [ 5 ] CVE-2011-2834 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2834 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201110-26.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2011 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04135307 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04135307 Version: 1 HPSBGN02970 rev.1 - HP Rapid Deployment Pack (RDP) or HP Insight Control Server Deployment, Multiple Remote Vulnerabilities affecting Confidentiality, Integrity and Availability NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Date: 2014-03-10 Last Updated: 2014-03-10 Potential Security Impact: Multiple remote vulnerabilities affecting confidentiality, integrity and availability Source: Hewlett-Packard Company, HP Software Security Response Team VULNERABILITY SUMMARY Potential vulnerabilities have been identified with HP Rapid Deployment Pack (RDP) or HP Insight Control Server Deployment. The vulnerabilities could be exploited remotely affecting confidentiality, integrity and availability. HP Rapid Deployment Pack (RDP) -- All versions HP Insight Control Server Deployment -- All versions BACKGROUND CVSS 2.0 Base Metrics =========================================================== Reference Base Vector Base Score CVE-2013-6205 (AV:L/AC:M/Au:S/C:P/I:P/A:P) 4.1 CVE-2013-6206 (AV:N/AC:L/Au:N/C:C/I:P/A:P) 9.0 CVE-2010-4008 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2010-4494 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2011-2182 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2 CVE-2011-2213 (AV:L/AC:L/Au:N/C:N/I:N/A:C) 4.9 CVE-2011-2492 (AV:L/AC:M/Au:N/C:P/I:N/A:N) 1.9 CVE-2011-2518 (AV:L/AC:L/Au:N/C:N/I:N/A:C) 4.9 CVE-2011-2689 (AV:L/AC:L/Au:N/C:N/I:N/A:C) 4.9 CVE-2011-2723 (AV:A/AC:M/Au:N/C:N/I:N/A:C) 5.7 CVE-2011-3188 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2011-4077 (AV:L/AC:M/Au:N/C:C/I:C/A:C) 6.9 CVE-2011-4110 (AV:L/AC:L/Au:N/C:N/I:N/A:P) 2.1 CVE-2012-0058 (AV:L/AC:L/Au:N/C:N/I:N/A:C) 4.9 CVE-2012-0879 (AV:L/AC:L/Au:N/C:N/I:N/A:C) 4.9 CVE-2012-1088 (AV:L/AC:M/Au:N/C:N/I:P/A:P) 3.3 CVE-2012-1179 (AV:A/AC:M/Au:S/C:N/I:N/A:C) 5.2 CVE-2012-2137 (AV:L/AC:M/Au:N/C:C/I:C/A:C) 6.9 CVE-2012-2313 (AV:L/AC:H/Au:N/C:N/I:N/A:P) 1.2 CVE-2012-2372 (AV:L/AC:M/Au:S/C:N/I:N/A:C) 4.4 CVE-2012-2373 (AV:L/AC:H/Au:N/C:N/I:N/A:C) 4.0 CVE-2012-2375 (AV:A/AC:H/Au:N/C:N/I:N/A:C) 4.6 CVE-2012-2383 (AV:L/AC:L/Au:N/C:N/I:N/A:C) 4.9 CVE-2012-2384 (AV:L/AC:L/Au:N/C:N/I:N/A:C) 4.9 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002 RESOLUTION HP recommends that HP Rapid Deployment Pack (RDP) or HP Insight Control Server Deployment should only be run on private secure networks to prevent the risk of security compromise. HISTORY Version:1 (rev.1) - 10 March 2014 Initial release Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com. Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/ Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB. 3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX Copyright 2014 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: mingw32-libxml2 security update Advisory ID: RHSA-2013:0217-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2013-0217.html Issue date: 2013-01-31 CVE Names: CVE-2010-4008 CVE-2010-4494 CVE-2011-0216 CVE-2011-1944 CVE-2011-2821 CVE-2011-2834 CVE-2011-3102 CVE-2011-3905 CVE-2011-3919 CVE-2012-0841 CVE-2012-5134 ===================================================================== 1. Summary: Updated mingw32-libxml2 packages that fix several security issues are now available for Red Hat Enterprise Linux 6. This advisory also contains information about future updates for the mingw32 packages, as well as the deprecation of the packages with the release of Red Hat Enterprise Linux 6.4. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Optional (v. 6) - noarch Red Hat Enterprise Linux HPC Node Optional (v. 6) - noarch Red Hat Enterprise Linux Server Optional (v. 6) - noarch Red Hat Enterprise Linux Workstation Optional (v. 6) - noarch 3. Description: These packages provide the libxml2 library, a development toolbox providing the implementation of various XML standards, for users of MinGW (Minimalist GNU for Windows). IMPORTANT NOTE: The mingw32 packages in Red Hat Enterprise Linux 6 will no longer be updated proactively and will be deprecated with the release of Red Hat Enterprise Linux 6.4. These packages were provided to support other capabilities in Red Hat Enterprise Linux and were not intended for direct customer use. Customers are advised to not use these packages with immediate effect. Future updates to these packages will be at Red Hat's discretion and these packages may be removed in a future minor release. A heap-based buffer overflow flaw was found in the way libxml2 decoded entity references with long names. A remote attacker could provide a specially-crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2011-3919) A heap-based buffer underflow flaw was found in the way libxml2 decoded certain entities. A remote attacker could provide a specially-crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2012-5134) It was found that the hashing routine used by libxml2 arrays was susceptible to predictable hash collisions. Sending a specially-crafted message to an XML service could result in longer processing time, which could lead to a denial of service. To mitigate this issue, randomization has been added to the hashing function to reduce the chance of an attacker successfully causing intentional collisions. (CVE-2012-0841) Multiple flaws were found in the way libxml2 parsed certain XPath (XML Path Language) expressions. (CVE-2010-4008, CVE-2010-4494, CVE-2011-2821, CVE-2011-2834) Two heap-based buffer overflow flaws were found in the way libxml2 decoded certain XML files. A remote attacker could provide a specially-crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2011-0216, CVE-2011-3102) An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way libxml2 parsed certain XPath expressions. (CVE-2011-1944) An out-of-bounds memory read flaw was found in libxml2. A remote attacker could provide a specially-crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash. (CVE-2011-3905) Red Hat would like to thank the Google Security Team for reporting the CVE-2010-4008 issue. Upstream acknowledges Bui Quang Minh from Bkis as the original reporter of CVE-2010-4008. All users of mingw32-libxml2 are advised to upgrade to these updated packages, which contain backported patches to correct these issues. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 5. Bugs fixed (http://bugzilla.redhat.com/): 645341 - CVE-2010-4008 libxml2: Crash (stack frame overflow or NULL pointer dereference) by traversal of XPath axis 665963 - CVE-2010-4494 libxml2: double-free in XPath processing code 709747 - CVE-2011-1944 libxml, libxml2: Heap-based buffer overflow by adding new namespace node to an existing nodeset or merging nodesets 724906 - CVE-2011-0216 libxml2: Off-by-one error leading to heap-based buffer overflow in encoding 735712 - CVE-2011-2821 libxml2: double free caused by malformed XPath expression in XSLT 735751 - CVE-2011-2834 libxml2: double-free caused by malformed XPath expression in XSLT 767387 - CVE-2011-3905 libxml2 out of bounds read 771896 - CVE-2011-3919 libxml2: Heap-based buffer overflow when decoding an entity reference with a long name 787067 - CVE-2012-0841 libxml2: hash table collisions CPU usage DoS 822109 - CVE-2011-3102 libxml: An off-by-one out-of-bounds write by XPointer part evaluation 880466 - CVE-2012-5134 libxml2: Heap-buffer-underflow in xmlParseAttValueComplex 6. Package List: Red Hat Enterprise Linux Desktop Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/mingw32-libxml2-2.7.6-6.el6_3.src.rpm noarch: mingw32-libxml2-2.7.6-6.el6_3.noarch.rpm mingw32-libxml2-debuginfo-2.7.6-6.el6_3.noarch.rpm mingw32-libxml2-static-2.7.6-6.el6_3.noarch.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/mingw32-libxml2-2.7.6-6.el6_3.src.rpm noarch: mingw32-libxml2-2.7.6-6.el6_3.noarch.rpm mingw32-libxml2-debuginfo-2.7.6-6.el6_3.noarch.rpm mingw32-libxml2-static-2.7.6-6.el6_3.noarch.rpm Red Hat Enterprise Linux Server Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/mingw32-libxml2-2.7.6-6.el6_3.src.rpm noarch: mingw32-libxml2-2.7.6-6.el6_3.noarch.rpm mingw32-libxml2-debuginfo-2.7.6-6.el6_3.noarch.rpm mingw32-libxml2-static-2.7.6-6.el6_3.noarch.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/mingw32-libxml2-2.7.6-6.el6_3.src.rpm noarch: mingw32-libxml2-2.7.6-6.el6_3.noarch.rpm mingw32-libxml2-debuginfo-2.7.6-6.el6_3.noarch.rpm mingw32-libxml2-static-2.7.6-6.el6_3.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2010-4008.html https://www.redhat.com/security/data/cve/CVE-2010-4494.html https://www.redhat.com/security/data/cve/CVE-2011-0216.html https://www.redhat.com/security/data/cve/CVE-2011-1944.html https://www.redhat.com/security/data/cve/CVE-2011-2821.html https://www.redhat.com/security/data/cve/CVE-2011-2834.html https://www.redhat.com/security/data/cve/CVE-2011-3102.html https://www.redhat.com/security/data/cve/CVE-2011-3905.html https://www.redhat.com/security/data/cve/CVE-2011-3919.html https://www.redhat.com/security/data/cve/CVE-2012-0841.html https://www.redhat.com/security/data/cve/CVE-2012-5134.html https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2013 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFRCujqXlSAg2UNWIIRAq0HAJ41YXDqlCpJkg97YuQmaF2MqKDIpACgn5j7 sLTqWGtUMTYIUvLH8YXGFX4= =rOjB -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce

Multiple stack-based buffer overflows in agent.exe in Setup Manager in Cisco Intelligent Contact Manager (ICM) before 7.0 allow remote attackers to execute arbitrary code via a long parameter in a (1) HandleUpgradeAll, (2) AgentUpgrade, (3) HandleQueryNodeInfoReq, or (4) HandleUpgradeTrace TCP packet, aka Bug IDs CSCti45698, CSCti45715, CSCti45726, and CSCti46164. The problem is Bug ID CSCti45698 , CSCti45715 , CSCti45726 ,and CSCti46164 It is a problem.By a third party (1) HandleUpgradeAll , (2) AgentUpgrade , (3) HandleQueryNodeInfoReq , (4) HandleUpgradeTrace TCP Arbitrary code could be executed via overly long parameters in the packet. Authentication is not required to exploit this vulnerability. The flaw exists within the Agent.exe component which listens by default on TCP port 40078. When processing the HandleUpgradeAll packet type an unchecked copy of user supplied data is performed into a stack-based buffer of a controlled size. Successful exploitation of this vulnerability leads to remote code execution under the context of the SYSTEM user. This may result in a compromise of the underlying system. Failed attempts may lead to a denial-of-service condition. ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM) Beta. Join the beta: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Cisco Intelligent Contact Manager Setup Manager "Agent.exe" Multiple Vulnerabilities SECUNIA ADVISORY ID: SA42146 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42146/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42146 RELEASE DATE: 2010-11-09 DISCUSS ADVISORY: http://secunia.com/advisories/42146/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42146/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42146 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in Cisco Intelligent Contact Manager Setup Manager, which can be exploited by malicious people to compromise a vulnerable system. 1) A boundary error within Agent.exe when handling the "HandleUpgradeAll" packet can be exploited to cause a stack-based buffer overflow via a specially crafted request sent to e.g. TCP port 40078. 2) A boundary error within Agent.exe when handling the "AgentUpgrade" packet can be exploited to cause a stack-based buffer overflow via a specially crafted request sent to e.g. TCP port 40078. 3) A boundary error within Agent.exe when handling the "HandleQueryNodeInfoReq" packet can be exploited to cause a stack-based buffer overflow via a specially crafted request sent to e.g. TCP port 40078. 4) A boundary error within Agent.exe when handling the "HandleUpgradeTrace" packet can be exploited to cause a stack-based buffer overflow via a specially crafted request sent to e.g. TCP port 40078. Please see the vendor's advisory for the list of affected versions. SOLUTION: The vendor recommends to delete the Agent.exe file or restrict network access to the affected service. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: sb, reported via ZDI. ORIGINAL ADVISORY: Cisco: http://tools.cisco.com/security/center/viewAlert.x?alertId=21726 ZDI: http://www.zerodayinitiative.com/advisories/ZDI-10-232/ http://www.zerodayinitiative.com/advisories/ZDI-10-233/ http://www.zerodayinitiative.com/advisories/ZDI-10-234/ http://www.zerodayinitiative.com/advisories/ZDI-10-235/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . ZDI-10-232: Cisco ICM Setup Manager Agent.exe HandleUpgradeAll Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-232 November 7, 2010 -- CVE ID: CVE-2010-3040 -- CVSS: 10, (AV:N/AC:L/Au:N/C:C/I:C/A:C) -- Affected Vendors: Cisco -- Affected Products: Cisco Unified Intelligent Contact Management -- TippingPoint(TM) IPS Customer Protection: TippingPoint IPS customers have been protected against this vulnerability by Digital Vaccine protection filter ID 9915. -- Vendor Response: Cisco has issued an update to correct this vulnerability. More details can be found at: http://tools.cisco.com/security/center/viewAlert.x?alertId=21726 -- Disclosure Timeline: 2010-06-01 - Vulnerability reported to vendor 2010-11-07 - Coordinated public release of advisory -- Credit: This vulnerability was discovered by: * sb -- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities. Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at: http://www.zerodayinitiative.com The ZDI is unique in how the acquired vulnerability information is used. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product. Our vulnerability disclosure policy is available online at: http://www.zerodayinitiative.com/advisories/disclosure_policy/ Follow the ZDI on Twitter: http://twitter.com/thezdi

AT-TFTP Server is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue can allow an attacker to retrieve arbitrary files outside of the FTP server root directory. This may aid in further attacks. AT-TFTP Server 1.8 is vulnerable; other versions may also be affected. RETIRED: This issue is retired because it is a duplicate of BID 11584.

Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, does not properly handle unspecified encodings during the parsing of a cross-domain policy file, which allows remote web servers to bypass intended access restrictions via unknown vectors. Flash Player contains an access restriction bypass vulnerability. When Flash Player references a different website than the site where Flash contents are hosted, the referenced site must be allowed access by the cross-domain policy file. Flash Player contains a vulnerability where access restrictions set by the cross-domain policy file may be bypassed.Cross-domain policy restrictions can be bypassed by using a specially crafted web page. This could result in unauthorized access to website data. An attacker can exploit this issue to bypass certain policy restrictions, which may aid in further attacks. NOTE: This issue was previously discussed in BID 44669 (Adobe Flash Player APSB10-26 Multiple Remote Vulnerabilities), but has been given its own record to better document it. Adobe Flash Player is a cross-platform, browser-based application that renders expressive applications, content, and video natively across screens and browsers. Remote web servers can bypass preset access restrictions with the help of unknown vectors. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02738731 Version: 1 HPSBMA02663 SSRT100428 rev.1 - HP Systems Insight Manager (SIM) for HP-UX, Linux, and Windows, Remote Cross Site Scripting (XSS), Cross Site Request Forgery (CSRF), Execution of Arbitrary Code, Denial of Service (DoS) NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Date: 2011-04-19 Last Updated: 2011-04-19 Potential Security Impact: Remote cross site scripting (XSS), cross site request forgery (CSRF), execution of arbitrary code, Denial of Service (DoS) Source: Hewlett-Packard Company, HP Software Security Response Team VULNERABILITY SUMMARY Potential security vulnerabilities have been identified in HP Systems Insight Manager (SIM) for HP-UX, Linux, and Windows. The vulnerabilities could be exploited remotely resulting in cross site scripting (XSS), cross site request forgery (CSRF), execution of arbitrary code, and Denial of Service (DoS). HP Systems Insight Manager (SIM) for HP-UX, Linux, and Windows prior to v6.3 BACKGROUND CVSS 2.0 Base Metrics =========================================================== Reference Base Vector Base Score CVE-2010-3636 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2010-3637 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2010-3638 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2010-3639 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2010-3640 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2010-3641 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2010-3642 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2010-3643 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2010-3644 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2010-3645 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2010-3646 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2010-3647 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2010-3648 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2010-3649 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2010-3650 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2010-3652 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2010-3976 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2011-1542 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2011-1543 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002 RESOLUTION HP has provided HP SIM v6.3 or subsequent to resolve the vulnerabilities. HP SIM v6.3 for HP-UX, Linux, and Windows HP SIM v6.3 for HP-UX, Linux, and Windows is available here: http://h18013.www1.hp.com/products/servers/management/hpsim/ HP SIM v6.3 for Windows on Insight Software DVD In addition for Windows HP SIM v6.3 is available on DVD images. These are available for download here. http://h18013.www1.hp.com/products/servers/management/fpdownload.html MANUAL ACTIONS: Yes - NonUpdate For HP-UX, install HP SIM v6.3 or subsequent PRODUCT SPECIFIC INFORMATION HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa The following text is for use by the HP-UX Software Assistant. AFFECTED VERSIONS HP-UX B.11.23 HP-UX B.11.31 ============= SysMgmtServer.MX-CMS SysMgmtServer.MX-CORE SysMgmtServer.MX-CORE-ARCH SysMgmtServer.MX-CORE-ARCH SysMgmtServer.MX-PORTAL SysMgmtServer.MX-REPO SysMgmtServer.MX-TOOLS action: install HP SIM v6.3 or subsequent END AFFECTED VERSIONS HISTORY Version: 1 (rev.1) - 19 April 2011 Initial release Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. Support: For further information, contact normal HP Services support channel. Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches -check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems -verify your operating system selections are checked and save. To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections. To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do * The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title: GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. "HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement." Copyright 2011 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAk2t3CsACgkQ4B86/C0qfVnGsACfUBtF4ovPqqT+9fmlstfGZOEg Ys0AoM8ROq3gELhOLCPEYCca+qCkf+pn =x5Sc -----END PGP SIGNATURE----- . Background ========== The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. For further information please consult the CVE entries and the Adobe Security Bulletins referenced below. Workaround ========== There is no known workaround at this time. Resolution ========== All Adobe Flash Player users should upgrade to the latest stable version: # emerge --sync # emerge --ask --oneshot --verbose ">=www-plugins/adobe-flash-10.1.102.64" References ========== [ 1 ] APSB10-06 http://www.adobe.com/support/security/bulletins/apsb10-06.html [ 2 ] APSB10-14 http://www.adobe.com/support/security/bulletins/apsb10-14.html [ 3 ] APSB10-16 http://www.adobe.com/support/security/bulletins/apsb10-16.html [ 4 ] APSB10-22 http://www.adobe.com/support/security/bulletins/apsb10-22.html [ 5 ] APSB10-26 http://www.adobe.com/support/security/bulletins/apsb10-26.html [ 6 ] CVE-2008-4546 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4546 [ 7 ] CVE-2009-3793 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3793 [ 8 ] CVE-2010-0186 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0186 [ 9 ] CVE-2010-0187 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0187 [ 10 ] CVE-2010-0209 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0209 [ 11 ] CVE-2010-1297 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1297 [ 12 ] CVE-2010-2160 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2160 [ 13 ] CVE-2010-2161 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2161 [ 14 ] CVE-2010-2162 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2162 [ 15 ] CVE-2010-2163 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2163 [ 16 ] CVE-2010-2164 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2164 [ 17 ] CVE-2010-2165 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2165 [ 18 ] CVE-2010-2166 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2166 [ 19 ] CVE-2010-2167 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2167 [ 20 ] CVE-2010-2169 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2169 [ 21 ] CVE-2010-2170 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2170 [ 22 ] CVE-2010-2171 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2171 [ 23 ] CVE-2010-2172 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2172 [ 24 ] CVE-2010-2173 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2173 [ 25 ] CVE-2010-2174 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2174 [ 26 ] CVE-2010-2175 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2175 [ 27 ] CVE-2010-2176 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2176 [ 28 ] CVE-2010-2177 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2177 [ 29 ] CVE-2010-2178 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2178 [ 30 ] CVE-2010-2179 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2179 [ 31 ] CVE-2010-2180 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2180 [ 32 ] CVE-2010-2181 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2181 [ 33 ] CVE-2010-2182 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2182 [ 34 ] CVE-2010-2183 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2183 [ 35 ] CVE-2010-2184 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2184 [ 36 ] CVE-2010-2185 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2185 [ 37 ] CVE-2010-2186 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2186 [ 38 ] CVE-2010-2187 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2187 [ 39 ] CVE-2010-2188 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2188 [ 40 ] CVE-2010-2189 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2189 [ 41 ] CVE-2010-2213 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2213 [ 42 ] CVE-2010-2214 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2214 [ 43 ] CVE-2010-2215 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2215 [ 44 ] CVE-2010-2216 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2216 [ 45 ] CVE-2010-2884 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2884 [ 46 ] CVE-2010-3636 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3636 [ 47 ] CVE-2010-3639 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3639 [ 48 ] CVE-2010-3640 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3640 [ 49 ] CVE-2010-3641 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3641 [ 50 ] CVE-2010-3642 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3642 [ 51 ] CVE-2010-3643 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3643 [ 52 ] CVE-2010-3644 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3644 [ 53 ] CVE-2010-3645 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3645 [ 54 ] CVE-2010-3646 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3646 [ 55 ] CVE-2010-3647 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3647 [ 56 ] CVE-2010-3648 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3648 [ 57 ] CVE-2010-3649 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3649 [ 58 ] CVE-2010-3650 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3650 [ 59 ] CVE-2010-3652 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3652 [ 60 ] CVE-2010-3654 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3654 [ 61 ] CVE-2010-3976 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3976 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201101-09.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2011 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . For more information: SA38547 SA40026 SA40907 SA41434 SA41917 SOLUTION: Update to version "www-plugins/adobe-flash-10.1.102.64" or later. ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM) Beta. Join the beta: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Red Hat update for flash-plugin SECUNIA ADVISORY ID: SA42183 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42183/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42183 RELEASE DATE: 2010-11-09 DISCUSS ADVISORY: http://secunia.com/advisories/42183/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42183/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42183 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for flash-plugin. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose sensitive information, bypass certain security restrictions, or compromise a user's system. For more information: SA41917 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: RHSA-2010:0829-1: https://rhn.redhat.com/errata/RHSA-2010-0829.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------