Sign-up

VARIoT IoT vulnerabilities database

Affected products: vendor, model and version
CWE format is 'CWE-number'. Threat type can be: remote or local
Look up free text in title and description

VAR-200705-0688 CVE-2008-2364 Hitachi Web Server Reverse Proxy Denial of Service (DoS) Vulnerability CVSS V2: 5.0
CVSS V3: -
Severity: MEDIUM
The ap_proxy_http_process_response function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server 2.0.63 and 2.2.8 does not limit the number of forwarded interim responses, which allows remote HTTP servers to cause a denial of service (memory consumption) via a large number of interim responses. Hitachi Web Server contains a vulnerability that could lead to a denial of service (DoS) condition when using it as a reverse proxy due to excessive memory usage.The server could fall into a denial of service (DoS) state when continuously receiving fraudulent responses from backend Web servers. The Apache 'mod_proxy_http' module is prone to a denial-of-service vulnerability that affects the processing of interim responses. Attackers may exploit this issue to cause denial-of-service conditions. Reportedly, the issue affects Apache 2.2.8 and 2.0.63; other versions may also be affected. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01650939 Version: 1 HPSBUX02401 SSRT090005 rev.1 - HP-UX Running Apache Web Server Suite, Remote Denial of Service (DoS), Cross-site Scripting (XSS), Execution of Arbitrary Code, Cross-Site Request Forgery (CSRF) NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Date: 2009-02-02 Last Updated: 2009-02-02 Potential Security Impact: Remote Denial of Service (DoS), cross-site scripting (XSS), execution of arbitrary code, cross-site request forgery (CSRF) Source: Hewlett-Packard Company, HP Software Security Response Team VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP-UX running Apache-based Web Server or Tomcat-based Servelet Engine. The vulnerabilities could be exploited remotely to cause a Denial of Service (DoS), cross-site scripting (XSS), execution of arbitrary code, or cross-site request forgery (CSRF). Apache-based Web Server and Tomcat-based Servelet Engine are contained in the Apache Web Server Suite. References: CVE-2007-6420, CVE-2008-1232, CVE-2008-1947, CVE-2008-2364, CVE-2008-2370, CVE-2008-2938, CVE-2008-2939, CVE-2008-3658 SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.23 and B.11.31 running Apache-based Web Server v2.2.8.01.01 or earlier or Tomcat-based Servelet Engine v5.5.27.01.01 or earlier HP-UX B.11.11 running Apache-based Web Server v2.2.8.01.01 or earlier BACKGROUND CVSS 2.0 Base Metrics =============================================== Reference Base Vector Base Score CVE-2007-6420 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2008-1232 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2008-1947 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2008-2364 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 5.0 CVE-2008-2370 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 5.0 CVE-2008-2938 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2008-2939 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2008-3658 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 7.5 =============================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002. RESOLUTION HP has provided the following upgrades to resolve these vulnerabilities. The upgrades are available from the following location: URL: http://software.hp.com Note: HP-UX Web Server Suite v.3.02 contains HP-UX Apache-based Web Server v.2.2.8.01.02 and HP-UX Tomcat-based Servlet Engine 5.5.27.01.01 HP-UX Release - B.11.23 and B.11.31 PA-32 Apache Depot name - HPUXWSATW-B302-32.depot HP-UX Release - B.11.23 and B.11.31 IA-64 Apache Depot name - HPUXWSATW-B302-64.depot HP-UX Release - B.11.11 PA-32 Apache Depot name - HPUXWSATW-B222-1111.depot MANUAL ACTIONS: Yes - Update Install Apache-based Web Server or Tomcat-based Servelet Engine from the Apache Web Server Suite v3.02 or subsequent PRODUCT SPECIFIC INFORMATION HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa The following text is for use by the HP-UX Software Assistant. AFFECTED VERSIONS HP-UX B.11.11 ================== hpuxwsAPACHE.APACHE hpuxwsAPACHE.APACHE2 hpuxwsAPACHE.AUTH_LDAP hpuxwsAPACHE.AUTH_LDAP2 hpuxwsAPACHE.MOD_JK hpuxwsAPACHE.MOD_JK2 hpuxwsAPACHE.MOD_PERL hpuxwsAPACHE.MOD_PERL2 hpuxwsAPACHE.PHP hpuxwsAPACHE.PHP2 hpuxwsAPACHE.WEBPROXY hpuxwsTOMCAT.TOMCAT hpuxwsWEBMIN.WEBMIN action: install revision B.2.2.8.01.02 or subsequent URL: http://software.hp.com HP-UX B.11.23 ================== hpuxws22APCH32.APACHE hpuxws22APCH32.APACHE2 hpuxws22APCH32.AUTH_LDAP hpuxws22APCH32.AUTH_LDAP2 hpuxws22APCH32.MOD_JK hpuxws22APCH32.MOD_JK2 hpuxws22APCH32.MOD_PERL hpuxws22APCH32.MOD_PERL2 hpuxws22APCH32.PHP hpuxws22APCH32.PHP2 hpuxws22APCH32.WEBPROXY hpuxws22APCH32.WEBPROXY2 hpuxws22TOMCAT.TOMCAT hpuxws22WEBMIN.WEBMIN action: install revision B.2.2.8.01.02 or subsequent URL: http://software.hp.com HP-UX B.11.31 ================== hpuxws22APACHE.APACHE hpuxws22APACHE.APACHE2 hpuxws22APACHE.AUTH_LDAP hpuxws22APACHE.AUTH_LDAP2 hpuxws22APACHE.MOD_JK hpuxws22APACHE.MOD_JK2 hpuxws22APACHE.MOD_PERL hpuxws22APACHE.MOD_PERL2 hpuxws22APACHE.PHP hpuxws22APACHE.PHP2 hpuxws22APACHE.WEBPROXY hpuxws22APACHE.WEBPROXY2 hpuxws22TOMCAT.TOMCAT hpuxws22WEBMIN.WEBMIN action: install revision B.2.2.8.01.02 or subsequent URL: http://software.hp.com END AFFECTED VERSIONS HISTORY Version:1 (rev.1) 2 February 2009 Initial release Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. Support: For further information, contact normal HP Services support channel. Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save. To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections. To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do * The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title: GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. "HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement." \xa9Copyright 2009 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: PGP 8.1 iQA/AwUBSYhX8+AfOvwtKn1ZEQJxcACeJa8lt5TkhV5qnaGRTaBh4kqHutgAoJbH XCe08aGCzEZj/q4n91JQnhq6 =XImF -----END PGP SIGNATURE----- . A cross-site scripting vulnerability was found in the mod_proxy_ftp module in Apache that allowed remote attackers to inject arbitrary web script or HTML via wildcards in a pathname in an FTP URI (CVE-2008-2939). The updated packages have been patched to prevent these issues. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2364 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2939 _______________________________________________________________________ Updated Packages: Mandriva Linux 2007.1: 7ba0fa98b5e5f34f2c3bb5798f300736 2007.1/i586/apache-base-2.2.4-6.5mdv2007.1.i586.rpm 82dccbbcca45d5aba2c7a9afb615ffb7 2007.1/i586/apache-devel-2.2.4-6.5mdv2007.1.i586.rpm 43c50d9ad73f39e88acf35a48915f472 2007.1/i586/apache-htcacheclean-2.2.4-6.5mdv2007.1.i586.rpm 7e7821b41de94eba4e413c4218e72f05 2007.1/i586/apache-mod_authn_dbd-2.2.4-6.5mdv2007.1.i586.rpm 82b527ca5b90f4857ece74972c34bd2b 2007.1/i586/apache-mod_cache-2.2.4-6.5mdv2007.1.i586.rpm 4bc7f0488a4c8ea05446ea04611fa671 2007.1/i586/apache-mod_dav-2.2.4-6.5mdv2007.1.i586.rpm fa53bb715a9733fc5f4ef8a18e8a1577 2007.1/i586/apache-mod_dbd-2.2.4-6.5mdv2007.1.i586.rpm d9759e97fb29783b69ee4bebba96e9d8 2007.1/i586/apache-mod_deflate-2.2.4-6.5mdv2007.1.i586.rpm 9934937a1a7fb3ab277daac03a04fd6e 2007.1/i586/apache-mod_disk_cache-2.2.4-6.5mdv2007.1.i586.rpm 4f16a0af444be1610749287944264d1b 2007.1/i586/apache-mod_file_cache-2.2.4-6.5mdv2007.1.i586.rpm 9b1fc5ab5579bde1fbfb9ae08b18d1ec 2007.1/i586/apache-mod_ldap-2.2.4-6.5mdv2007.1.i586.rpm 9a9029063f10dd3fa81ee4eed3fe5d51 2007.1/i586/apache-mod_mem_cache-2.2.4-6.5mdv2007.1.i586.rpm 6930a06576c337ca7ecaab2a8cf4ca59 2007.1/i586/apache-mod_proxy-2.2.4-6.5mdv2007.1.i586.rpm c7834d18c0999590abb42d3efad7a035 2007.1/i586/apache-mod_proxy_ajp-2.2.4-6.5mdv2007.1.i586.rpm 641b5bc3988af4ee0f5600e2d34c1230 2007.1/i586/apache-mod_ssl-2.2.4-6.5mdv2007.1.i586.rpm af9bada6d30145bfaa58be10eec6798b 2007.1/i586/apache-modules-2.2.4-6.5mdv2007.1.i586.rpm 796296888cfb7978fbca22764de10753 2007.1/i586/apache-mod_userdir-2.2.4-6.5mdv2007.1.i586.rpm 110acb3a28bf8e911309afd7d5381950 2007.1/i586/apache-mpm-event-2.2.4-6.5mdv2007.1.i586.rpm 065949244c838c9ec8baf47e66227803 2007.1/i586/apache-mpm-itk-2.2.4-6.5mdv2007.1.i586.rpm ad0e0e109fbed8fc7be0d6b8b36c7503 2007.1/i586/apache-mpm-prefork-2.2.4-6.5mdv2007.1.i586.rpm 31ce817bb36ec93214fdb177f86096cf 2007.1/i586/apache-mpm-worker-2.2.4-6.5mdv2007.1.i586.rpm 5eba2d9af248c7107279f21cd4bde2b3 2007.1/i586/apache-source-2.2.4-6.5mdv2007.1.i586.rpm 012cdfd939633fa3feae44c7d7bec736 2007.1/SRPMS/apache-2.2.4-6.5mdv2007.1.src.rpm Mandriva Linux 2007.1/X86_64: 5997be8532eccc8f20f5c121895df248 2007.1/x86_64/apache-base-2.2.4-6.5mdv2007.1.x86_64.rpm 096a4e2f17838c847099f2dc41e4ca5a 2007.1/x86_64/apache-devel-2.2.4-6.5mdv2007.1.x86_64.rpm b4f3cd71a3683bcc4e9b1dcdabcbfdaa 2007.1/x86_64/apache-htcacheclean-2.2.4-6.5mdv2007.1.x86_64.rpm f03a92759c1159477f04890092636f27 2007.1/x86_64/apache-mod_authn_dbd-2.2.4-6.5mdv2007.1.x86_64.rpm 1bc914605bd0c3b05d455eeb053068e2 2007.1/x86_64/apache-mod_cache-2.2.4-6.5mdv2007.1.x86_64.rpm 3e8aaa6e0d70bdc5f439928f102a5f61 2007.1/x86_64/apache-mod_dav-2.2.4-6.5mdv2007.1.x86_64.rpm a51dabbb6220c17ecdb001cf1444e99f 2007.1/x86_64/apache-mod_dbd-2.2.4-6.5mdv2007.1.x86_64.rpm 1252150d2fc936309c6cb9794627cc8f 2007.1/x86_64/apache-mod_deflate-2.2.4-6.5mdv2007.1.x86_64.rpm bc4878995bfe34a46419a3a6aa090d91 2007.1/x86_64/apache-mod_disk_cache-2.2.4-6.5mdv2007.1.x86_64.rpm cd8b213c41d3dce5070483cf2e9d71e2 2007.1/x86_64/apache-mod_file_cache-2.2.4-6.5mdv2007.1.x86_64.rpm ec1a79f3d6defecb3ed2dbf8d85ba98c 2007.1/x86_64/apache-mod_ldap-2.2.4-6.5mdv2007.1.x86_64.rpm 6158e3825e4b7e631f6c6eab65660aab 2007.1/x86_64/apache-mod_mem_cache-2.2.4-6.5mdv2007.1.x86_64.rpm 4b01be50b5531dfd3a92189388165c7b 2007.1/x86_64/apache-mod_proxy-2.2.4-6.5mdv2007.1.x86_64.rpm 32735f0b995664e2983c3768473db144 2007.1/x86_64/apache-mod_proxy_ajp-2.2.4-6.5mdv2007.1.x86_64.rpm a1709d589420b97e255a7f5db47e859c 2007.1/x86_64/apache-mod_ssl-2.2.4-6.5mdv2007.1.x86_64.rpm 936c34490fcc180777a3248d9970da5a 2007.1/x86_64/apache-modules-2.2.4-6.5mdv2007.1.x86_64.rpm 0364549013611e3e748a917a6269a61d 2007.1/x86_64/apache-mod_userdir-2.2.4-6.5mdv2007.1.x86_64.rpm 2640fd4b78d98e1aa7a8d994d7610b16 2007.1/x86_64/apache-mpm-event-2.2.4-6.5mdv2007.1.x86_64.rpm 4edad0e4f3119f88d4360d5a11dd3fd4 2007.1/x86_64/apache-mpm-itk-2.2.4-6.5mdv2007.1.x86_64.rpm 6ed107f6f60a88008aa0a21d1133c78e 2007.1/x86_64/apache-mpm-prefork-2.2.4-6.5mdv2007.1.x86_64.rpm c39136dbd1fe0d53b80ed5fb232c775b 2007.1/x86_64/apache-mpm-worker-2.2.4-6.5mdv2007.1.x86_64.rpm 46b245caca2ae8afa49d9e13122cae58 2007.1/x86_64/apache-source-2.2.4-6.5mdv2007.1.x86_64.rpm 012cdfd939633fa3feae44c7d7bec736 2007.1/SRPMS/apache-2.2.4-6.5mdv2007.1.src.rpm Mandriva Linux 2008.0: 9fba06d7b75a7400faf855f0947f0ead 2008.0/i586/apache-base-2.2.6-8.2mdv2008.0.i586.rpm c560ededd59c4f2556074326363991fe 2008.0/i586/apache-devel-2.2.6-8.2mdv2008.0.i586.rpm 80cb61aff0fc88d4e88074bfaf789e0a 2008.0/i586/apache-htcacheclean-2.2.6-8.2mdv2008.0.i586.rpm 69d3778cb2452189e9586c2f517c67ff 2008.0/i586/apache-mod_authn_dbd-2.2.6-8.2mdv2008.0.i586.rpm 3b965dacd1d53c70b21bcbb45b62b4e4 2008.0/i586/apache-mod_cache-2.2.6-8.2mdv2008.0.i586.rpm 6b780e4611adb7d56bd562334f98c6ef 2008.0/i586/apache-mod_dav-2.2.6-8.2mdv2008.0.i586.rpm 148aad51fd72443d47f8afbf07943fc0 2008.0/i586/apache-mod_dbd-2.2.6-8.2mdv2008.0.i586.rpm e908b7d6220cb636d53a9989ed84337b 2008.0/i586/apache-mod_deflate-2.2.6-8.2mdv2008.0.i586.rpm 3ecc6c18d5ee2e34b6e3c770ce28199a 2008.0/i586/apache-mod_disk_cache-2.2.6-8.2mdv2008.0.i586.rpm 7557a733237c84de3477113a80119656 2008.0/i586/apache-mod_file_cache-2.2.6-8.2mdv2008.0.i586.rpm 586a9e027e6ec327c24f231d1c2705e3 2008.0/i586/apache-mod_ldap-2.2.6-8.2mdv2008.0.i586.rpm de055c23ec9eac3ac78f6a31146db8a9 2008.0/i586/apache-mod_mem_cache-2.2.6-8.2mdv2008.0.i586.rpm 4a32c704527fd42c97ffb8be87531363 2008.0/i586/apache-mod_proxy-2.2.6-8.2mdv2008.0.i586.rpm ad7bdc0861c42629366b0c4f0552eb0a 2008.0/i586/apache-mod_proxy_ajp-2.2.6-8.2mdv2008.0.i586.rpm 0ae1b7ba57162f8ae870e08e48f0d964 2008.0/i586/apache-mod_ssl-2.2.6-8.2mdv2008.0.i586.rpm 2d848e1ee979d12c66ef10b638ebce6e 2008.0/i586/apache-modules-2.2.6-8.2mdv2008.0.i586.rpm 085e672acacd0642f2baa8bce631b26b 2008.0/i586/apache-mod_userdir-2.2.6-8.2mdv2008.0.i586.rpm 3564507283ffddfaa528991d514ce3c4 2008.0/i586/apache-mpm-event-2.2.6-8.2mdv2008.0.i586.rpm 360033e8459d52a323753246d977eb2b 2008.0/i586/apache-mpm-itk-2.2.6-8.2mdv2008.0.i586.rpm ca4c9127740d3a433087031c706878ab 2008.0/i586/apache-mpm-prefork-2.2.6-8.2mdv2008.0.i586.rpm b892724c9776743f777ebf9da44159a8 2008.0/i586/apache-mpm-worker-2.2.6-8.2mdv2008.0.i586.rpm 15cc53561ac91ba3f89af6c2057726a7 2008.0/i586/apache-source-2.2.6-8.2mdv2008.0.i586.rpm fb2e547dc2b02b0d55384751729d8c2a 2008.0/SRPMS/apache-2.2.6-8.2mdv2008.0.src.rpm Mandriva Linux 2008.0/X86_64: f5c28f5db00c8d87e77bbe8b387c29e1 2008.0/x86_64/apache-base-2.2.6-8.2mdv2008.0.x86_64.rpm 2ea378183715ca15ead2b60c0ba6d1f3 2008.0/x86_64/apache-devel-2.2.6-8.2mdv2008.0.x86_64.rpm d15052d92f5918f47be634f052f5c8f8 2008.0/x86_64/apache-htcacheclean-2.2.6-8.2mdv2008.0.x86_64.rpm e00bae3dea071434ee63a0708f9cb2c9 2008.0/x86_64/apache-mod_authn_dbd-2.2.6-8.2mdv2008.0.x86_64.rpm e16ceda13087b1e924b1233fa4c58568 2008.0/x86_64/apache-mod_cache-2.2.6-8.2mdv2008.0.x86_64.rpm 86ddeb3f207a928c537a1bac4a3b59f1 2008.0/x86_64/apache-mod_dav-2.2.6-8.2mdv2008.0.x86_64.rpm 2a239f7bd6a3e74a29b69f29f217fd98 2008.0/x86_64/apache-mod_dbd-2.2.6-8.2mdv2008.0.x86_64.rpm 6c3faec4fd23ed64ecbf508097fa948c 2008.0/x86_64/apache-mod_deflate-2.2.6-8.2mdv2008.0.x86_64.rpm 286c89f9021f2e766324f52196b6e03f 2008.0/x86_64/apache-mod_disk_cache-2.2.6-8.2mdv2008.0.x86_64.rpm 480c9861c06f5b535bcd0bd87e225023 2008.0/x86_64/apache-mod_file_cache-2.2.6-8.2mdv2008.0.x86_64.rpm 61ed284bda26162a1da185a2aedca12e 2008.0/x86_64/apache-mod_ldap-2.2.6-8.2mdv2008.0.x86_64.rpm 2c8670da45ffbff476a189f4af7eecb3 2008.0/x86_64/apache-mod_mem_cache-2.2.6-8.2mdv2008.0.x86_64.rpm bee8fdde4536e497abfc7e48dd659689 2008.0/x86_64/apache-mod_proxy-2.2.6-8.2mdv2008.0.x86_64.rpm d45fe91cccf27cd403cfb2fd2f5bb5ba 2008.0/x86_64/apache-mod_proxy_ajp-2.2.6-8.2mdv2008.0.x86_64.rpm d9becf61089cb4dc0b224e4fccb11fb4 2008.0/x86_64/apache-mod_ssl-2.2.6-8.2mdv2008.0.x86_64.rpm 62ac5f1ec4c984dce76176203f5eeb6e 2008.0/x86_64/apache-modules-2.2.6-8.2mdv2008.0.x86_64.rpm 7042049d1d0b99c1e7f46142d6993761 2008.0/x86_64/apache-mod_userdir-2.2.6-8.2mdv2008.0.x86_64.rpm bd06a8f2c4074d5722556c38c5e0dc03 2008.0/x86_64/apache-mpm-event-2.2.6-8.2mdv2008.0.x86_64.rpm 6848d1ad52463fbf9de4631b22a4dd81 2008.0/x86_64/apache-mpm-itk-2.2.6-8.2mdv2008.0.x86_64.rpm 6bc3fee77b90a73d54dba755a96f4e11 2008.0/x86_64/apache-mpm-prefork-2.2.6-8.2mdv2008.0.x86_64.rpm e9b20462aef79d790d604da2e59cc503 2008.0/x86_64/apache-mpm-worker-2.2.6-8.2mdv2008.0.x86_64.rpm a378e191f066f819419106a65e472535 2008.0/x86_64/apache-source-2.2.6-8.2mdv2008.0.x86_64.rpm fb2e547dc2b02b0d55384751729d8c2a 2008.0/SRPMS/apache-2.2.6-8.2mdv2008.0.src.rpm Mandriva Linux 2008.1: 19bd0997c144cfd6c0792227f97c840a 2008.1/i586/apache-base-2.2.8-6.1mdv2008.1.i586.rpm c0bc6f89d51f7aeb0a907155ce424e63 2008.1/i586/apache-devel-2.2.8-6.1mdv2008.1.i586.rpm 38019754e020560317f9e4143c31120b 2008.1/i586/apache-htcacheclean-2.2.8-6.1mdv2008.1.i586.rpm 9d4d3b487b9e4a930e0dfad6f9a86b11 2008.1/i586/apache-mod_authn_dbd-2.2.8-6.1mdv2008.1.i586.rpm dcd9a987da631e20f0af5825c7a0f4cf 2008.1/i586/apache-mod_cache-2.2.8-6.1mdv2008.1.i586.rpm 9d77821dcb46af8c01e7dd30a74fd3f5 2008.1/i586/apache-mod_dav-2.2.8-6.1mdv2008.1.i586.rpm 7ec8c8bec08a8c7812e93ae6f630d721 2008.1/i586/apache-mod_dbd-2.2.8-6.1mdv2008.1.i586.rpm 4b3f7f658ca523658fcff97884404569 2008.1/i586/apache-mod_deflate-2.2.8-6.1mdv2008.1.i586.rpm 838d9649e9f9850ff7f50a9686783958 2008.1/i586/apache-mod_disk_cache-2.2.8-6.1mdv2008.1.i586.rpm 114c083f976c1c59f9ed2fc7865f47b9 2008.1/i586/apache-mod_file_cache-2.2.8-6.1mdv2008.1.i586.rpm efc293cd668271a0131d84a9776e7cb4 2008.1/i586/apache-mod_ldap-2.2.8-6.1mdv2008.1.i586.rpm e1e2413f175fa207ffb8d5ce2903439f 2008.1/i586/apache-mod_mem_cache-2.2.8-6.1mdv2008.1.i586.rpm 80e42fb54b7c926bd4ae6c8869bfe2b4 2008.1/i586/apache-mod_proxy-2.2.8-6.1mdv2008.1.i586.rpm b14cb1c38ff72f65af3dc26f419248b2 2008.1/i586/apache-mod_proxy_ajp-2.2.8-6.1mdv2008.1.i586.rpm 222d326db8d3d9c7ff49a5edf54ad460 2008.1/i586/apache-mod_ssl-2.2.8-6.1mdv2008.1.i586.rpm 8d4d65f206604150103a767559ce4ac0 2008.1/i586/apache-modules-2.2.8-6.1mdv2008.1.i586.rpm a02bf7d7cd6cb86b24728055f31e00e8 2008.1/i586/apache-mod_userdir-2.2.8-6.1mdv2008.1.i586.rpm 762b5a44d6ab770663e7802db5880c5c 2008.1/i586/apache-mpm-event-2.2.8-6.1mdv2008.1.i586.rpm 1ad89877cf9e1d19c9c0ae31da79cc4b 2008.1/i586/apache-mpm-itk-2.2.8-6.1mdv2008.1.i586.rpm 9e88d760212153696531a36e44e599da 2008.1/i586/apache-mpm-prefork-2.2.8-6.1mdv2008.1.i586.rpm f50d7edde588f2439aa4e831a63c35d7 2008.1/i586/apache-mpm-worker-2.2.8-6.1mdv2008.1.i586.rpm a9f60a580681ac55bc61ae250326dc6a 2008.1/i586/apache-source-2.2.8-6.1mdv2008.1.i586.rpm ffe7ace0a88205f764b21be6cf4ed2e1 2008.1/SRPMS/apache-2.2.8-6.1mdv2008.1.src.rpm Mandriva Linux 2008.1/X86_64: 7aafb608166a15e6373c11011e72117d 2008.1/x86_64/apache-base-2.2.8-6.1mdv2008.1.x86_64.rpm 9c39fe151fc9261c77fc5484f793358d 2008.1/x86_64/apache-devel-2.2.8-6.1mdv2008.1.x86_64.rpm d5dd9482dbfed961af363261f769a136 2008.1/x86_64/apache-htcacheclean-2.2.8-6.1mdv2008.1.x86_64.rpm a839a342ce15d6076907fa85b652ac45 2008.1/x86_64/apache-mod_authn_dbd-2.2.8-6.1mdv2008.1.x86_64.rpm c1cdf8ea93464f350cd5a97282a963a8 2008.1/x86_64/apache-mod_cache-2.2.8-6.1mdv2008.1.x86_64.rpm 0ebe3595df3974b090e1e41653a61ac8 2008.1/x86_64/apache-mod_dav-2.2.8-6.1mdv2008.1.x86_64.rpm 50d80ef4989cecf6d9b4d3a36e91c3f8 2008.1/x86_64/apache-mod_dbd-2.2.8-6.1mdv2008.1.x86_64.rpm 89badb88265d34c6b4dafcbd7240618d 2008.1/x86_64/apache-mod_deflate-2.2.8-6.1mdv2008.1.x86_64.rpm 6814c312ec71fa619e1533f08ed3d1fa 2008.1/x86_64/apache-mod_disk_cache-2.2.8-6.1mdv2008.1.x86_64.rpm ea7900772a2a78ba4913c41762c39069 2008.1/x86_64/apache-mod_file_cache-2.2.8-6.1mdv2008.1.x86_64.rpm b146eaeb311a6107d51413bc29d70315 2008.1/x86_64/apache-mod_ldap-2.2.8-6.1mdv2008.1.x86_64.rpm 7198b641d46ea2f24664c4a9d02b9063 2008.1/x86_64/apache-mod_mem_cache-2.2.8-6.1mdv2008.1.x86_64.rpm e04cdfbbad417123adae10cf13a2b626 2008.1/x86_64/apache-mod_proxy-2.2.8-6.1mdv2008.1.x86_64.rpm 8f9a04efe7760b08220b27f1cabd8a49 2008.1/x86_64/apache-mod_proxy_ajp-2.2.8-6.1mdv2008.1.x86_64.rpm 8ed701d6c742a5e60196653f79989a8a 2008.1/x86_64/apache-mod_ssl-2.2.8-6.1mdv2008.1.x86_64.rpm 3beb942d20bf63c2bc8cef202ef0e0aa 2008.1/x86_64/apache-modules-2.2.8-6.1mdv2008.1.x86_64.rpm fd40ed97d50b583c7f21a686d8146c7d 2008.1/x86_64/apache-mod_userdir-2.2.8-6.1mdv2008.1.x86_64.rpm f7451170b9c2c7f3f55a0d44567bebfe 2008.1/x86_64/apache-mpm-event-2.2.8-6.1mdv2008.1.x86_64.rpm 6e1b59583a15313f8dbf347170ec581d 2008.1/x86_64/apache-mpm-itk-2.2.8-6.1mdv2008.1.x86_64.rpm b60967808f886fc4444054fe4ba685fd 2008.1/x86_64/apache-mpm-prefork-2.2.8-6.1mdv2008.1.x86_64.rpm 0ab90ebae3fcfd1fa809e62e546222db 2008.1/x86_64/apache-mpm-worker-2.2.8-6.1mdv2008.1.x86_64.rpm 7726d40130eb5a14d8cf272cd08f7485 2008.1/x86_64/apache-source-2.2.8-6.1mdv2008.1.x86_64.rpm ffe7ace0a88205f764b21be6cf4ed2e1 2008.1/SRPMS/apache-2.2.8-6.1mdv2008.1.src.rpm Corporate 4.0: b59bbaecc0f3c6301bee564c2862430a corporate/4.0/i586/apache-base-2.2.3-1.4.20060mlcs4.i586.rpm b3141af91788ac68afd1cfb34426cec3 corporate/4.0/i586/apache-devel-2.2.3-1.4.20060mlcs4.i586.rpm 309db27fc902b7eb77e0fd2b5e03359f corporate/4.0/i586/apache-htcacheclean-2.2.3-1.4.20060mlcs4.i586.rpm 8e7d56d01a51b7239b080765fd858088 corporate/4.0/i586/apache-mod_authn_dbd-2.2.3-1.4.20060mlcs4.i586.rpm 8e6bd8c3a89f5f277fb56e60b37bb6a9 corporate/4.0/i586/apache-mod_cache-2.2.3-1.4.20060mlcs4.i586.rpm fd99c7e58d56eb14a0e94c27edb2daf2 corporate/4.0/i586/apache-mod_dav-2.2.3-1.4.20060mlcs4.i586.rpm 75968093eca9011dd115d948c44f29ba corporate/4.0/i586/apache-mod_dbd-2.2.3-1.4.20060mlcs4.i586.rpm ba5118b4c1caa7e4b75229b5643b06b9 corporate/4.0/i586/apache-mod_deflate-2.2.3-1.4.20060mlcs4.i586.rpm abb27116fae7ff7d319516c0f9a0a5e4 corporate/4.0/i586/apache-mod_disk_cache-2.2.3-1.4.20060mlcs4.i586.rpm e1bb6ed7fb0fbb39f762a932f34dc67b corporate/4.0/i586/apache-mod_file_cache-2.2.3-1.4.20060mlcs4.i586.rpm a3d85c92d66a0ca0ed6dc6a6c6df23b4 corporate/4.0/i586/apache-mod_ldap-2.2.3-1.4.20060mlcs4.i586.rpm eca828a6bd374d98af6fd785aa6970af corporate/4.0/i586/apache-mod_mem_cache-2.2.3-1.4.20060mlcs4.i586.rpm 8e28a95bd7f655c5b98c7405ca74de18 corporate/4.0/i586/apache-mod_proxy-2.2.3-1.4.20060mlcs4.i586.rpm 23a2687957dae00dadc44b864032a838 corporate/4.0/i586/apache-mod_proxy_ajp-2.2.3-1.4.20060mlcs4.i586.rpm a4a143aa2f9f8b1d3cedf68429a90fa4 corporate/4.0/i586/apache-mod_ssl-2.2.3-1.4.20060mlcs4.i586.rpm 779cf371acd7012ac1acfaac0062a38a corporate/4.0/i586/apache-modules-2.2.3-1.4.20060mlcs4.i586.rpm e1a8927f0cfd3a08ca2af42ebc64932e corporate/4.0/i586/apache-mod_userdir-2.2.3-1.4.20060mlcs4.i586.rpm 3415eea7176bb392b87540c2bfcfed2b corporate/4.0/i586/apache-mpm-prefork-2.2.3-1.4.20060mlcs4.i586.rpm 9b79811544ad30fd91608d5839b521eb corporate/4.0/i586/apache-mpm-worker-2.2.3-1.4.20060mlcs4.i586.rpm 1403616f0ba1cbcc552f7e33a32b303f corporate/4.0/i586/apache-source-2.2.3-1.4.20060mlcs4.i586.rpm fdda31ac2d27f5fe856746719b3ae87a corporate/4.0/SRPMS/apache-2.2.3-1.4.20060mlcs4.src.rpm Corporate 4.0/X86_64: e46ce6fe84b67d3d6caf6782d9352555 corporate/4.0/x86_64/apache-base-2.2.3-1.4.20060mlcs4.x86_64.rpm 5b1993dca50465213ca285d3fc38bc07 corporate/4.0/x86_64/apache-devel-2.2.3-1.4.20060mlcs4.x86_64.rpm 7076dbe94461207aa2399b887e6b669f corporate/4.0/x86_64/apache-htcacheclean-2.2.3-1.4.20060mlcs4.x86_64.rpm e51acf392e315892cfc60ef342b3e9f0 corporate/4.0/x86_64/apache-mod_authn_dbd-2.2.3-1.4.20060mlcs4.x86_64.rpm 270e619d353fa9348b2d5713e660bb69 corporate/4.0/x86_64/apache-mod_cache-2.2.3-1.4.20060mlcs4.x86_64.rpm 8e8ae8e260b69d7150c6d7f8162eb261 corporate/4.0/x86_64/apache-mod_dav-2.2.3-1.4.20060mlcs4.x86_64.rpm 11fc6ca48580398733c9c26c6097aeb8 corporate/4.0/x86_64/apache-mod_dbd-2.2.3-1.4.20060mlcs4.x86_64.rpm 6750c2039c64dd866146d240f06b302f corporate/4.0/x86_64/apache-mod_deflate-2.2.3-1.4.20060mlcs4.x86_64.rpm 0c7db97343700984a02d6365069bfbd5 corporate/4.0/x86_64/apache-mod_disk_cache-2.2.3-1.4.20060mlcs4.x86_64.rpm d60aa90ac7a459f237a6c0ed190b0ea1 corporate/4.0/x86_64/apache-mod_file_cache-2.2.3-1.4.20060mlcs4.x86_64.rpm 873b63a672417971078076a5e3e4f363 corporate/4.0/x86_64/apache-mod_ldap-2.2.3-1.4.20060mlcs4.x86_64.rpm d964415079d86d6c6ff78381e3dfe8ef corporate/4.0/x86_64/apache-mod_mem_cache-2.2.3-1.4.20060mlcs4.x86_64.rpm c014bede921593c1035d8a1488909ab9 corporate/4.0/x86_64/apache-mod_proxy-2.2.3-1.4.20060mlcs4.x86_64.rpm d4469077e683ea2a034bfb35be9ca8f6 corporate/4.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.4.20060mlcs4.x86_64.rpm 35638d36e7c4832f70460294ef496d33 corporate/4.0/x86_64/apache-mod_ssl-2.2.3-1.4.20060mlcs4.x86_64.rpm de62531cfcf279b966c08940df7dc298 corporate/4.0/x86_64/apache-modules-2.2.3-1.4.20060mlcs4.x86_64.rpm a44db8a0824aa8ec654338640e30e14c corporate/4.0/x86_64/apache-mod_userdir-2.2.3-1.4.20060mlcs4.x86_64.rpm be326111f9e8dd9fb0a9a7699f7f99dd corporate/4.0/x86_64/apache-mpm-prefork-2.2.3-1.4.20060mlcs4.x86_64.rpm 3b29042dd082e4f0f8e04fbff2f14c23 corporate/4.0/x86_64/apache-mpm-worker-2.2.3-1.4.20060mlcs4.x86_64.rpm 576aed8c357f707db0e488e13b68834c corporate/4.0/x86_64/apache-source-2.2.3-1.4.20060mlcs4.x86_64.rpm fdda31ac2d27f5fe856746719b3ae87a corporate/4.0/SRPMS/apache-2.2.3-1.4.20060mlcs4.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFIzBUvmqjQ0CJFipgRApHOAKCvASwDjqj110UnAsle/Jtgw9VwhwCg7zVf 0jg30niEBGmySzuHETORyts= =wMau -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200807-06 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Apache: Denial of Service Date: July 09, 2008 Bugs: #222643, #227111 ID: 200807-06 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities in Apache might lead to a Denial of Service. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 www-servers/apache < 2.2.9 >= 2.2.9 Description =========== Multiple vulnerabilities have been discovered in Apache: * Dustin Kirkland reported that the mod_ssl module can leak memory when the client reports support for a compression algorithm (CVE-2008-1678). Impact ====== A remote attacker could exploit these vulnerabilities by connecting to an Apache httpd, by causing an Apache proxy server to connect to a malicious server, or by enticing a balancer administrator to connect to a specially-crafted URL, resulting in a Denial of Service of the Apache daemon. Workaround ========== There is no known workaround at this time. Resolution ========== All Apache users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=www-servers/apache-2.2.9" References ========== [ 1 ] CVE-2007-6420 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6420 [ 2 ] CVE-2008-1678 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1678 [ 3 ] CVE-2008-2364 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2364 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-200807-06.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org. License ======= Copyright 2008 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . The HP Business Availability Center v8.02 kit is available on the HP Software Support Online portal at: http://support.openview.hp.com/support.jsp . =========================================================== Ubuntu Security Notice USN-731-1 March 10, 2009 apache2 vulnerabilities CVE-2007-6203, CVE-2007-6420, CVE-2008-1678, CVE-2008-2168, CVE-2008-2364, CVE-2008-2939 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.10 Ubuntu 8.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: apache2-common 2.0.55-4ubuntu2.4 apache2-mpm-perchild 2.0.55-4ubuntu2.4 apache2-mpm-prefork 2.0.55-4ubuntu2.4 apache2-mpm-worker 2.0.55-4ubuntu2.4 Ubuntu 7.10: apache2-mpm-event 2.2.4-3ubuntu0.2 apache2-mpm-perchild 2.2.4-3ubuntu0.2 apache2-mpm-prefork 2.2.4-3ubuntu0.2 apache2-mpm-worker 2.2.4-3ubuntu0.2 apache2.2-common 2.2.4-3ubuntu0.2 Ubuntu 8.04 LTS: apache2-mpm-event 2.2.8-1ubuntu0.4 apache2-mpm-perchild 2.2.8-1ubuntu0.4 apache2-mpm-prefork 2.2.8-1ubuntu0.4 apache2-mpm-worker 2.2.8-1ubuntu0.4 apache2.2-common 2.2.8-1ubuntu0.4 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: It was discovered that Apache did not sanitize the method specifier header from an HTTP request when it is returned in an error message, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data (such as passwords), within the same domain. (CVE-2007-6203) It was discovered that Apache was vulnerable to a cross-site request forgery (CSRF) in the mod_proxy_balancer balancer manager. If an Apache administrator were tricked into clicking a link on a specially crafted web page, an attacker could trigger commands that could modify the balancer manager configuration. (CVE-2007-6420) It was discovered that Apache had a memory leak when using mod_ssl with compression. A remote attacker could exploit this to exhaust server memory, leading to a denial of service. (CVE-2008-1678) It was discovered that in certain conditions, Apache did not specify a default character set when returning certain error messages containing UTF-7 encoded data, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. (CVE-2008-2364) It was discovered that mod_proxy_ftp did not sanitize wildcard pathnames when they are returned in directory listings, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. (CVE-2008-2939) Updated packages for Ubuntu 6.06 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.4.diff.gz Size/MD5: 123478 7a5b444231dc27ee60c1bd63f42420c6 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.4.dsc Size/MD5: 1156 4f9a0f31d136914cf7d6e1a92656a47b http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu2.4_all.deb Size/MD5: 2124948 5153435633998e4190b54eb101afd271 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.4_amd64.deb Size/MD5: 833336 d5b9ecf82467eb04a94957321c4a95a2 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.4_amd64.deb Size/MD5: 228588 f4b9b82016eb22a60da83ae716fd028a http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.4_amd64.deb Size/MD5: 223600 2cf77e3daaadcc4e07da5e19ecac2867 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.4_amd64.deb Size/MD5: 228216 60ff106ddefe9b68c055825bcd6ec52f http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.4_amd64.deb Size/MD5: 171724 bae5e3d30111e97d34b25594993ad488 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.4_amd64.deb Size/MD5: 172508 77bdf00092378c89ae8be7f5139963e0 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.4_amd64.deb Size/MD5: 94562 f3a168c57db1f5be11cfdba0bdc20062 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.4_amd64.deb Size/MD5: 36618 a7f34da28f7bae0cffb3fdb73da70143 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.4_amd64.deb Size/MD5: 286028 a5b380d9c6a651fe043ad2358ef61143 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.4_amd64.deb Size/MD5: 144590 9a4031c258cfa264fb8baf305bc0cea6 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.4_i386.deb Size/MD5: 786528 353ed1839a8201d0211ede114565e60d http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.4_i386.deb Size/MD5: 203256 7b0caa06fd47a28a8a92d1b69c0b4667 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.4_i386.deb Size/MD5: 199114 6a77314579722ca085726e4220be4e9f http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.4_i386.deb Size/MD5: 202654 ffad2838e3c8c79ecd7e21f79aa78216 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.4_i386.deb Size/MD5: 171716 771492b2b238424e33e3e7853185c0ca http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.4_i386.deb Size/MD5: 172498 b5f7a4ed03ebafa4c4ff75c05ebf53b7 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.4_i386.deb Size/MD5: 92520 787a673994d746b4ad3788c16516832a http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.4_i386.deb Size/MD5: 36620 4d5f0f18c3035f41cb8234af3cc1092c http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.4_i386.deb Size/MD5: 262082 d6a7111b9f2ed61e1aeb2f18f8713873 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.4_i386.deb Size/MD5: 132518 5a335222829c066cb9a0ddcaeee8a0da powerpc architecture (Apple Macintosh G3/G4/G5): http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.4_powerpc.deb Size/MD5: 859446 cf555341c1a8b4a39808b8a3bd76e03a http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.4_powerpc.deb Size/MD5: 220622 85b902b9eecf3d40577d9e1e8bf61467 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.4_powerpc.deb Size/MD5: 216314 146e689e30c6e1681048f6cf1dd659e3 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.4_powerpc.deb Size/MD5: 220128 10f65b3961a164e070d2f18d610df67b http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.4_powerpc.deb Size/MD5: 171726 9e341f225cb19d5c44f343cc68c0bba5 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.4_powerpc.deb Size/MD5: 172512 331dff8d3de7cd694d8e115417bed4f8 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.4_powerpc.deb Size/MD5: 104284 7ab80f14cd9072d23389e27f934079f3 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.4_powerpc.deb Size/MD5: 36620 713bfffcca8ec4e9531c635069f1cd0d http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.4_powerpc.deb Size/MD5: 281600 ad1671807965e2291b5568c7b4e95e14 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.4_powerpc.deb Size/MD5: 141744 6b04155aa1dbf6f657dbfa27d6086617 sparc architecture (Sun SPARC/UltraSPARC): http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.4_sparc.deb Size/MD5: 803706 f14be1535acf528f89d301c8ec092015 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.4_sparc.deb Size/MD5: 211028 28b74d86e10301276cadef208b460658 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.4_sparc.deb Size/MD5: 206566 6d6b2e1e3e0bbf8fc0a0bcca60a33339 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.4_sparc.deb Size/MD5: 210280 45690384f2e7e0a2168d7867283f9145 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.4_sparc.deb Size/MD5: 171732 6595a330344087593a9443b9cdf5e4ba http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.4_sparc.deb Size/MD5: 172498 f1ac3a442b21db9d2733e8221b218e25 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.4_sparc.deb Size/MD5: 93606 f229d1c258363d2d0dfb3688ec96638e http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.4_sparc.deb Size/MD5: 36616 6f470e2e17dfc6d587fbe2bf861bfb06 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.4_sparc.deb Size/MD5: 268178 5a853d01127853405a677c53dc2bf254 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.4_sparc.deb Size/MD5: 130456 a0a51bb9405224948b88903779347427 Updated packages for Ubuntu 7.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.2.diff.gz Size/MD5: 125080 c5c1b91f6918d42a75d23e95799b3707 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.2.dsc Size/MD5: 1333 b028e602b998a666681d1aa73b980c06 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4.orig.tar.gz Size/MD5: 6365535 3add41e0b924d4bb53c2dee55a38c09e Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.4-3ubuntu0.2_all.deb Size/MD5: 2211750 9dc3a7e0431fe603bbd82bf647d2d1f5 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.4-3ubuntu0.2_all.deb Size/MD5: 278670 985dd1538d0d2c6bb74c458eaada1cb7 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.4-3ubuntu0.2_all.deb Size/MD5: 6702036 3cdb5e1a9d22d7172adfd066dd42d71a http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.2_all.deb Size/MD5: 42846 ba7b0cbf7f33ac3b6321c132bc2fec71 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.2_amd64.deb Size/MD5: 457286 b37825dc4bb0215284181aa5dfc9dd44 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.2_amd64.deb Size/MD5: 453094 380ea917048a64c2c9bc12d768ac2ffa http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.2_amd64.deb Size/MD5: 456804 b075ef4e563a55c7977af4d82d90e493 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.2_amd64.deb Size/MD5: 410658 6dff5030f33af340b2100e8591598d9d http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.2_amd64.deb Size/MD5: 411244 9c79a2c0a2d4d8a88fae1b3f10d0e27c http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.2_amd64.deb Size/MD5: 348256 ef1e159b64fe2524dc94b6ab9e22cefb http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.2_amd64.deb Size/MD5: 992256 0e9bac368bc57637079f839bcce8ebbc i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.2_i386.deb Size/MD5: 440388 bdb2ced3ca782cda345fcfb109e8b02a http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.2_i386.deb Size/MD5: 436030 44d372ff590a6e42a83bcd1fb5e546fe http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.2_i386.deb Size/MD5: 439732 5119be595fb6ac6f9dd94d01353da257 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.2_i386.deb Size/MD5: 410656 01be0eca15fe252bbcab7562462af5ca http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.2_i386.deb Size/MD5: 411250 10d8929e9d37050488f2906fde13b2fd http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.2_i386.deb Size/MD5: 347322 d229c56720ae5f1f83645f66e1bfbdf1 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.2_i386.deb Size/MD5: 947460 3dc120127b16134b42e0124a1fdfa4ab lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.2_lpia.deb Size/MD5: 439896 8e856643ebeed84ffbeb6150f6e917c5 http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.2_lpia.deb Size/MD5: 435524 ce18d9e09185526c93c6af6db7a6b5cf http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.2_lpia.deb Size/MD5: 439180 9622bf2dfee7941533faedd2e2d4ebbd http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.2_lpia.deb Size/MD5: 410674 684ad4367bc9250468351b5807dee424 http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.2_lpia.deb Size/MD5: 411258 17f53e8d3898607ce155dc333237690c http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.2_lpia.deb Size/MD5: 347664 1197aa4145372ae6db497fb157cb0da1 http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.2_lpia.deb Size/MD5: 939924 470a7163e2834781b2db0689750ce0f2 powerpc architecture (Apple Macintosh G3/G4/G5): http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.2_powerpc.deb Size/MD5: 458848 4efbbcc96f05a03301a13448f9cb3c01 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.2_powerpc.deb Size/MD5: 454226 1fe4c7712fd4597ed37730a27df95113 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.2_powerpc.deb Size/MD5: 458134 5786d901931cecd340cc1879e27bcef7 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.2_powerpc.deb Size/MD5: 410676 9fc94d5b21a8b0f7f8aab9dc60339abf http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.2_powerpc.deb Size/MD5: 411266 c44cde12a002910f9df02c10cdd26b0c http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.2_powerpc.deb Size/MD5: 367392 612ddcebee145f765163a0b30124393a http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.2_powerpc.deb Size/MD5: 1094288 72fd7d87f4876648d1e14a5022c61b00 sparc architecture (Sun SPARC/UltraSPARC): http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.2_sparc.deb Size/MD5: 441650 28e5a2c2d18239c0810b6de3584af221 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.2_sparc.deb Size/MD5: 437796 3ee7408c58fbdf8de6bf681970c1c9ad http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.2_sparc.deb Size/MD5: 441114 b1b1bb871fe0385ea4418d533f0669aa http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.2_sparc.deb Size/MD5: 410676 cf7bed097f63e3c24337813621866498 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.2_sparc.deb Size/MD5: 411252 5a30177f7039f52783576e126cf042d0 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.2_sparc.deb Size/MD5: 350468 ce216a4e9739966cd2aca4262ba0ea4e http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.2_sparc.deb Size/MD5: 959090 98ad8ee7328f25e1e81e110bbfce10c2 Updated packages for Ubuntu 8.04 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1ubuntu0.4.diff.gz Size/MD5: 132376 1a3c4e93f08a23c3a3323cb02f5963b6 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1ubuntu0.4.dsc Size/MD5: 1379 ed1a1e5de71b0e35100f60b21f959db4 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8.orig.tar.gz Size/MD5: 6125771 39a755eb0f584c279336387b321e3dfc Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.8-1ubuntu0.4_all.deb Size/MD5: 1928164 86b52d997fe3e4baf9712be0562eed2d http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.8-1ubuntu0.4_all.deb Size/MD5: 72176 1f4efe37abf317c3c42c4c0a79a4f232 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.8-1ubuntu0.4_all.deb Size/MD5: 6254152 fe271b0e4aa0cf80e99b866c23707b6a http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1ubuntu0.4_all.deb Size/MD5: 45090 3f44651df13cfd495d7c33dda1c709ea amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.4_amd64.deb Size/MD5: 252272 3d27b0311303e7c5912538fb7d4fc37c http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.4_amd64.deb Size/MD5: 247850 1ce7ff6190c21da119d98b7568f2e5d0 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.4_amd64.deb Size/MD5: 251658 ac7bc78b449cf8d28d4c10478c6f1409 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.4_amd64.deb Size/MD5: 204658 66e95c370f2662082f3ec41e4a033877 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.4_amd64.deb Size/MD5: 205336 6b1e7e0ab97b7dd4470c153275f1109c http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.4_amd64.deb Size/MD5: 140940 cad14e08ab48ca8eb06480c0db686779 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.4_amd64.deb Size/MD5: 801764 3759103e3417d44bea8866399ba34a66 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.4_i386.deb Size/MD5: 235194 dddbc62f458d9f1935087a072e1c6f67 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.4_i386.deb Size/MD5: 230748 db0a1dc277de5886655ad7b1cc5b0f1a http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.4_i386.deb Size/MD5: 234542 0e4997e9ed55d6086c439948cf1347ff http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.4_i386.deb Size/MD5: 204672 1f58383838b3b9f066e855af9f4e47e0 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.4_i386.deb Size/MD5: 205348 fa032fc136c5b26ccf364289a93a1cda http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.4_i386.deb Size/MD5: 139904 b503316d420ccb7efae5082368b95e01 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.4_i386.deb Size/MD5: 754788 140fddccc1a6d3dc743d37ab422438c2 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.4_lpia.deb Size/MD5: 234752 bc06d67259257109fe8fc17204bc9950 http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.4_lpia.deb Size/MD5: 230424 9421376c8f6d64e5c87af4f484b8aacf http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.4_lpia.deb Size/MD5: 233908 179236460d7b7b71dff5e1d1ac9f0509 http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.4_lpia.deb Size/MD5: 204664 764d773d28d032767d697eec6c6fd50a http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.4_lpia.deb Size/MD5: 205342 2891770939b51b1ca6b8ac8ca9142db1 http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.4_lpia.deb Size/MD5: 140478 4a062088427f1d8b731e06d64eb7e2ea http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.4_lpia.deb Size/MD5: 748672 b66dbda7126616894cf97eb93a959af9 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.4_powerpc.deb Size/MD5: 253368 bad43203ed4615216bf28f6da7feb81b http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.4_powerpc.deb Size/MD5: 248800 aa757fd46cd79543a020dcd3c6aa1b26 http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.4_powerpc.deb Size/MD5: 252904 682a940b7f3d14333037c80f7f01c793 http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.4_powerpc.deb Size/MD5: 204678 30af6c826869b647bc60ed2d99cc30f7 http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.4_powerpc.deb Size/MD5: 205376 cd02ca263703a6049a6fe7e11f72c98a http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.4_powerpc.deb Size/MD5: 157662 df6cdceecb8ae9d25bbd614142da0151 http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.4_powerpc.deb Size/MD5: 904904 34581d1b3c448a5de72a06393557dd48 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.4_sparc.deb Size/MD5: 236418 2eda543f97646f966f5678e2f2a0ba90 http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.4_sparc.deb Size/MD5: 232386 69e2419f27867b77d94a652a83478ad7 http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.4_sparc.deb Size/MD5: 235788 414a49286d9e8dd7b343bd9207dc727b http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.4_sparc.deb Size/MD5: 204668 f7d099cd9d3ebc0baccbdd896c94a88f http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.4_sparc.deb Size/MD5: 205352 0a5cb5dfd823b4e6708a9bcc633a90cd http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.4_sparc.deb Size/MD5: 143108 ad78ead4ac992aec97983704b1a3877f http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.4_sparc.deb Size/MD5: 763946 0d40a8ebecfef8c1a099f2170fcddb73
VAR-200806-0437 No CVE Icon Labs Iconfidant SSH Server Multiple Denial of Service Vulnerabilities CVSS V2: -
CVSS V3: -
Severity: MEDIUM
Iconfident SSH is an SSH server running on a VxWorks-based system.  Multiple vulnerabilities exist in the Iconfidant SSH server, which may cause system instability. During an SSH login, if a login is performed in a positive time frame, or invalid authentication credentials are sent, or other management operations are performed at the same time during the login, these vulnerabilities can be triggered, resulting in a denial of service
VAR-200806-0028 CVE-2008-2636 Linksys WRH54G Service disruption in (DoS) Vulnerabilities CVSS V2: 7.8
CVSS V3: -
Severity: HIGH
The HTTP service on the Cisco Linksys WRH54G with firmware 1.01.03 allows remote attackers to cause a denial of service (management interface outage) or possibly execute arbitrary code via a URI that begins with a "/./" sequence, contains many instances of a "front_page" sequence, and ends with a ".asp" sequence. Firmware Cisco Linksys WRH54G of HTTP Service disrupted service operation (DoS) Vulnerabilities exist. Linksys Wrh54g Router is prone to a denial-of-service vulnerability. The URI begins with a "/./" sequence, contains many "front_page" sequences, and ends with an ".asp" sequence. ---------------------------------------------------------------------- Want a new job? http://secunia.com/secunia_security_specialist/ http://secunia.com/hardcore_disassembler_and_reverse_engineer/ International Partner Manager - Project Sales in the IT-Security Industry: http://corporate.secunia.com/about_secunia/64/ ---------------------------------------------------------------------- TITLE: Linksys WRH54G Denial of Service Vulnerability SECUNIA ADVISORY ID: SA30562 VERIFY ADVISORY: http://secunia.com/advisories/30562/ CRITICAL: Less critical IMPACT: DoS WHERE: >From local network OPERATING SYSTEM: Linksys WRH54G http://secunia.com/product/19001/ DESCRIPTION: A vulnerability has been reported in Linksys WRH54G, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error when processing HTTP requests. This can be exploited to disable the HTTP service by sending a specially crafted HTTP request to an affected device. The vulnerability is reported in firmware version 1.01.03. Prior versions may also be affected. SOLUTION: Update to firmware version 1.01.04. PROVIDED AND/OR DISCOVERED BY: dubingyao ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------
VAR-200806-0185 CVE-2008-1582 Apple QuickTime "file: URL" arbitrary code execution CVSS V2: 6.8
CVSS V3: -
Severity: MEDIUM
Unspecified vulnerability in Apple QuickTime before 7.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted AAC-encoded file that triggers memory corruption. These issues arise when the application handles specially crafted PICT image files, Indeo video content, movie files, 'file:' URIs, and AAC-encoded media. Successful exploits may allow attackers to gain remote unauthorized access in the context of a vulnerable user; failed exploits will cause denial-of-service conditions. Versions prior to QuickTime 7.5 are affected. NOTE: This BID is being retired; the following individual records have been created to better document the issues: 29649 Apple QuickTime 'PICT' Image 'PixData' Structures Handling Heap Overflow Vulnerability 29650 Apple QuickTime 'file:' URI File Execution Vulnerability 29654 Apple QuickTime 'AAC-encoded' Media Memory Corruption Vulnerability 29648 Apple QuickTime 'PICT' Image Buffer Overflow Vulnerability 29652 Apple QuickTime Indo Video Codec Buffer Overflow Vulnerability. ---------------------------------------------------------------------- Want a new job? http://secunia.com/secunia_security_specialist/ http://secunia.com/hardcore_disassembler_and_reverse_engineer/ International Partner Manager - Project Sales in the IT-Security Industry: http://corporate.secunia.com/about_secunia/64/ ---------------------------------------------------------------------- TITLE: Apple QuickTime Multiple Vulnerabilities SECUNIA ADVISORY ID: SA29293 VERIFY ADVISORY: http://secunia.com/advisories/29293/ CRITICAL: Highly critical IMPACT: System access WHERE: >From remote SOFTWARE: Apple QuickTime 7.x http://secunia.com/product/5090/ DESCRIPTION: Some vulnerabilities have been reported in Apple QuickTime, which can be exploited by malicious people to compromise a user's system. 1) A boundary error when parsing packed scanlines from a PixData structure in a PICT file can be exploited to cause a heap-based buffer overflow via a specially crafted PICT file. 5) An error in the handling of "file:" URLs can be exploited to e.g. execute arbitrary programs when playing specially crafted QuickTIme content in QuickTime Player. SOLUTION: Update to version 7.5 (via Software Update or Apple Downloads. See vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: 1) Dyon Balding, Secunia Research 2) Independently discovered by: * Dave Soldera, NGS Software * Jens Alfke 3) Liam O Murchu, Symantec 4) An anonymous researcher, reported via ZDI 5) Independently discovered by: * Vinoo Thomas and Rahul Mohandas, McAfee Avert Labs * Petko D. (pdp) Petkov, GNUCITIZEN ORIGINAL ADVISORY: Apple: http://support.apple.com/kb/HT1991 Secunia Research: http://secunia.com/secunia_research/2008-9/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA08-162C Apple Quicktime Updates for Multiple Vulnerabilities Original release date: June 10, 2008 Last revised: -- Source: US-CERT Systems Affected * Apple Mac OS X running versions of QuickTime prior to 7.5 * Microsoft Windows running versions of QuickTime prior to 7.5 Overview Apple QuickTime contains multiple vulnerabilities as described in the Apple Knowledgebase article HT1991. I. Apple QuickTime 7.5 addresses these vulnerabilities. Note that Apple iTunes for Windows installs QuickTime, so any system with iTunes may be vulnerable. II. For further information, please see Apple knowledgebase article HT1991 about the security content of QuickTime 7.5 III. Solution Upgrade QuickTime Upgrade to QuickTime 7.5. This and other updates for Mac OS X are available via Apple Update. Secure your web browser To help mitigate these and other vulnerabilities that can be exploited via a web browser, refer to Securing Your Web Browser. IV. References * About the security content of the QuickTime 7.5 Update - <http://support.apple.com/kb/HT1991> * How to tell if Software Update for Windows is working correctly when no updates are available - <http://docs.info.apple.com/article.html?artnum=304263> * Apple - QuickTime - Download - <http://www.apple.com/quicktime/download/> * Mac OS X: Updating your software - <http://docs.info.apple.com/article.html?artnum=106704> * Securing Your Web Browser - <http://www.us-cert.gov/reading_room/securing_browser/> * US-CERT Vulnerability Notes for QuickTime 7.5 - <http://www.kb.cert.org/vuls/byid?searchview&query=apple_quicktime_7.5> ____________________________________________________________________ The most recent version of this document can be found at: <http://www.us-cert.gov/cas/techalerts/TA08-162C.html> ____________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to <cert@cert.org> with "TA08-162C Feedback VU#132419" in the subject. ____________________________________________________________________ For instructions on subscribing to or unsubscribing from this mailing list, visit <http://www.us-cert.gov/cas/signup.html>. ____________________________________________________________________ Produced 2008 by US-CERT, a government organization. Terms of use: <http://www.us-cert.gov/legal.html> ____________________________________________________________________ Revision History June 10, 2008: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iQEVAwUBSE7bhHIHljM+H4irAQKGtQf/bW1M/gN6V35MDqIGFK3PbaIXBqnhtFws xPl6zNdWmYVCHid6u0aZ+UYE+AESK3Qw3DdiwLRr3X9R4hoGmRUGiedv4h0owQTb Rij3K5simf2vbNBsVopFNeVnokOowkcRYUk/n0QnGn5FUnwDeKutrMwXQ94As/Y3 8z/VsKpwqjScHgedT6Hv67f8E6kSma4BBcK2NlRC9VMTWN2oUD7MDI/BSp5kcqaM TJfBJzqsWUywWRP3Bi8PYOLYbmC5Qj7nirl0lzCjJdNiS/GKUnT4LezHTlVhVOv5 FTnkO25morpDQph2+oBi6o+lCOBu6G6RtfQ7u15CGDCeZyme2B79eg== =e01A -----END PGP SIGNATURE-----
VAR-200806-0186 CVE-2008-1583 Apple QuickTime "file: URL" arbitrary code execution CVSS V2: 6.8
CVSS V3: -
Severity: MEDIUM
Heap-based buffer overflow in Apple QuickTime before 7.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PICT image, a different vulnerability than CVE-2008-1581. Apple QuickTime does not properly handle "file: URLs" which may allow an attacker to execute arbitrary code. CVE-2008-1581 Is a different vulnerability.Service disruption by a third party (DoS) Could be put into a state or arbitrary code could be executed. These issues arise when the application handles specially crafted PICT image files, Indeo video content, movie files, 'file:' URIs, and AAC-encoded media. Successful exploits may allow attackers to gain remote unauthorized access in the context of a vulnerable user; failed exploits will cause denial-of-service conditions. Versions prior to QuickTime 7.5 are affected. ---------------------------------------------------------------------- Want a new job? http://secunia.com/secunia_security_specialist/ http://secunia.com/hardcore_disassembler_and_reverse_engineer/ International Partner Manager - Project Sales in the IT-Security Industry: http://corporate.secunia.com/about_secunia/64/ ---------------------------------------------------------------------- TITLE: Apple QuickTime Multiple Vulnerabilities SECUNIA ADVISORY ID: SA29293 VERIFY ADVISORY: http://secunia.com/advisories/29293/ CRITICAL: Highly critical IMPACT: System access WHERE: >From remote SOFTWARE: Apple QuickTime 7.x http://secunia.com/product/5090/ DESCRIPTION: Some vulnerabilities have been reported in Apple QuickTime, which can be exploited by malicious people to compromise a user's system. 5) An error in the handling of "file:" URLs can be exploited to e.g. execute arbitrary programs when playing specially crafted QuickTIme content in QuickTime Player. SOLUTION: Update to version 7.5 (via Software Update or Apple Downloads. See vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: 1) Dyon Balding, Secunia Research 2) Independently discovered by: * Dave Soldera, NGS Software * Jens Alfke 3) Liam O Murchu, Symantec 4) An anonymous researcher, reported via ZDI 5) Independently discovered by: * Vinoo Thomas and Rahul Mohandas, McAfee Avert Labs * Petko D. (pdp) Petkov, GNUCITIZEN ORIGINAL ADVISORY: Apple: http://support.apple.com/kb/HT1991 Secunia Research: http://secunia.com/secunia_research/2008-9/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA08-162C Apple Quicktime Updates for Multiple Vulnerabilities Original release date: June 10, 2008 Last revised: -- Source: US-CERT Systems Affected * Apple Mac OS X running versions of QuickTime prior to 7.5 * Microsoft Windows running versions of QuickTime prior to 7.5 Overview Apple QuickTime contains multiple vulnerabilities as described in the Apple Knowledgebase article HT1991. I. Apple QuickTime 7.5 addresses these vulnerabilities. Note that Apple iTunes for Windows installs QuickTime, so any system with iTunes may be vulnerable. II. For further information, please see Apple knowledgebase article HT1991 about the security content of QuickTime 7.5 III. Solution Upgrade QuickTime Upgrade to QuickTime 7.5. This and other updates for Mac OS X are available via Apple Update. Secure your web browser To help mitigate these and other vulnerabilities that can be exploited via a web browser, refer to Securing Your Web Browser. IV. References * About the security content of the QuickTime 7.5 Update - <http://support.apple.com/kb/HT1991> * How to tell if Software Update for Windows is working correctly when no updates are available - <http://docs.info.apple.com/article.html?artnum=304263> * Apple - QuickTime - Download - <http://www.apple.com/quicktime/download/> * Mac OS X: Updating your software - <http://docs.info.apple.com/article.html?artnum=106704> * Securing Your Web Browser - <http://www.us-cert.gov/reading_room/securing_browser/> * US-CERT Vulnerability Notes for QuickTime 7.5 - <http://www.kb.cert.org/vuls/byid?searchview&query=apple_quicktime_7.5> ____________________________________________________________________ The most recent version of this document can be found at: <http://www.us-cert.gov/cas/techalerts/TA08-162C.html> ____________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to <cert@cert.org> with "TA08-162C Feedback VU#132419" in the subject. ____________________________________________________________________ For instructions on subscribing to or unsubscribing from this mailing list, visit <http://www.us-cert.gov/cas/signup.html>. ____________________________________________________________________ Produced 2008 by US-CERT, a government organization. Terms of use: <http://www.us-cert.gov/legal.html> ____________________________________________________________________ Revision History June 10, 2008: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iQEVAwUBSE7bhHIHljM+H4irAQKGtQf/bW1M/gN6V35MDqIGFK3PbaIXBqnhtFws xPl6zNdWmYVCHid6u0aZ+UYE+AESK3Qw3DdiwLRr3X9R4hoGmRUGiedv4h0owQTb Rij3K5simf2vbNBsVopFNeVnokOowkcRYUk/n0QnGn5FUnwDeKutrMwXQ94As/Y3 8z/VsKpwqjScHgedT6Hv67f8E6kSma4BBcK2NlRC9VMTWN2oUD7MDI/BSp5kcqaM TJfBJzqsWUywWRP3Bi8PYOLYbmC5Qj7nirl0lzCjJdNiS/GKUnT4LezHTlVhVOv5 FTnkO25morpDQph2+oBi6o+lCOBu6G6RtfQ7u15CGDCeZyme2B79eg== =e01A -----END PGP SIGNATURE-----
VAR-200806-0184 CVE-2008-1581 Apple QuickTime "file: URL" arbitrary code execution CVSS V2: 6.8
CVSS V3: -
Severity: MEDIUM
Heap-based buffer overflow in Apple QuickTime before 7.5 on Windows allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted packed scanlines in PixData structures in a PICT image. Apple QuickTime does not properly handle "file: URLs" which may allow an attacker to execute arbitrary code. These issues arise when the application handles specially crafted PICT image files, Indeo video content, movie files, 'file:' URIs, and AAC-encoded media. Successful exploits may allow attackers to gain remote unauthorized access in the context of a vulnerable user; failed exploits will cause denial-of-service conditions. Versions prior to QuickTime 7.5 are affected. An attacker can exploit this issue to execute arbitrary within the context of the affected application. Failed exploit attempts will result in a denial-of-service vulnerability. If the user is tricked into opening a malicious PICT graphics, it will cause the player to terminate or execute arbitrary instructions. ---------------------------------------------------------------------- Want a new job? http://secunia.com/secunia_security_specialist/ http://secunia.com/hardcore_disassembler_and_reverse_engineer/ International Partner Manager - Project Sales in the IT-Security Industry: http://corporate.secunia.com/about_secunia/64/ ---------------------------------------------------------------------- TITLE: Apple QuickTime Multiple Vulnerabilities SECUNIA ADVISORY ID: SA29293 VERIFY ADVISORY: http://secunia.com/advisories/29293/ CRITICAL: Highly critical IMPACT: System access WHERE: >From remote SOFTWARE: Apple QuickTime 7.x http://secunia.com/product/5090/ DESCRIPTION: Some vulnerabilities have been reported in Apple QuickTime, which can be exploited by malicious people to compromise a user's system. 5) An error in the handling of "file:" URLs can be exploited to e.g. execute arbitrary programs when playing specially crafted QuickTIme content in QuickTime Player. SOLUTION: Update to version 7.5 (via Software Update or Apple Downloads. See vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: 1) Dyon Balding, Secunia Research 2) Independently discovered by: * Dave Soldera, NGS Software * Jens Alfke 3) Liam O Murchu, Symantec 4) An anonymous researcher, reported via ZDI 5) Independently discovered by: * Vinoo Thomas and Rahul Mohandas, McAfee Avert Labs * Petko D. (pdp) Petkov, GNUCITIZEN ORIGINAL ADVISORY: Apple: http://support.apple.com/kb/HT1991 Secunia Research: http://secunia.com/secunia_research/2008-9/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA08-162C Apple Quicktime Updates for Multiple Vulnerabilities Original release date: June 10, 2008 Last revised: -- Source: US-CERT Systems Affected * Apple Mac OS X running versions of QuickTime prior to 7.5 * Microsoft Windows running versions of QuickTime prior to 7.5 Overview Apple QuickTime contains multiple vulnerabilities as described in the Apple Knowledgebase article HT1991. I. Apple QuickTime 7.5 addresses these vulnerabilities. II. For further information, please see Apple knowledgebase article HT1991 about the security content of QuickTime 7.5 III. Solution Upgrade QuickTime Upgrade to QuickTime 7.5. This and other updates for Mac OS X are available via Apple Update. Secure your web browser To help mitigate these and other vulnerabilities that can be exploited via a web browser, refer to Securing Your Web Browser. IV. References * About the security content of the QuickTime 7.5 Update - <http://support.apple.com/kb/HT1991> * How to tell if Software Update for Windows is working correctly when no updates are available - <http://docs.info.apple.com/article.html?artnum=304263> * Apple - QuickTime - Download - <http://www.apple.com/quicktime/download/> * Mac OS X: Updating your software - <http://docs.info.apple.com/article.html?artnum=106704> * Securing Your Web Browser - <http://www.us-cert.gov/reading_room/securing_browser/> * US-CERT Vulnerability Notes for QuickTime 7.5 - <http://www.kb.cert.org/vuls/byid?searchview&query=apple_quicktime_7.5> ____________________________________________________________________ The most recent version of this document can be found at: <http://www.us-cert.gov/cas/techalerts/TA08-162C.html> ____________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to <cert@cert.org> with "TA08-162C Feedback VU#132419" in the subject. ____________________________________________________________________ For instructions on subscribing to or unsubscribing from this mailing list, visit <http://www.us-cert.gov/cas/signup.html>. ____________________________________________________________________ Produced 2008 by US-CERT, a government organization. Terms of use: <http://www.us-cert.gov/legal.html> ____________________________________________________________________ Revision History June 10, 2008: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iQEVAwUBSE7bhHIHljM+H4irAQKGtQf/bW1M/gN6V35MDqIGFK3PbaIXBqnhtFws xPl6zNdWmYVCHid6u0aZ+UYE+AESK3Qw3DdiwLRr3X9R4hoGmRUGiedv4h0owQTb Rij3K5simf2vbNBsVopFNeVnokOowkcRYUk/n0QnGn5FUnwDeKutrMwXQ94As/Y3 8z/VsKpwqjScHgedT6Hv67f8E6kSma4BBcK2NlRC9VMTWN2oUD7MDI/BSp5kcqaM TJfBJzqsWUywWRP3Bi8PYOLYbmC5Qj7nirl0lzCjJdNiS/GKUnT4LezHTlVhVOv5 FTnkO25morpDQph2+oBi6o+lCOBu6G6RtfQ7u15CGDCeZyme2B79eg== =e01A -----END PGP SIGNATURE----- . ====================================================================== 6) Time Table 10/03/2008 - Vendor notified. 13/03/2008 - Vendor response. 10/06/2008 - Public disclosure. ====================================================================== 7) Credits Discovered by Dyon Balding, Secunia Research. ====================================================================== 8) References The Common Vulnerabilities and Exposures (CVE) project has assigned CVE-2008-1581 for the vulnerability. ====================================================================== 9) About Secunia Secunia offers vulnerability management solutions to corporate customers with verified and reliable vulnerability intelligence relevant to their specific system configuration: http://corporate.secunia.com/ Secunia also provides a publicly accessible and comprehensive advisory database as a service to the security community and private individuals, who are interested in or concerned about IT-security. http://secunia.com/ Secunia believes that it is important to support the community and to do active vulnerability research in order to aid improving the security and reliability of software in general: http://corporate.secunia.com/secunia_research/33/ Secunia regularly hires new skilled team members. Check the URL below to see currently vacant positions: http://secunia.com/secunia_vacancies/ Secunia offers a FREE mailing list called Secunia Security Advisories: http://secunia.com/secunia_security_advisories/ ====================================================================== 10) Verification Please verify this advisory by visiting the Secunia website: http://secunia.com/secunia_research/2008-9/ Complete list of vulnerability reports published by Secunia Research: http://secunia.com/secunia_research/ ======================================================================
VAR-200806-0187 CVE-2008-1584 Apple QuickTime "file: URL" arbitrary code execution CVSS V2: 6.8
CVSS V3: -
Severity: MEDIUM
Stack-based buffer overflow in Indeo.qtx in Apple QuickTime before 7.5 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via crafted Indeo video codec content in a movie file. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of Quicktime files that utilize the Indeo video codec. A lack of proper bounds checking within Indeo.qtx can result in a stack based buffer overflow leading to arbitrary code execution under the context of the currently logged in user. These issues arise when the application handles specially crafted PICT image files, Indeo video content, movie files, 'file:' URIs, and AAC-encoded media. Successful exploits may allow attackers to gain remote unauthorized access in the context of a vulnerable user; failed exploits will cause denial-of-service conditions. Versions prior to QuickTime 7.5 are affected. ---------------------------------------------------------------------- Want a new job? http://secunia.com/secunia_security_specialist/ http://secunia.com/hardcore_disassembler_and_reverse_engineer/ International Partner Manager - Project Sales in the IT-Security Industry: http://corporate.secunia.com/about_secunia/64/ ---------------------------------------------------------------------- TITLE: Apple QuickTime Multiple Vulnerabilities SECUNIA ADVISORY ID: SA29293 VERIFY ADVISORY: http://secunia.com/advisories/29293/ CRITICAL: Highly critical IMPACT: System access WHERE: >From remote SOFTWARE: Apple QuickTime 7.x http://secunia.com/product/5090/ DESCRIPTION: Some vulnerabilities have been reported in Apple QuickTime, which can be exploited by malicious people to compromise a user's system. 1) A boundary error when parsing packed scanlines from a PixData structure in a PICT file can be exploited to cause a heap-based buffer overflow via a specially crafted PICT file. 5) An error in the handling of "file:" URLs can be exploited to e.g. SOLUTION: Update to version 7.5 (via Software Update or Apple Downloads. See vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: 1) Dyon Balding, Secunia Research 2) Independently discovered by: * Dave Soldera, NGS Software * Jens Alfke 3) Liam O Murchu, Symantec 4) An anonymous researcher, reported via ZDI 5) Independently discovered by: * Vinoo Thomas and Rahul Mohandas, McAfee Avert Labs * Petko D. (pdp) Petkov, GNUCITIZEN ORIGINAL ADVISORY: Apple: http://support.apple.com/kb/HT1991 Secunia Research: http://secunia.com/secunia_research/2008-9/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . -- Vendor Response: Apple has issued an update to correct this vulnerability. More details can be found at: http://support.apple.com/kb/HT1222 -- Disclosure Timeline: 2008-02-07 - Vulnerability reported to vendor 2008-06-10 - Coordinated public release of advisory -- Credit: This vulnerability was discovered by: * Anonymous -- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities. Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at: http://www.zerodayinitiative.com The ZDI is unique in how the acquired vulnerability information is used. TippingPoint does not re-sell the vulnerability details or any exploit code. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product. Our vulnerability disclosure policy is available online at: http://www.zerodayinitiative.com/advisories/disclosure_policy/ CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is being sent by 3Com for the sole use of the intended recipient(s) and may contain confidential, proprietary and/or privileged information. Any unauthorized review, use, disclosure and/or distribution by any recipient is prohibited. If you are not the intended recipient, please delete and/or destroy all copies of this message regardless of form and any included attachments and notify 3Com immediately by contacting the sender via reply e-mail or forwarding to 3Com at postmaster@3com.com. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA08-162C Apple Quicktime Updates for Multiple Vulnerabilities Original release date: June 10, 2008 Last revised: -- Source: US-CERT Systems Affected * Apple Mac OS X running versions of QuickTime prior to 7.5 * Microsoft Windows running versions of QuickTime prior to 7.5 Overview Apple QuickTime contains multiple vulnerabilities as described in the Apple Knowledgebase article HT1991. I. Apple QuickTime 7.5 addresses these vulnerabilities. Note that Apple iTunes for Windows installs QuickTime, so any system with iTunes may be vulnerable. II. For further information, please see Apple knowledgebase article HT1991 about the security content of QuickTime 7.5 III. Solution Upgrade QuickTime Upgrade to QuickTime 7.5. This and other updates for Mac OS X are available via Apple Update. Secure your web browser To help mitigate these and other vulnerabilities that can be exploited via a web browser, refer to Securing Your Web Browser. IV. References * About the security content of the QuickTime 7.5 Update - <http://support.apple.com/kb/HT1991> * How to tell if Software Update for Windows is working correctly when no updates are available - <http://docs.info.apple.com/article.html?artnum=304263> * Apple - QuickTime - Download - <http://www.apple.com/quicktime/download/> * Mac OS X: Updating your software - <http://docs.info.apple.com/article.html?artnum=106704> * Securing Your Web Browser - <http://www.us-cert.gov/reading_room/securing_browser/> * US-CERT Vulnerability Notes for QuickTime 7.5 - <http://www.kb.cert.org/vuls/byid?searchview&query=apple_quicktime_7.5> ____________________________________________________________________ The most recent version of this document can be found at: <http://www.us-cert.gov/cas/techalerts/TA08-162C.html> ____________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to <cert@cert.org> with "TA08-162C Feedback VU#132419" in the subject. ____________________________________________________________________ For instructions on subscribing to or unsubscribing from this mailing list, visit <http://www.us-cert.gov/cas/signup.html>. ____________________________________________________________________ Produced 2008 by US-CERT, a government organization. Terms of use: <http://www.us-cert.gov/legal.html> ____________________________________________________________________ Revision History June 10, 2008: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iQEVAwUBSE7bhHIHljM+H4irAQKGtQf/bW1M/gN6V35MDqIGFK3PbaIXBqnhtFws xPl6zNdWmYVCHid6u0aZ+UYE+AESK3Qw3DdiwLRr3X9R4hoGmRUGiedv4h0owQTb Rij3K5simf2vbNBsVopFNeVnokOowkcRYUk/n0QnGn5FUnwDeKutrMwXQ94As/Y3 8z/VsKpwqjScHgedT6Hv67f8E6kSma4BBcK2NlRC9VMTWN2oUD7MDI/BSp5kcqaM TJfBJzqsWUywWRP3Bi8PYOLYbmC5Qj7nirl0lzCjJdNiS/GKUnT4LezHTlVhVOv5 FTnkO25morpDQph2+oBi6o+lCOBu6G6RtfQ7u15CGDCeZyme2B79eg== =e01A -----END PGP SIGNATURE-----
VAR-200806-0188 CVE-2008-1585 Apple QuickTime "file: URL" arbitrary code execution CVSS V2: 6.8
CVSS V3: -
Severity: MEDIUM
Apple QuickTime before 7.5 uses the url.dll!FileProtocolHandler handler for unrecognized URIs in qt:next attributes within SMIL text in video files, which sends these URIs to explorer.exe and thereby allows remote attackers to execute arbitrary programs, as originally demonstrated by crafted file: URLs. User interaction is required to exploit this vulnerability in that the target must open a malicious file.The specific flaw exists in the handling of SMIL text embedded in video formats. No sanity checking is performed on values of the qt:next attribute. These issues arise when the application handles specially crafted PICT image files, Indeo video content, movie files, 'file:' URIs, and AAC-encoded media. Versions prior to QuickTime 7.5 are affected. This issue may lead to a remote compromise. The issue arises because of improper handling of the 'file:' URI. Versions prior to QuickTime 7.5 running on Apple Mac OS X 10.3.9, Mac OS X 10.4.9 to v10.4.11, Mac OS X 10.5 or later, Windows Vista, and Windows XP SP2 are affected. ZDI-08-038: QuickTime SMIL qtnext Redirect File Execution http://www.zerodayinitiative.com/advisories/ZDI-08-038 June 10, 2008 -- CVE ID: CVE-2008-1585 -- Affected Vendors: Apple -- Affected Products: Apple Quicktime -- TippingPoint(TM) IPS Customer Protection: TippingPoint IPS customers have been protected against this vulnerability by Digital Vaccine protection filter ID 6119. -- Vendor Response: Apple has issued an update to correct this vulnerability. More details can be found at: http://support.apple.com/kb/HT1222 -- Disclosure Timeline: 2008-05-08 - Vulnerability reported to vendor 2008-06-10 - Coordinated public release of advisory -- Credit: This vulnerability was discovered by: * Petko D. (pdp) Petkov | GNUCITIZEN -- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities. Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at: http://www.zerodayinitiative.com The ZDI is unique in how the acquired vulnerability information is used. TippingPoint does not re-sell the vulnerability details or any exploit code. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product. Our vulnerability disclosure policy is available online at: http://www.zerodayinitiative.com/advisories/disclosure_policy/ CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is being sent by 3Com for the sole use of the intended recipient(s) and may contain confidential, proprietary and/or privileged information. Any unauthorized review, use, disclosure and/or distribution by any recipient is prohibited. If you are not the intended recipient, please delete and/or destroy all copies of this message regardless of form and any included attachments and notify 3Com immediately by contacting the sender via reply e-mail or forwarding to 3Com at postmaster@3com.com. execute arbitrary programs when playing specially crafted QuickTIme content in QuickTime Player. See vendor's advisory for details). ---------------------------------------------------------------------- Want a new job? http://secunia.com/secunia_security_specialist/ http://secunia.com/hardcore_disassembler_and_reverse_engineer/ International Partner Manager - Project Sales in the IT-Security Industry: http://corporate.secunia.com/about_secunia/64/ ---------------------------------------------------------------------- TITLE: Apple TV Multiple Vulnerabilities SECUNIA ADVISORY ID: SA31034 VERIFY ADVISORY: http://secunia.com/advisories/31034/ CRITICAL: Highly critical IMPACT: System access WHERE: >From remote OPERATING SYSTEM: Apple TV 2.x http://secunia.com/product/19289/ DESCRIPTION: Some vulnerabilities have been reported in Apple TV, which can be exploited by malicious people to compromise a vulnerable system. 1) A boundary error in the handling of data reference atoms in movie files can be exploited to cause a buffer overflow. For more information see vulnerability #3 in: SA29650 2) A boundary error in the handling of "crgn" atoms in movie files can be exploited to cause a heap-based buffer overflow. For more information see vulnerability #5 in: SA29650 3) A boundary error in the handling of "chan" atoms in movie files can be exploited to cause a heap-based buffer overflow. For more information see vulnerability #6 in: SA29650 4) An error in the handling of "file:" URLs can be exploited to e.g. execute arbitrary programs. For more more information see vulnerability #5 in: SA29293 5) A boundary error when handling RTSP replies can be exploited to cause a heap-based buffer overflow. For more information: SA28423 6) A boundary error when processing compressed PICT images can be exploited to cause a buffer overflow. For more information see vulnerability #4 in: SA28502 SOLUTION: Update to version 2.1. PROVIDED AND/OR DISCOVERED BY: 1,6) Chris Ries of Carnegie Mellon University Computing Services. 2) Sanbin Li, reporting via ZDI. 3) An anonymous researcher, reporting via ZDI. 4) Independently discovered by: * Vinoo Thomas and Rahul Mohandas, McAfee Avert Labs * Petko D. (pdp) Petkov, GNUCITIZEN 5) Luigi Auriemma ORIGINAL ADVISORY: http://support.apple.com/kb/HT2304 OTHER REFERENCES: SA28423: http://secunia.com/advisories/28423/ SA28502: http://secunia.com/advisories/28502/ SA29293: http://secunia.com/advisories/29293/ SA29650: http://secunia.com/advisories/29650/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA08-162C Apple Quicktime Updates for Multiple Vulnerabilities Original release date: June 10, 2008 Last revised: -- Source: US-CERT Systems Affected * Apple Mac OS X running versions of QuickTime prior to 7.5 * Microsoft Windows running versions of QuickTime prior to 7.5 Overview Apple QuickTime contains multiple vulnerabilities as described in the Apple Knowledgebase article HT1991. I. Apple QuickTime 7.5 addresses these vulnerabilities. Note that Apple iTunes for Windows installs QuickTime, so any system with iTunes may be vulnerable. II. For further information, please see Apple knowledgebase article HT1991 about the security content of QuickTime 7.5 III. Solution Upgrade QuickTime Upgrade to QuickTime 7.5. Secure your web browser To help mitigate these and other vulnerabilities that can be exploited via a web browser, refer to Securing Your Web Browser. IV. References * About the security content of the QuickTime 7.5 Update - <http://support.apple.com/kb/HT1991> * How to tell if Software Update for Windows is working correctly when no updates are available - <http://docs.info.apple.com/article.html?artnum=304263> * Apple - QuickTime - Download - <http://www.apple.com/quicktime/download/> * Mac OS X: Updating your software - <http://docs.info.apple.com/article.html?artnum=106704> * Securing Your Web Browser - <http://www.us-cert.gov/reading_room/securing_browser/> * US-CERT Vulnerability Notes for QuickTime 7.5 - <http://www.kb.cert.org/vuls/byid?searchview&query=apple_quicktime_7.5> ____________________________________________________________________ The most recent version of this document can be found at: <http://www.us-cert.gov/cas/techalerts/TA08-162C.html> ____________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to <cert@cert.org> with "TA08-162C Feedback VU#132419" in the subject. ____________________________________________________________________ For instructions on subscribing to or unsubscribing from this mailing list, visit <http://www.us-cert.gov/cas/signup.html>. ____________________________________________________________________ Produced 2008 by US-CERT, a government organization. Terms of use: <http://www.us-cert.gov/legal.html> ____________________________________________________________________ Revision History June 10, 2008: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iQEVAwUBSE7bhHIHljM+H4irAQKGtQf/bW1M/gN6V35MDqIGFK3PbaIXBqnhtFws xPl6zNdWmYVCHid6u0aZ+UYE+AESK3Qw3DdiwLRr3X9R4hoGmRUGiedv4h0owQTb Rij3K5simf2vbNBsVopFNeVnokOowkcRYUk/n0QnGn5FUnwDeKutrMwXQ94As/Y3 8z/VsKpwqjScHgedT6Hv67f8E6kSma4BBcK2NlRC9VMTWN2oUD7MDI/BSp5kcqaM TJfBJzqsWUywWRP3Bi8PYOLYbmC5Qj7nirl0lzCjJdNiS/GKUnT4LezHTlVhVOv5 FTnkO25morpDQph2+oBi6o+lCOBu6G6RtfQ7u15CGDCeZyme2B79eg== =e01A -----END PGP SIGNATURE-----
VAR-200806-0441 No CVE Hitachi Groupmax Collaboration Products Cross-Site Scripting Vulnerability CVSS V2: 4.3
CVSS V3: -
Severity: Medium
A cross-site scripting vulnerability has been found in the Hitachi Groupmax Collaboration products.A remote attacker could execute arbitrary scripts.
VAR-200806-0439 No CVE XMAP3 Denial of Service (DoS) Vulneability CVSS V2: 5.0
CVSS V3: -
Severity: Medium
XMAP3's print function has a vulnerability that could cause a temporary denial of service (DoS) condition when receiving unexpected data.An attacker could cause a denial of service (DoS) condition by sending unexpected data to XMAP3's print service.
VAR-200806-0443 No CVE JP1/Cm2/Network Node Manager Web Coordinated Function Multiple Vulnerabilities CVSS V2: 7.5
CVSS V3: -
Severity: High
Multiple vulnerabilities have been found in the JP1/Cm2/Network Node Manager (NNM) Web coordinated function.A remote attacker could execute arbitrary scripts or code, or cause a denial of service (DoS) condition.
VAR-200904-0200 CVE-2008-6701 NetScout Visualizer Vulnerabilities that can obtain administrator privileges CVSS V2: 7.5
CVSS V3: -
Severity: HIGH
NetScout (formerly Network General) Visualizer V2100 and InfiniStream i1730 do not restrict access to ResourceManager/en_US/domains/add_domain.jsp, which allows remote attackers to gain administrator privileges via a direct request. Attackers can exploit this issue to perform unauthorized administrative functions. This can aid in further attacks. The NetScout Administrator device is vulnerable; other devices may also be affected. Reports indicated that this issue may exist in Network General Visualizer V2100 and Network General Infinistream i1730 Sniffer. This has not been confirmed. ---------------------------------------------------------------------- Want a new job? http://secunia.com/secunia_security_specialist/ http://secunia.com/hardcore_disassembler_and_reverse_engineer/ International Partner Manager - Project Sales in the IT-Security Industry: http://corporate.secunia.com/about_secunia/64/ ---------------------------------------------------------------------- TITLE: NetScout Visualizer / InfiniStream Security Bypass SECUNIA ADVISORY ID: SA30514 VERIFY ADVISORY: http://secunia.com/advisories/30514/ CRITICAL: Less critical IMPACT: Security Bypass WHERE: >From remote OPERATING SYSTEM: NetScout Visualizer http://secunia.com/product/19033/ Network General InfiniStream i1730 http://secunia.com/product/19035/ DESCRIPTION: A vulnerability has been reported in NetScout Visualizer and InfiniStream, which can be exploited by malicious users to perform certain actions with escalated privileges. The vulnerability is caused due to improper access restrictions to certain administrative pages in the web interface. This can be exploited to access administrative functions by directly accessing the URL of such pages. SOLUTION: Grant only trusted users access to affected system. PROVIDED AND/OR DISCOVERED BY: jgrove_2000 ORIGINAL ADVISORY: http://archives.neohapsis.com/archives/bugtraq/2008-06/0068.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------
VAR-200806-0029 CVE-2008-2637 F5 FirePass SSL VPN Vulnerable to cross-site scripting CVSS V2: 4.3
CVSS V3: -
Severity: MEDIUM
Multiple cross-site scripting (XSS) vulnerabilities in F5 FirePass SSL VPN 6.0.2 hotfix 3, and possibly earlier versions, allow remote attackers to inject arbitrary web script or HTML via quotes in (1) the css_exceptions parameter in vdesk/admincon/webyfiers.php and (2) the sql_matchscope parameter in vdesk/admincon/index.php. (1) vdesk/admincon/webyfiers.php Inside css_exceptions Parameters (2) vdesk/admincon/index.php Inside sql_matchscope Parameters. F5 FirePass SSL VPN is prone to multiple cross-site request-forgery vulnerabilities because it fails to adequately sanitize user-supplied input. Exploiting these issues may allow a remote attacker to execute arbitrary actions in the context of the affected application. FirePass 6.0.2 hotfix 3 is vulnerable; other versions may also be affected. F5 FirePass SSL VPN devices allow users to securely connect to critical business applications. The F5 FirePass SSL VPN device performs basic filtering on web requests submitted through Portal Access. The Content Inspection function is configured and customized through the web management interface, and the /vdesk/admincon/webyfiers.php file of this web management interface is not correct. If a remote attacker submits a malicious HTTP request to the above page, a cross-site scripting attack can be executed, resulting in the execution of arbitrary instructions. ---------------------------------------------------------------------- Want a new job? http://secunia.com/secunia_security_specialist/ http://secunia.com/hardcore_disassembler_and_reverse_engineer/ ---------------------------------------------------------------------- TITLE: F5 FirePass SSL VPN Appliance Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA30550 VERIFY ADVISORY: http://secunia.com/advisories/30550/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: >From remote OPERATING SYSTEM: FirePass 5.x http://secunia.com/product/4695/ FirePass 6.x http://secunia.com/product/13146/ DESCRIPTION: nnposter has reported some vulnerabilities in F5 FirePass, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to the "css_exceptions" parameter in /vdesk/admincon/webyfiers.php and to the "sql_matchscope" parameter in /vdesk/admincon/index.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of the administrative interface. SOLUTION: Do not visit untrusted sites or follow untrusted links while being logged in to the administrative interface. PROVIDED AND/OR DISCOVERED BY: nnposter ORIGINAL ADVISORY: http://archives.neohapsis.com/archives/bugtraq/2008-06/0063.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------
VAR-200806-0204 CVE-2008-2055 Cisco PIX/ASA of TCP ACK Service disruption in packet processing (DoS) Vulnerabilities CVSS V2: 7.8
CVSS V3: -
Severity: HIGH
Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.1.x before 7.1(2)70, 7.2.x before 7.2(4), and 8.0.x before 8.0(3)10 allows remote attackers to cause a denial of service via a crafted TCP ACK packet to the device interface. Cisco PIX and Cisco ASA are prone to multiple denial-of-service vulnerabilities and an unauthorized-access vulnerability. An attacker can exploit these issues to bypass ACL lists and to cause an affected device to reboot or crash. This security advisory outlines details of these vulnerabilities: * Crafted TCP ACK Packet Vulnerability * Crafted TLS Packet Vulnerability * Instant Messenger Inspection Vulnerability * Vulnerability Scan Denial of Service * Control-plane Access Control List Vulnerability The first four vulnerabilities may lead to a denial of service (DoS) condition and the fifth vulnerability may allow an attacker to bypass control-plane access control lists (ACL). Note: These vulnerabilities are independent of each other. A device may be affected by one vulnerability and not affected by another. Cisco has released free software updates that address these vulnerabilities. Workarounds that mitigate some of these vulnerabilities are available. This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20080604-asa.shtml Affected Products ================= Vulnerable Products +------------------ The following are the details about each vulnerability described within this advisory. Software versions prior to 7.1(2)70 on the 7.1.x release, 7.2(4) on the 7.2.x release, and 8.0 (3)10 on the 8.0.x release are affected. Devices running software versions on the 8.0 release that are configured for Telnet, Secure Shell (SSH), WebVPN, SSL VPN, or ASDM enabled are affected by this vulnerability. Note: Devices running IPv4 and IPv6 are affected by this vulnerability. Devices running software versions in the 7.0.x and 7.1.x releases are not vulnerable. Additionally, devices that do not have Instant Messaging Inspection enabled are not vulnerable. Note: Instant Messaging Inspection is disabled by default. Control-plane Access Control List Vulnerability +---------------------------------------------- Cisco ASA and Cisco PIX devices are affected by a vulnerability if the device is configured to use control-plane ACLs and if it is running software versions prior to 8.0(3)9 on the 8.0.x release. Devices running software versions 7.x or 8.1.x are not vulnerable. Note: Control-plane ACLs were first introduced in software version 8.0(2). The control-plane ACLs are not enabled by default. The show version command-line interface (CLI) command can be used to determine if a vulnerable version of the Cisco PIX or Cisco ASA software is running. Products Confirmed Not Vulnerable +-------------------------------- The Cisco Firewall Services Module (FWSM) is not affected by any of these vulnerabilities. Cisco PIX security appliances running versions 6.x are not vulnerable. No other Cisco products are currently known to be affected by these vulnerabilities. Details ======= This Security Advisory describes multiple distinct vulnerabilities. These vulnerabilities are independent of each other. 1. Only packets destined to the device (not transiting the device) may trigger the effects of this vulnerability. Devices running software versions on the 8.0 release that are configured for Telnet, Secure Shell (SSH), WebVPN, SSL VPN, or ASDM enabled are affected by this vulnerability. The telnet command is used identify the IP addresses from which the security appliance accepts Telnet connections. ASA(config)# telnet 192.168.10.0 255.255.255.0 inside In the previous example, the Cisco ASA is configured to accept Telnet connections on the inside interface from the 192.168.10.0/24 network. Note: You cannot use Telnet to the lowest security interface unless you use Telnet inside an IPSec tunnel. ASDM management sessions are enabled via the http server enable and http commands. The ssh command is used identify the IP addresses from which the security appliance accepts SSH connections. For example: ASA(config)# ssh 192.168.10.0 255.255.255.0 inside In the previous example the Cisco ASA is configured to accept SSH connections on the inside interface from the 192.168.10.0/24 network. Clientless WebVPN, SSL VPN Client, and AnyConnect connections are enabled via the webvpn command. For example, the following configuration shows a Cisco ASA with WebVPN configured and enabled. In this case the ASA will listen for WebVPN connections on the default port, TCP port 443: http server enable ! webvpn enable outside Note that with this particular configuration, the device is vulnerable to attacks coming from the outside interface. This vulnerability is documented in Cisco Bug ID CSCsm84110 and has been assigned Common Vulnerabilities and Exposures (CVE) identifier CVE-2008-2055. 2. Crafted TLS Packet Vulnerability +---------------------------------- Transport Layer Security (TLS) is the replacement for the Secure Socket Layer (SSL) protocol. It is a protocol that provides, via cryptography, secure communications between two end-points. In all these scenarios, the PIX and ASA may be affected by a vulnerability in the handling of the TLS protocol that may lead to a reload of the device when it processes specially crafted TLS packets. Note: Only packets destined to the device (not transiting the device) may trigger the effects of this vulnerability. The following list contains some of the applications within the Cisco ASA and Cisco PIX devices that use TLS: * Clientless WebVPN, SSL VPN Client, and AnyConnect Connections * ASDM (HTTPS) Management Sessions * Cut-Through Proxy for Network Access * TLS Proxy for Encrypted Voice Inspection Clientless WebVPN, SSL VPN Client, and AnyConnect Connections +------------------------------------------------------------ Clientless WebVPN, SSL VPN Client, and AnyConnect connections are enabled via the webvpn command. For example, the following configuration shows a Cisco ASA with WebVPN configured and enabled. In this case the ASA will listen for WebVPN connections on the default port, TCP port 443: http server enable ! webvpn enable outside Note that with this particular configuration, the device is vulnerable to attacks coming from the outside interface. ASDM (HTTPS) Management Sessions +------------------------------- ASDM management sessions are enabled via the http server enable and http commands. For example, the following configuration shows an ASA configured for remote HTTPS management: http server enable http 192.168.0.0 255.255.255.0 inside Note that with this particular configuration the device is vulnerable to attacks coming from the inside interface and from the 192.168.0.0/ 24 IP sub-network. Cut-Through Proxy for Network Access +------------------------------------ The cut-through proxy feature is used to authenticate users before they can access the network. The following is an example of a configuration that requires users to authenticate before they can be granted network access: access-list auth-proxy extended permit tcp any any eq www access-list auth-proxy extended permit tcp any any eq telnet access-list auth-proxy extended permit tcp any any eq https ! aaa authentication match auth-proxy inside LOCAL aaa authentication secure-http-client aaa authentication listener https inside port https A configuration affected by this vulnerability will contain the command aaa authentication secure-http-client or aaa authentication listener https inside port <port number>. Note that with the configuration in the preceding example, the device is vulnerable to attacks coming from the inside interface. TLS Proxy for Encrypted Voice Inspection +--------------------------------------- The TLS proxy for encrypted voice inspection feature allows the security appliance to decrypt, inspect and modify (as needed, for example, performing NAT fixup), and re-encrypt voice signaling traffic while all of the existing VoIP inspection functions for SCCP and Session Initiation Protocol (SIP) protocols are preserved. Once voice signaling is decrypted, the plain-text signaling message is passed to the existing inspection engines. The security appliance accomplishes this by acting as a TLS proxy between the IP phone and Cisco Unified CallManager and Cisco Unified Communications Manager, which implies that TLS sessions are terminating on the security appliance. This is done over TCP ports 2443 and 5061. If the output contains the text tls-proxy: active and some statistics, then the device has a vulnerable configuration. The following example shows a vulnerable Cisco ASA Security Appliance: ASA# show service-policy | include tls Inspect: sip tls-proxy myproxy, packet 0, drop 0, reset-drop 0 tls-proxy: active sess 0, most sess 0, byte 0 Inspect: skinny tls-proxy myproxy, packet 0, drop 0, reset-drop 0 tls-proxy: active sess 0, most sess 0, byte 0 ASA# This vulnerability is documented in Cisco Bug ID CSCsm26841 and has been assigned the Common Vulnerabilities and Exposures (CVE) identifier CVE-2008-2056. 3. Instant Messenger Inspection Vulnerability +-------------------------------------------- The Cisco ASA and Cisco PIX Instant Messenger (IM) inspection engine is used to apply fine grained controls on the IM application usage within your network. More information on the IM inspection feature and its configuration can be found at: http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/inspect.html#wp1479354 This vulnerability is documented in Cisco Bug ID CSCso22981 and has been assigned Common Vulnerabilities and Exposures (CVE) identifier CVE-2008-2057. 4. Certain vulnerability (port) scanners will cause the system to reload. Note: This vulnerability is affected by traffic destined to the device on TCP port 443. The Cisco ASA and Cisco PIX security appliances use TCP port 443 for Clientless WebVPN, SSL VPN Client, AnyConnect client connections, HTTPS Management Sessions, Cut-Through Proxy for Network Access, and TLS Proxy for Encrypted Voice Inspection. Please refer to the details of the Crafted TLS Packet Vulnerability for additional information on these services. This vulnerability is documented in Cisco Bug ID CSCsj60659 and has been assigned Common Vulnerabilities and Exposures (CVE) identifier CVE-2008-2058. 5. Control-plane Access Control List Vulnerability +------------------------------------------------- Control-plane ACLs are designed to protect traffic destined to the security appliance. The following example uses the show running-config | include control-plane command to determine if a control-plane ACL is configured on the device: ASA# show running-config | include control-plane access-group 101 in interface inside control-plane ASA# This vulnerability is documented in Cisco Bug ID CSCsm67466 and has been assigned Common Vulnerabilities and Exposures (CVE) identifier CVE-2008-2059. Vulnerability Scoring Details ============================= Cisco has provided scores for the vulnerabilities in this advisory based on the Common Vulnerability Scoring System (CVSS). The CVSS scoring in this Security Advisory is done in accordance with CVSS version 2.0. CVSS is a standards-based scoring method that conveys vulnerability severity and helps determine urgency and priority of response. Cisco has provided a base and temporal score. Customers can then compute environmental scores to assist in determining the impact of the vulnerability in individual networks. Cisco has provided an FAQ to answer additional questions regarding CVSS at http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html Cisco has also provided a CVSS calculator to help compute the environmental impact for individual networks at http://intellishield.cisco.com/security/alertmanager/cvss CSCsm84110 - Crafted TCP ACK Packet Vulnerability CVSS Base Score - 7.8 Access Vector - Network Access Complexity - Low Authentication - None Confidentiality Impact - None Integrity Impact - None Availability Impact - Complete CVSS Temporal Score - 6.4 Exploitability - Functional Remediation Level - Official-Fix Report Confidence - Confirmed CSCsm26841 - Crafted TLS Packet Vulnerability CVSS Base Score - 7.8 Access Vector - Network Access Complexity - Low Authentication - None Confidentiality Impact - None Integrity Impact - None Availability Impact - Complete CVSS Temporal Score - 6.4 Exploitability - Functional Remediation Level - Official-Fix Report Confidence - Confirmed CSCso22981 - Instant Messenger Inspection Vulnerability CVSS Base Score - 7.8 Access Vector - Network Access Complexity - Low Authentication - None Confidentiality Impact - None Integrity Impact - None Availability Impact - Complete CVSS Temporal Score - 6.4 Exploitability - Functional Remediation Level - Official-Fix Report Confidence - Confirmed CSCsj60659 - Vulnerability Scan Denial of Service CVSS Base Score - 7.8 Access Vector - Network Access Complexity - Low Authentication - None Confidentiality Impact - None Integrity Impact - None Availability Impact - Complete CVSS Temporal Score - 6.4 Exploitability - Functional Remediation Level - Official-Fix Report Confidence - Confirmed CSCsm67466 - Control-plane Access Control List Vulnerability CVSS Base Score - 7.8 Access Vector - Network Access Complexity - Low Authentication - None Confidentiality Impact - Complete Integrity Impact - None Availability Impact - None CVSS Temporal Score - 6.4 Exploitability - Functional Remediation Level - Official-Fix Report Confidence - Confirmed Impact ====== Successful exploitation of the first four vulnerabilities may cause a reload of the affected device. Repeated exploitation could result in a sustained Denial-of-Service (DoS) condition. Successful exploitation of the fifth vulnerability may allow an attacker to bypass control-plane ACLs and successfully send malicious traffic to the device. Software Versions and Fixes =========================== When considering software upgrades, also consult http://www.cisco.com/go/psirt and any subsequent advisories to determine exposure and a complete upgrade solution. In all cases, customers should exercise caution to be certain the devices to be upgraded contain sufficient memory and that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, contact the Cisco Technical Assistance Center (TAC) or your contracted maintenance provider for assistance. The following list contains the first fixed software release of each vulnerability: +---------------------------------------+ | | Affected | First | | Vulnerability | Release | Fixed | | | | Release | |---------------+----------+------------| | | 7.0 | Not | | | | vulnerable | | |----------+------------| | | 7.1 | 7.1(2)70 | |Crafted TCP |----------+------------| | ACK Packet | 7.2 | 7.2(4) | |Vulnerability |----------+------------| | | 8.0 | 8.0(3)10 | | |----------+------------| | | 8.1 | Not | | | | vulnerable | |---------------+----------+------------| | | 7.0 | Not | | | | vulnerable | | |----------+------------| | | 7.1 | Not | | Crafted TLS | | vulnerable | |Packet |----------+------------| | Vulnerability | 7.2 | Not | | | | vulnerable | | |----------+------------| | | 8.0 | 8.0(3)9 | | |----------+------------| | | 8.1 | 8.1(1)1 | |---------------+----------+------------| | | 7.0 | Not | | | | vulnerable | | |----------+------------| | Instant | 7.1 | Not | | Messenger | | vulnerable | |Inspection |----------+------------| | Vulnerability | 7.2 | 7.2(4) | | |----------+------------| | | 8.0 | 8.0(3)10 | | |----------+------------| | | 8.1 | 8.1(1)2 | |---------------+----------+------------| | | 7.0 | Not | | | | vulnerable | | |----------+------------| | | 7.1 | Not | | Vulnerability | | vulnerable | |Scan Denial |----------+------------| | of Service | 7.2 | 7.2(3)2 | | |----------+------------| | | 8.0 | 8.0(2)17 | | |----------+------------| | | 8.1 | Not | | | | vulnerable | |---------------+----------+------------| | | 7.0 | Not | | | | vulnerable | | |----------+------------| | | 7.1 | Not | | Control-plane | | vulnerable | |Access |----------+------------| | Control List | 7.2 | Not | | Vulnerability | | vulnerable | | |----------+------------| | | 8.0 | 8.0(3)9 | | |----------+------------| | | 8.1 | Not | | | | vulnerable | +---------------------------------------+ Fixed PIX software can be downloaded from: http://www.cisco.com/pcgi-bin/tablebuild.pl/pix?psrtdcat20e2 Fix ASA software can be downloaded from: http://www.cisco.com/pcgi-bin/tablebuild.pl/asa?psrtdcat20e2 Workarounds =========== This Security Advisory describes multiple distinct vulnerabilities. These vulnerabilities and their respective workarounds are independent of each other. Crafted TCP ACK Packet Vulnerability +----------------------------------- As a workaround and best practice allow Telnet, SSH, and ASDM connections from only trusted hosts in your network. Additionally, filters that deny TCP ports 22, 23, 80, and 443 packets may be deployed throughout the network as part of a transit ACL (tACL) policy for protection of traffic which enters the network at ingress access points. This policy should be configured to protect the network device where the filter is applied and other devices behind it. Filters for packets using TCP ports 22, 23, 80, and 443 should also be deployed in front of vulnerable network devices so that traffic is only allowed from trusted clients. Additional information about tACLs is available in "Transit Access Control Lists : Filtering at Your Edge": http://www.cisco.com/en/US/tech/tk648/tk361/technologies_white_paper09186a00801afc76.shtml Crafted TLS Packet Vulnerability +------------------------------- There are no workarounds for this vulnerability. Instant Messenger Inspection Vulnerability The only workaround for this vulnerability is to disable IM inspection on the security appliance. Port Scan Denial of Service Vulnerability +---------------------------------------- There are no workarounds for this vulnerability. Control-plane Access Control List Vulnerability +---------------------------------------------- There are no workarounds for this vulnerability. Additional mitigation techniques that can be deployed on Cisco devices within the network are available in the Cisco Applied Mitigation Bulletin companion document for this advisory: http://www.cisco.com/warp/public/707/cisco-amb-20080604-asa.shtml Obtaining Fixed Software ======================== Cisco has released free software updates that address these vulnerabilities. Prior to deploying software, customers should consult their maintenance provider or check the software for feature set compatibility and known issues specific to their environment. Customers may only install and expect support for the feature sets they have purchased. By installing, downloading, accessing or otherwise using such software upgrades, customers agree to be bound by the terms of Cisco's software license terms found at http://www.cisco.com/en/US/products/prod_warranties_item09186a008088e31f.html, or as otherwise set forth at Cisco.com Downloads at http://www.cisco.com/public/sw-center/sw-usingswc.shtml Do not contact psirt@cisco.com or security-alert@cisco.com for software upgrades. Customers with Service Contracts +------------------------------- Customers with contracts should obtain upgraded software through their regular update channels. For most customers, this means that upgrades should be obtained through the Software Center on Cisco's worldwide website at http://www.cisco.com. Customers using Third Party Support Organizations +------------------------------------------------ Customers whose Cisco products are provided or maintained through prior or existing agreements with third-party support organizations, such as Cisco Partners, authorized resellers, or service providers should contact that support organization for guidance and assistance with the appropriate course of action in regards to this advisory. The effectiveness of any workaround or fix is dependent on specific customer situations, such as product mix, network topology, traffic behavior, and organizational mission. Due to the variety of affected products and releases, customers should consult with their service provider or support organization to ensure any applied workaround or fix is the most appropriate for use in the intended network before it is deployed. Customers without Service Contracts +---------------------------------- Customers who purchase direct from Cisco but do not hold a Cisco service contract, and customers who purchase through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should acquire upgrades by contacting the Cisco Technical Assistance Center (TAC). TAC contacts are as follows. * +1 800 553 2447 (toll free from within North America) * +1 408 526 7209 (toll call from anywhere in the world) * e-mail: tac@cisco.com Customers should have their product serial number available and be prepared to give the URL of this notice as evidence of entitlement to a free upgrade. Free upgrades for non-contract customers must be requested through the TAC. Refer to http://www.cisco.com/warp/public/687/Directory/DirTAC.shtml for additional TAC contact information, including localized telephone numbers, and instructions and e-mail addresses for use in various languages. Exploitation and Public Announcements ===================================== The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability described in this advisory. These vulnerabilities were found during internal testing and during the troubleshooting of a technical support service request. Status of this Notice: FINAL ============================ THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME. A stand-alone copy or Paraphrase of the text of this document that omits the distribution URL in the following section is an uncontrolled copy, and may lack important information or contain factual errors. Distribution ============ This advisory is posted on Cisco's worldwide website at : http://www.cisco.com/warp/public/707/cisco-sa-20080604-asa.shtml In addition to worldwide web posting, a text version of this notice is clear-signed with the Cisco PSIRT PGP key and is posted to the following e-mail and Usenet news recipients. * cust-security-announce@cisco.com * first-teams@first.org * bugtraq@securityfocus.com * vulnwatch@vulnwatch.org * cisco@spot.colorado.edu * cisco-nsp@puck.nether.net * full-disclosure@lists.grok.org.uk * comp.dcom.sys.cisco@newsgate.cisco.com Future updates of this advisory, if any, will be placed on Cisco's worldwide website, but may or may not be actively announced on mailing lists or newsgroups. Users concerned about this problem are encouraged to check the above URL for any updates. Revision History ================ +---------------------------------------+ | Revision | | Initial | | 1.0 | 2008-June-04 | public | | | | release | +---------------------------------------+ Cisco Security Procedures ========================= Complete information on reporting security vulnerabilities in Cisco products, obtaining assistance with security incidents, and registering to receive security information from Cisco, is available on Cisco's worldwide website at http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html This includes instructions for press inquiries regarding Cisco security notices. All Cisco security advisories are available at http://www.cisco.com/go/psirt -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (Darwin) iEYEARECAAYFAkhGwG8ACgkQ86n/Gc8U/uAXugCgl3ldbkYO1vTiMqcWSf7NPfNO oQgAn2DiTO9kCOY0anGos0sdjHU0jAai =30Rf -----END PGP SIGNATURE----- . 4) An unspecified error can be exploited to cause an affected system to reload via specially crafted network traffic (e.g. SOLUTION: Update to fixed versions (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.cisco.com/en/US/products/products_security_advisory09186a00809a8354.shtml ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------
VAR-200806-0196 CVE-2008-2056 Cisco PIX/ASA of TLS Service disruption in packet processing (DoS) Vulnerabilities CVSS V2: 7.8
CVSS V3: -
Severity: HIGH
Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 8.0.x before 8.0(3)9 and 8.1.x before 8.1(1)1 allows remote attackers to cause a denial of service (device reload) via a crafted Transport Layer Security (TLS) packet to the device interface. Cisco PIX and Cisco ASA are prone to multiple denial-of-service vulnerabilities and an unauthorized-access vulnerability. An attacker can exploit these issues to bypass ACL lists and to cause an affected device to reboot or crash. Only packets sent to the device, not through the device, can trigger this vulnerability. 1) An unspecified error in the processing of TCP ACK packets can be exploited to cause a DoS by sending a specially crafted packet to an affected device. This vulnerability affects software versions 7.1.x, 7.2.x, and 8.0.x. 2) An unspecified error in the handling of the TLS protocol can be exploited to cause an affected device to reload by sending a specially crafted TLS packet to an affected device. This vulnerability affects software version 8.0.x and 8.1.x. 3) An unspecified error in the Instant Messaging Inspection can be exploited to cause a DoS. Successful exploitation requires that Instant Messaging Inspection is enabled. This vulnerability affects software versions 7.2.x, 8.0.x, and 8.1.x. 4) An unspecified error can be exploited to cause an affected system to reload via specially crafted network traffic (e.g. by certain vulnerability / port scanners) to TCP port 443. This vulnerability affects software versions 7.2.x and 8.0.x. 5) An unspecified error causes the control-plane access control lists (ACL) to not work properly, which can be exploited to bypass configured control-plane ACLs. This vulnerability affects software versions 8.0.x. NOTE: Depending on the configuration some of the vulnerabilities are exploitable via the outside interface (please see the vendor's advisory for more information). SOLUTION: Update to fixed versions (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.cisco.com/en/US/products/products_security_advisory09186a00809a8354.shtml ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------
VAR-200806-0197 CVE-2008-2057 Cisco PIX/ASA of Instant Messenger (IM) Service disruption in the audit engine (DoS) Vulnerabilities CVSS V2: 5.4
CVSS V3: -
Severity: MEDIUM
The Instant Messenger (IM) inspection engine in Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.2.x before 7.2(4), 8.0.x before 8.0(3)10, and 8.1.x before 8.1(1)2 allows remote attackers to cause a denial of service via a crafted packet. Cisco PIX and Cisco ASA are prone to multiple denial-of-service vulnerabilities and an unauthorized-access vulnerability. An attacker can exploit these issues to bypass ACL lists and to cause an affected device to reboot or crash. Cisco ASA and Cisco PIX IM inspection engines are used to apply fine-grained control over IM usage in the network. 1) An unspecified error in the processing of TCP ACK packets can be exploited to cause a DoS by sending a specially crafted packet to an affected device. This vulnerability affects software versions 7.1.x, 7.2.x, and 8.0.x. 2) An unspecified error in the handling of the TLS protocol can be exploited to cause an affected device to reload by sending a specially crafted TLS packet to an affected device. This vulnerability affects software version 8.0.x and 8.1.x. 3) An unspecified error in the Instant Messaging Inspection can be exploited to cause a DoS. Successful exploitation requires that Instant Messaging Inspection is enabled. This vulnerability affects software versions 7.2.x, 8.0.x, and 8.1.x. 4) An unspecified error can be exploited to cause an affected system to reload via specially crafted network traffic (e.g. by certain vulnerability / port scanners) to TCP port 443. This vulnerability affects software versions 7.2.x and 8.0.x. 5) An unspecified error causes the control-plane access control lists (ACL) to not work properly, which can be exploited to bypass configured control-plane ACLs. This vulnerability affects software versions 8.0.x. NOTE: Depending on the configuration some of the vulnerabilities are exploitable via the outside interface (please see the vendor's advisory for more information). SOLUTION: Update to fixed versions (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.cisco.com/en/US/products/products_security_advisory09186a00809a8354.shtml ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------
VAR-200806-0198 CVE-2008-2058 Cisco PIX/ASA Service disruption in the processing of port scans (DoS) Vulnerabilities CVSS V2: 7.8
CVSS V3: -
Severity: HIGH
Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.2.x before 7.2(3)2 and 8.0.x before 8.0(2)17 allows remote attackers to cause a denial of service (device reload) via a port scan against TCP port 443 on the device. interferes with service operation (DoS) There is a possibility of being put into a state. Cisco PIX and Cisco ASA are prone to multiple denial-of-service vulnerabilities and an unauthorized-access vulnerability. An attacker can exploit these issues to bypass ACL lists and to cause an affected device to reboot or crash. Certain vulnerability/port scanners can cause system overloads. 1) An unspecified error in the processing of TCP ACK packets can be exploited to cause a DoS by sending a specially crafted packet to an affected device. This vulnerability affects software versions 7.1.x, 7.2.x, and 8.0.x. 2) An unspecified error in the handling of the TLS protocol can be exploited to cause an affected device to reload by sending a specially crafted TLS packet to an affected device. This vulnerability affects software version 8.0.x and 8.1.x. 3) An unspecified error in the Instant Messaging Inspection can be exploited to cause a DoS. Successful exploitation requires that Instant Messaging Inspection is enabled. This vulnerability affects software versions 7.2.x, 8.0.x, and 8.1.x. 4) An unspecified error can be exploited to cause an affected system to reload via specially crafted network traffic (e.g. by certain vulnerability / port scanners) to TCP port 443. This vulnerability affects software versions 7.2.x and 8.0.x. 5) An unspecified error causes the control-plane access control lists (ACL) to not work properly, which can be exploited to bypass configured control-plane ACLs. This vulnerability affects software versions 8.0.x. NOTE: Depending on the configuration some of the vulnerabilities are exploitable via the outside interface (please see the vendor's advisory for more information). SOLUTION: Update to fixed versions (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.cisco.com/en/US/products/products_security_advisory09186a00809a8354.shtml ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------
VAR-200806-0199 CVE-2008-2059 Cisco PIX/ASA Control plane at ACL Vulnerability to avoid CVSS V2: 7.8
CVSS V3: -
Severity: HIGH
Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 8.0.x before 8.0(3)9 allows remote attackers to bypass control-plane ACLs for the device via unknown vectors. Cisco PIX and Cisco ASA are prone to multiple denial-of-service vulnerabilities and an unauthorized-access vulnerability. An attacker can exploit these issues to bypass ACL lists and to cause an affected device to reboot or crash. Control-plane ACLs are used to secure traffic sent to security devices. 1) An unspecified error in the processing of TCP ACK packets can be exploited to cause a DoS by sending a specially crafted packet to an affected device. This vulnerability affects software versions 7.1.x, 7.2.x, and 8.0.x. 2) An unspecified error in the handling of the TLS protocol can be exploited to cause an affected device to reload by sending a specially crafted TLS packet to an affected device. This vulnerability affects software version 8.0.x and 8.1.x. 3) An unspecified error in the Instant Messaging Inspection can be exploited to cause a DoS. Successful exploitation requires that Instant Messaging Inspection is enabled. This vulnerability affects software versions 7.2.x, 8.0.x, and 8.1.x. 4) An unspecified error can be exploited to cause an affected system to reload via specially crafted network traffic (e.g. by certain vulnerability / port scanners) to TCP port 443. This vulnerability affects software versions 7.2.x and 8.0.x. 5) An unspecified error causes the control-plane access control lists (ACL) to not work properly, which can be exploited to bypass configured control-plane ACLs. This vulnerability affects software versions 8.0.x. NOTE: Depending on the configuration some of the vulnerabilities are exploitable via the outside interface (please see the vendor's advisory for more information). SOLUTION: Update to fixed versions (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.cisco.com/en/US/products/products_security_advisory09186a00809a8354.shtml ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------
VAR-200806-0053 CVE-2008-2535 Phoenix View CMS Pre Alpha2 In SQL Injection vulnerability CVSS V2: 7.5
CVSS V3: -
Severity: HIGH
Multiple SQL injection vulnerabilities in Phoenix View CMS Pre Alpha2 and earlier allow remote attackers to execute arbitrary SQL commands via the del parameter to (1) gbuch.admin.php, (2) links.admin.php, (3) menue.admin.php, (4) news.admin.php, and (5) todo.admin.php in admin/module/. (1) admin/module/ Subordinate gbuch.admin.php (2) admin/module/ Subordinate links.admin.php (3) admin/module/ Subordinate menue.admin.php (4) admin/module/ Subordinate news.admin.php (5) admin/module/ Subordinate todo.admin.php. Phoenix View Cms is prone to a sql-injection vulnerability
VAR-200806-0052 CVE-2008-2534 Fkrauthan Phoenix_view_cms "admin/admin_frame.php" Directory Traversal Vulnerability CVSS V2: 7.5
CVSS V3: -
Severity: HIGH
Directory traversal vulnerability in admin/admin_frame.php in Phoenix View CMS Pre Alpha2 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the ltarget parameter. ( Dot dot ) including ltarget Any local file may be included and executed via parameters. Phoenix View Cms is prone to a file-upload vulnerability