[Full-disclosure] [SECURITY] [DSA 1691-1] New moodle packages fix several vulnerabilities
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA-1691-1 secur...@debian.org http://www.debian.org/security/ Thijs Kinkhorst December 22, 2008 http://www.debian.org/security/faq - Package: moodle Vulnerability : several Problem type : remote Debian-specific: no CVE Id(s) : CVE-2007-3555 CVE-2008-1502 CVE-2008-3325 CVE-2008-3326 CVE-2008-4796 CVE-2008-4810 CVE-2008-4811 CVE-2008-5432 Debian Bugs: 432264 471158 489533 492492 504235 504345 508593 Several remote vulnerabilities have been discovered in Moodle, an online course management system. The following issues are addressed in this update, ranging from cross site scripting to remote code execution. Various cross site scripting issues in the Moodle codebase (CVE-2008-3326, CVE-2008-3325, CVE-2007-3555, CVE-2008-5432, MSA-08-0021, MDL-8849, MDL-12793, MDL-11414, MDL-14806, MDL-10276). Various cross site request forgery issues in the Moodle codebase (CVE-2008-3325, MSA-08-0023). Privilege escalation bugs in the Moodle codebase (MSA-08-0001, MDL-7755). SQL injection issue in the hotpot module (MSA-08-0010). An embedded copy of Smarty had several vulnerabilities (CVE-2008-4811, CVE-2008-4810). An embedded copy of Snoopy was vulnerable to cross site scripting (CVE-2008-4796). An embedded copy of Kses was vulnerable to cross site scripting (CVE-2008-1502). For the stable distribution (etch), these problems have been fixed in version 1.6.3-2+etch1. For the unstable distribution (sid), these problems have been fixed in version 1.8.2.dfsg-2. We recommend that you upgrade your moodle (1.6.3-2+etch1) package. Upgrade instructions - wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 4.0 alias etch - --- Source archives: http://security.debian.org/pool/updates/main/m/moodle/moodle_1.6.3-2+etch1.diff.gz Size/MD5 checksum:24019 d29c179786ca1dcadf232c5e9a601362 http://security.debian.org/pool/updates/main/m/moodle/moodle_1.6.3.orig.tar.gz Size/MD5 checksum: 7465709 2f9f3fcf83ab0f18c409f3a48e07eae2 http://security.debian.org/pool/updates/main/m/moodle/moodle_1.6.3-2+etch1.dsc Size/MD5 checksum: 793 d9a1fceaf316b608709be372d97e667a Architecture independent packages: http://security.debian.org/pool/updates/main/m/moodle/moodle_1.6.3-2+etch1_all.deb Size/MD5 checksum: 6592474 9a5fb5924faa639952c3171665bc347d These files will probably be moved into the stable distribution on its next update. - - For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-annou...@lists.debian.org Package info: `apt-cache show pkg' and http://packages.debian.org/pkg -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iQEVAwUBSU9O3Wz0hbPcukPfAQJEwwf9Hw1Rvt1FLIzzB4OsBKS91yaM+lqDwmfu pi7w5JXmc42AmaoVRCs23LxyqC30qV+vO3ZheYM7qgCZcrdpsWnYCOTy8Var6T0U hdeE7UeRdlaCMkMEHt505YxNMy7h0Z3HmhZB8ysuSTT9iQ2AAZMeUFJB1MUM/Yf2 8GiQcnIJMcaM8je0M7bjqzSYTA6H8EIuqZZk88FJHhWinMZLWGnKqUoG7cnFfOVd b0hKY093yf6hNT1pzx5a/a3PaKGjppGtZ+NnaBI8Q7YJvltqBb5lztWXFHuEJCWg 4Oo86NEb8/ARXGxugv0MUFvGPULfMVOTtnvF2BuTZLGZuvprofLy6Q== =kHvM -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Secunia Research: Trend Micro HouseCall ActiveX Control Arbitrary Code Execution
== Secunia Research 22/12/2008 - Trend Micro HouseCall ActiveX Control Arbitrary Code Execution - == Table of Contents Affected Software1 Severity.2 Vendor's Description of Software.3 Description of Vulnerability.4 Solution.5 Time Table...6 Credits..7 References...8 About Secunia9 Verification10 == 1) Affected Software * Trend Micro HouseCall ActiveX Control 6.51.0.1028 and 6.6.0.1278 NOTE: Other versions may also be affected. == 2) Severity Rating: Highly critical Impact: System comprimse Where: Remote == 3) Vendor's Description of Software Trend Micro HouseCall is an application for checking whether your computer has been infected by viruses, spyware, or other malware. HouseCall performs additional security checks to identify and fix vulnerabilities to prevent reinfection. Product Link: http://housecall.trendmicro.com/ == 4) Description of Vulnerability Secunia Research has discovered a vulnerability in Trend Micro HouseCall, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an implementation error within the HouseCall ActiveX control (Housecall_ActiveX.dll). This can be exploited to e.g. download and load an arbitrary library file by specifying a custom update server. Successful exploitation allows execution of arbitrary code. == 5) Solution Remove the ActiveX control and install version 6.6.0.1285. http://prerelease.trendmicro-europe.com/hc66/launch/ HouseCall Server Edition: Apply hotfix B1285. == 6) Time Table 18/08/2008 - Vendor notified. 19/08/2008 - Vendor response. 02/09/2008 - Vendor acknowledges vulnerability. 03/09/2008 - Vendor asks if version 6.6 is also affected. 03/09/2008 - Vendor informed that version 6.6 is not available. 09/09/2008 - Vendor informs that version 6.6 site is now accessible. 18/09/2008 - Vendor informed that version 6.6 is not affected by the current exploit, but will be checked in-depth later. 23/09/2008 - Vendor informed that version 6.6 is also vulnerable when using a slightly modified exploit. 27/09/2008 - Vendor provides status update. 13/11/2008 - Status update requested. 13/11/2008 - Vendor provides status update. 14/11/2008 - Vendor provides hotfix for testing. 14/11/2008 - Informed the vendor that the supplied hotfix does not address the vulnerability properly. 18/11/2008 - Vendor requests updated exploit. 19/11/2008 - Updated exploit sent to the vendor. 22/12/2008 - Status update requested. 22/12/2008 - Vendor informs that hotfix for SA31583 also fixes this vulnerability. 22/12/2008 - Public disclosure. == 7) Credits Discovered by Alin Rad Pop, Secunia Research. == 8) References The Common Vulnerabilities and Exposures (CVE) project has assigned CVE-2008-2434 for the vulnerability. == 9) About Secunia Secunia offers vulnerability management solutions to corporate customers with verified and reliable vulnerability intelligence relevant to their specific system configuration: http://secunia.com/advisories/business_solutions/ Secunia also provides a publicly accessible and comprehensive advisory database as a service to the security community and private individuals, who are interested in or concerned about IT-security. http://secunia.com/advisories/ Secunia believes that it is important to support the community and to do active vulnerability research in order to aid improving the security and reliability of software in general: http://secunia.com/secunia_research/ Secunia regularly hires new skilled team members. Check the URL below to see currently vacant positions: http://secunia.com/corporate/jobs/ Secunia
[Full-disclosure] rPSA-2008-0341-1 dovecot
rPath Security Advisory: 2008-0341-1 Published: 2008-12-22 Products: rPath Linux 1 rPath Linux 2 Rating: Severe Exposure Level Classification: Local User Deterministic Privilege Escalation Updated Versions: dovecot=conary.rpath@rpl:1/1.0.15-0.1-1 dovecot=conary.rpath@rpl:2/1.0.15-0.1-1 rPath Issue Tracking System: https://issues.rpath.com/browse/RPL-2930 References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4577 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4870 Description: Previous versions of the dovecot package contain multiple vulnerabilities, the most serious of which allow authenticated users to bypass intended access restrictions. http://wiki.rpath.com/Advisories:rPSA-2008-0341 Copyright 2008 rPath, Inc. This file is distributed under the terms of the MIT License. A copy is available at http://www.rpath.com/permanent/mit-license.html ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] This list has run its course
My spam folder is very happy! I wonder what the list will become now... On Tue, Dec 23, 2008 at 11:34 AM, James Rankin kz2...@googlemail.comwrote: Well just f*ck off then and cease babbling about it. Please, make my Spam folder happy. 2008/12/23 n3td3v xploita...@gmail.com This mailing list is no longer credible for serious researchers to be on. I'll be elsewhere, just not HERE. On Tue, Dec 23, 2008 at 6:07 AM, Biz Marqee biz.mar...@gmail.com wrote: you're obviously a lying cunt or you would have ceased posting to this list already. On Tue, Dec 23, 2008 at 4:15 PM, n3td3v xploita...@gmail.com wrote: n3td3v continues on the internet elsewhere just not HERE. On Tue, Dec 23, 2008 at 4:37 AM, Biz Marqee biz.mar...@gmail.com wrote: Good job faggot, its only been 3 years coming. I believe it was Immortal Technique who said it best, Just kill yourself! On Tue, Dec 23, 2008 at 9:53 AM, n3td3v xploita...@gmail.com wrote: Real researchers who should be taken seriously aren't taken seriously anymore. I'm leaving full-disclosure because of the abuse. It's just turned into flames to spin people up, I don't get a chance to talk about security or my skill set. It's abuse after abuse after abuse. Sorry, I can't take it anymore. Got to go, bye. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -- http://www.astorandblack.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] [USN-698-3] Nagios vulnerabilities
=== Ubuntu Security Notice USN-698-3 December 23, 2008 nagios2 vulnerabilities CVE-2008-5027, CVE-2008-5028 === A security issue affects the following Ubuntu releases: Ubuntu 8.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 8.04 LTS: nagios2 2.11-1ubuntu1.4 After a standard system upgrade you need to restart Nagios to effect the necessary changes. Details follow: It was discovered that Nagios was vulnerable to a Cross-site request forgery (CSRF) vulnerability. If an authenticated nagios user were tricked into clicking a link on a specially crafted web page, an attacker could trigger commands to be processed by Nagios and execute arbitrary programs. This update alters Nagios behaviour by disabling submission of CMD_CHANGE commands. (CVE-2008-5028) It was discovered that Nagios did not properly parse commands submitted using the web interface. An authenticated user could use a custom form or a browser addon to bypass security restrictions and submit unauthorized commands. (CVE-2008-5027) Updated packages for Ubuntu 8.04 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/universe/n/nagios2/nagios2_2.11-1ubuntu1.4.diff.gz Size/MD5:37439 1e9c238bb21704f42d6275c31cf99108 http://security.ubuntu.com/ubuntu/pool/universe/n/nagios2/nagios2_2.11-1ubuntu1.4.dsc Size/MD5: 1174 99b9d7ca524be867d538f8f39d52f0cf http://security.ubuntu.com/ubuntu/pool/universe/n/nagios2/nagios2_2.11.orig.tar.gz Size/MD5: 1741962 058c1f4829de748b42da1b584941 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/universe/n/nagios2/nagios2-common_2.11-1ubuntu1.4_all.deb Size/MD5:61506 c4f5c96b1c8be0e58c362eb005efba9c http://security.ubuntu.com/ubuntu/pool/universe/n/nagios2/nagios2-doc_2.11-1ubuntu1.4_all.deb Size/MD5: 1135002 0515ced55e66978706203bdac4055b39 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/universe/n/nagios2/nagios2-dbg_2.11-1ubuntu1.4_amd64.deb Size/MD5: 1640150 d23994c62750473a55138f10935318b6 http://security.ubuntu.com/ubuntu/pool/universe/n/nagios2/nagios2_2.11-1ubuntu1.4_amd64.deb Size/MD5: 1106218 d2ca0e16009ae6738cae6efd29f243df i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/universe/n/nagios2/nagios2-dbg_2.11-1ubuntu1.4_i386.deb Size/MD5: 1552138 4a165fc1202e3dcc4c7af4eeaa8f14cb http://security.ubuntu.com/ubuntu/pool/universe/n/nagios2/nagios2_2.11-1ubuntu1.4_i386.deb Size/MD5: 987174 73ba6b8faef90259a965ad3c2aee176e lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/universe/n/nagios2/nagios2-dbg_2.11-1ubuntu1.4_lpia.deb Size/MD5: 1586750 161d8bbc1d2f8251aa0888c326152763 http://ports.ubuntu.com/pool/universe/n/nagios2/nagios2_2.11-1ubuntu1.4_lpia.deb Size/MD5: 999124 984199f0814041fb1d3be332c78a1084 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/universe/n/nagios2/nagios2-dbg_2.11-1ubuntu1.4_powerpc.deb Size/MD5: 1609376 fc3975c98bf065371fd8a0230d1007c5 http://ports.ubuntu.com/pool/universe/n/nagios2/nagios2_2.11-1ubuntu1.4_powerpc.deb Size/MD5: 1109530 a5e36a48935587ccfc565376a5ea58fa sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/universe/n/nagios2/nagios2-dbg_2.11-1ubuntu1.4_sparc.deb Size/MD5: 1448326 2fc971f58d9891abd1d2babe018742ef http://ports.ubuntu.com/pool/universe/n/nagios2/nagios2_2.11-1ubuntu1.4_sparc.deb Size/MD5: 989588 158c615af339c126f07fcc8b3e05480a signature.asc Description: This is a digitally signed message part ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Protection Software?
Is there any aditional software for this type os attacks? Unknown Alert Image_ICON_Malformed - 210-250.amazon.com (72.21.210.250) HTTP_Unknown_Protocol ... - 204.15.127.241 HTTP_Unknown_Protocol ... - 210.23.9.16 HTTP_Unknown_Protocol ... - 69.65.41.168 Image_ICON_Malformed - a88-221-32-146.deploy.akamaitechnologies.com (88.221.32.146) Image_PNG_Malformed . - cds106.lon.llnw.net (87.248.210.136) HTTP_Unknown_Protocol ... - custip.dcs.net (217.78.33.135) HTTP_Unknown_Protocol ... - din.buscape.com.br (200.143.19.66) UPX_Packed_Executable ... - hosted-by.leaseweb.com (85.17.237.203) Image_ICON_Malformed - nwk-www.apple.com (17.149.160.10) HTTP_Unknown_Protocol ... - one.cbox.ws (63.246.147.200) Image_PNG_Malformed . - wapalizer.com (72.19.233.238) HTTP_Unknown_Protocol ... - www2.hardstore.com (217.78.33.139) Orange Alert HTML_Image_Source ... - 69.31.85.211 HTML_NullChar_Evasion ... - 140.72.233.72.static.reverse.ltdomains.com (72.233.72.140) HTML_NullChar_Evasion ... - apache2-moon.dalitz.dreamhost.com (67.205.28.205) HTML_NullChar_Evasion ... - a195-8-10-6.deploy.akamaitechnologies.com (195.8.10.6) HTML_NullChar_Evasion ... - excentric.servismart.net (195.22.24.211) Especially here (Full Disclosure) HTML_NullChar_Evasion ... - gossamer-threads.com (208.70.244.160) JavaScript_Large_Unescape - hb.bos.lycos.com (209.202.254.61) JavaScript_Large_Unescape - image.ig.com.br (200.225.157.30) TCP_Within_Window_DoS ... - lm-in-f18.google.com (66.102.9.18) TCP_Within_Window_DoS ... - lm-in-f19.google.com (66.102.9.19) TCP_Within_Window_DoS ... - lm-in-f83.google.com (66.102.9.83) HTML_NullChar_Evasion ... - mobile9.com (75.126.130.227) Javascript_Large_Unescape - rapidshare.de (130.117.156.250) HTML_NullChar_Evasion ... - serversomewhere.com (74.55.126.82) Red Alert Content_Compound_File_Bad_Extension - 80-239-236-136.customer.teliacarrier.com (80.239.236.136) HTTP_GETargscript . - bCL-T019-221CL/b HTTP_POST_Script .. - fg-in-f191.google.com (72.14.221.191) JavaScript_NOOP_Sled .. - host50-5-103-94.hostteam.org (94.103.5.50) Red Extreme Alert HTTP_Apache_SlashSlash .. - andronike.zaxihosting.com (64.191.5.165) iDetalhes para bCL-T019-221CL/b/i IP: 72.55.133.89 DNS: ip-72-55-133-89.static.privatedns.com Node: CL-T019-221CL Group: WORKGROUP NetBIOS: WORKGROUP MAC: 001A92931814 ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] This list has run its course
Without this clown, it will be a bit more professional ... 2008/12/23, James Matthews nytrok...@gmail.com: My spam folder is very happy! I wonder what the list will become now... On Tue, Dec 23, 2008 at 11:34 AM, James Rankin kz2...@googlemail.comwrote: Well just f*ck off then and cease babbling about it. Please, make my Spam folder happy. 2008/12/23 n3td3v xploita...@gmail.com This mailing list is no longer credible for serious researchers to be on. I'll be elsewhere, just not HERE. On Tue, Dec 23, 2008 at 6:07 AM, Biz Marqee biz.mar...@gmail.com wrote: you're obviously a lying cunt or you would have ceased posting to this list already. On Tue, Dec 23, 2008 at 4:15 PM, n3td3v xploita...@gmail.com wrote: n3td3v continues on the internet elsewhere just not HERE. On Tue, Dec 23, 2008 at 4:37 AM, Biz Marqee biz.mar...@gmail.com wrote: Good job faggot, its only been 3 years coming. I believe it was Immortal Technique who said it best, Just kill yourself! On Tue, Dec 23, 2008 at 9:53 AM, n3td3v xploita...@gmail.com wrote: Real researchers who should be taken seriously aren't taken seriously anymore. I'm leaving full-disclosure because of the abuse. It's just turned into flames to spin people up, I don't get a chance to talk about security or my skill set. It's abuse after abuse after abuse. Sorry, I can't take it anymore. Got to go, bye. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -- http://www.astorandblack.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] [USN-677-2] OpenOffice.org Internationalization update
=== Ubuntu Security Notice USN-677-2 December 23, 2008 openoffice.org-l10n update https://launchpad.net/bugs/310359 === A security issue affects the following Ubuntu releases: Ubuntu 8.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 8.04 LTS: openoffice.org-l10n-af 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-ar 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-as-in 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-be-by 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-bg 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-bn 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-br 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-bs 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-ca 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-common 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-cs 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-cy 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-da 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-de 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-dz 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-el 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-en-gb 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-en-za 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-eo 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-es 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-et 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-eu 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-fa 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-fi 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-fr 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-ga 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-gl 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-gu-in 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-he 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-hi-in 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-hr 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-hu 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-it 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-ja 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-ka 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-km 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-kn 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-ko 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-ku 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-lo 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-lt 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-lv 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-mk 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-ml-in 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-mr-in 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-nb 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-ne 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-nl 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-nn 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-nr 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-ns 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-or-in 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-pa-in 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-pl 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-pt 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-pt-br 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-ro 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-ru 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-rw 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-sk 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-sl 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-sr 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-ss 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-st 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-sv 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-sw 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-ta-in 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-te-in 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-tg 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-th 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-ti-er 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-tn 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-tr 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-ts 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-uk 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-ur-in 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-uz 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-ve 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-vi 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-xh 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-zh-cn 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-zh-tw 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-zu 1:2.4.1-1ubuntu2.1 In general, a standard system upgrade is sufficient to effect the necessary
Re: [Full-disclosure] STAR - A frontend to RATS
Looks good i am going to check it out soon against some php code. I love writing in python and will try to contribute to the code On Tue, Dec 23, 2008 at 5:35 PM, Ben comsat...@earthlink.net wrote: All, While bored at work this past week I decided to throw together a front end for the Rough Auditing Tool for Security (RATS). It supports most features of RATS and runs on both win32 and nix systems. Development was in Python (PyQt4) and the app has been packaged using py2exe. See http://www.socialnetworkwhore.com/ for screen shots and downloads. Any cool feature ideas would be appreciated :) Have a great day, Ben P.S. Source code coming soon :) ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -- http://www.astorandblack.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] [ GLSA 200812-21 ] ClamAV: Multiple vulnerabilities
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200812-21 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: ClamAV: Multiple vulnerabilities Date: December 23, 2008 Bugs: #245450, #249833 ID: 200812-21 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis Two vulnerabilities in ClamAV may allow for the remote execution of arbitrary code or a Denial of Service. Background == Clam AntiVirus is a free anti-virus toolkit for UNIX, designed especially for e-mail scanning on mail gateways. Affected packages = --- Package / Vulnerable / Unaffected --- 1 app-antivirus/clamav 0.94.2 = 0.94.2 Description === Moritz Jodeit reported an off-by-one error within the get_unicode_name() function in libclamav/vba_extract.c when processing VBA project files (CVE-2008-5050). Ilja van Sprundel reported an infinite recursion error within the cli_check_jpeg_exploit() function in libclamav/special.c when processing JPEG files (CVE-2008-5314). Impact == A remote attacker could send a specially crafted VBA or JPEG file to the clamd daemon, possibly resulting in the remote execution of arbitrary code with the privileges of the user running the application or a Denial of Service. Workaround == There is no known workaround at this time. Resolution == All ClamAV users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose =app-antivirus/clamav-0.94.2 References == [ 1 ] CVE-2008-5050 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5050 [ 2 ] CVE-2008-5314 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5314 Availability This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-200812-21.xml Concerns? = Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to secur...@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org. License === Copyright 2008 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 signature.asc Description: OpenPGP digital signature ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] [ GLSA 200812-22 ] Ampache: Insecure temporary file usage
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200812-22 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Ampache: Insecure temporary file usage Date: December 23, 2008 Bugs: #237483 ID: 200812-22 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis An insecure temporary file usage has been reported in Ampache, allowing for symlink attacks. Background == Ampache is a PHP based tool for managing, updating and playing audio files via a web interface. Affected packages = --- Package / Vulnerable / Unaffected --- 1 www-apps/ampache3.4.3 = 3.4.3 Description === Dmitry E. Oboukhov reported an insecure temporary file usage within the gather-messages.sh script. Impact == A local attacker could perform symlink attacks to overwrite arbitrary files with the privileges of the user running the application. Workaround == There is no known workaround at this time. Resolution == All Ampache users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose =www-apps/ampache-3.4.3 References == [ 1 ] CVE-2008-3929 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3929 Availability This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-200812-22.xml Concerns? = Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to secur...@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org. License === Copyright 2008 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 signature.asc Description: OpenPGP digital signature ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] [ GLSA 200812-23 ] Imlib2: User-assisted execution of arbitrary code
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200812-23 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Imlib2: User-assisted execution of arbitrary code Date: December 23, 2008 Bugs: #248057 ID: 200812-23 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis A buffer overflow vulnerability has been discovered in Imlib2. Background == Imlib2 is replacement library from the Enlightenment project for libraries like libXpm. Affected packages = --- Package/ Vulnerable /Unaffected --- 1 media-libs/imlib2 1.4.2-r1 = 1.4.2-r1 Description === Julien Danjou reported a pointer arithmetic error and a heap-based buffer overflow within the load() function of the XPM image loader. Impact == A remote attacker could entice a user to process a specially crafted XPM image, possibly resulting in the remote execution of arbitrary code with the privileges of the user running the application, or a Denial of Service. Workaround == There is no known workaround at this time. Resolution == All Imlib2 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose =media-libs/imlib2-1.4.2-r1 References == [ 1 ] CVE-2008-5187 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5187 Availability This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-200812-23.xml Concerns? = Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to secur...@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org. License === Copyright 2008 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 signature.asc Description: OpenPGP digital signature ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] [ GLSA 200812-24 ] VLC: Multiple vulnerabilities
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200812-24 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: VLC: Multiple vulnerabilities Date: December 24, 2008 Bugs: #245774, #249391 ID: 200812-24 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis Multiple vulnerabilities in VLC may lead to the remote execution of arbitrary code. Background == VLC is a cross-platform media player and streaming server. Affected packages = --- Package / Vulnerable / Unaffected --- 1 media-video/vlc 0.9.8a = 0.9.8a Description === Tobias Klein reported the following vulnerabilities: * A stack-based buffer overflow when processing CUE image files in modules/access/vcd/cdrom.c (CVE-2008-5032). * A stack-based buffer overflow when processing RealText (.rt) subtitle files in the ParseRealText() function in modules/demux/subtitle.c (CVE-2008-5036). * An integer overflow when processing RealMedia (.rm) files in the ReadRealIndex() function in real.c in the Real demuxer plugin, leading to a heap-based buffer overflow (CVE-2008-5276). Impact == A remote attacker could entice a user to open a specially crafted CUE image file, RealMedia file or RealText subtitle file, possibly resulting in the execution of arbitrary code with the privileges of the user running the application. Workaround == There is no known workaround at this time. Resolution == All VLC users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose =media-video/vlc-0.9.8a References == [ 1 ] CVE-2008-5032 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5032 [ 2 ] CVE-2008-5036 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5036 [ 3 ] CVE-2008-5276 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5276 Availability This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-200812-24.xml Concerns? = Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to secur...@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org. License === Copyright 2008 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 signature.asc Description: OpenPGP digital signature ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] [USN-700-1] Perl vulnerabilities
=== Ubuntu Security Notice USN-700-1 December 24, 2008 libarchive-tar-perl, perl vulnerabilities CVE-2007-4829, CVE-2008-1927, CVE-2008-5302, CVE-2008-5303 === A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.10 Ubuntu 8.04 LTS Ubuntu 8.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: libarchive-tar-perl 1.26-2ubuntu0.1 libperl5.8 5.8.7-10ubuntu1.2 Ubuntu 7.10: libarchive-tar-perl 1.31-1ubuntu0.1 libperl5.8 5.8.8-7ubuntu3.4 perl-modules5.8.8-7ubuntu3.4 Ubuntu 8.04 LTS: libarchive-tar-perl 1.36-1ubuntu0.1 libperl5.8 5.8.8-12ubuntu0.3 perl-modules5.8.8-12ubuntu0.3 Ubuntu 8.10: perl-modules5.10.0-11.1ubuntu2.2 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Jonathan Smith discovered that the Archive::Tar Perl module did not correctly handle symlinks when extracting archives. If a user or automated system were tricked into opening a specially crafted tar file, a remote attacker could over-write arbitrary files. (CVE-2007-4829) Tavis Ormandy and Will Drewry discovered that Perl did not correctly handle certain utf8 characters in regular expressions. If a user or automated system were tricked into using a specially crafted expression, a remote attacker could crash the application, leading to a denial of service. Ubuntu 8.10 was not affected by this issue. (CVE-2008-1927) A race condition was discovered in the File::Path Perl module's rmtree function. If a local attacker successfully raced another user's call of rmtree, they could create arbitrary setuid binaries. Ubuntu 6.06 and 8.10 were not affected by this issue. (CVE-2008-5302) A race condition was discovered in the File::Path Perl module's rmtree function. If a local attacker successfully raced another user's call of rmtree, they could delete arbitrary files. Ubuntu 6.06 was not affected by this issue. (CVE-2008-5303) Updated packages for Ubuntu 6.06 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/liba/libarchive-tar-perl/libarchive-tar-perl_1.26-2ubuntu0.1.diff.gz Size/MD5: 8837 c953b58878f093a044810e93df655838 http://security.ubuntu.com/ubuntu/pool/main/liba/libarchive-tar-perl/libarchive-tar-perl_1.26-2ubuntu0.1.dsc Size/MD5: 714 8129a906b68bc1ebeda90ba141fbba82 http://security.ubuntu.com/ubuntu/pool/main/liba/libarchive-tar-perl/libarchive-tar-perl_1.26.orig.tar.gz Size/MD5:35070 f649c69d89fdc56b2c5985a672cd941a http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.7-10ubuntu1.2.diff.gz Size/MD5: 170064 cfbae74f27b4cc8da11f2741e9984c9a http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.7-10ubuntu1.2.dsc Size/MD5: 783 bc48c98dc8ec1021a73b7205cb5dfc63 http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.7.orig.tar.gz Size/MD5: 12512211 dacefa1fe3c5b6d7bbc334ad94826131 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/liba/libarchive-tar-perl/libarchive-tar-perl_1.26-2ubuntu0.1_all.deb Size/MD5:44768 ea5696c18ac838b739ddfd322a94b102 http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-doc_5.8.7-10ubuntu1.2_all.deb Size/MD5: 7207574 e453613c119d963da067b43fe3b3e645 http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-modules_5.8.7-10ubuntu1.2_all.deb Size/MD5: 2325834 a3d3e984f8052f11079667213b6b01ea http://security.ubuntu.com/ubuntu/pool/universe/p/perl/libcgi-fast-perl_5.8.7-10ubuntu1.2_all.deb Size/MD5:40060 097c64fa302bd9cea19c5ed878b809fd amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl-dev_5.8.7-10ubuntu1.2_amd64.deb Size/MD5: 641018 262d7e8628526d18d88b0186e1e752e3 http://security.ubuntu.com/ubuntu/pool/main/p/perl/libperl5.8_5.8.7-10ubuntu1.2_amd64.deb Size/MD5: 1012 095f9d5fb34a74e10f6f4bd57010712a http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-base_5.8.7-10ubuntu1.2_amd64.deb Size/MD5: 820964 1fe941655784482d3f714dce21666ce6 http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-suid_5.8.7-10ubuntu1.2_amd64.deb Size/MD5:31474 e08eba738fef99eb3faa7249582bf1b0 http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.7-10ubuntu1.2_amd64.deb Size/MD5: 3978652 28ad13b9d303e0dfc8c2d8680feb8caa http://security.ubuntu.com/ubuntu/pool/universe/p/perl/perl-debug_5.8.7-10ubuntu1.2_amd64.deb Size/MD5: 2639818