Apache-Talk @lexa.ru 

Inet-Admins @info.east.ru 

Filmscanners @halftone.co.uk 

Security-alerts @yandex-team.ru 

nginx-ru @sysoev.ru 

   


   


   

















      :: Security-alerts
Security-Alerts mailing list archive (security-alerts@yandex-team.ru)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[security-alerts] FW: @RISK: The Consensus Security Vulnerability Alert Vol. 6 No. 41



>
> *****************************
> Widely Deployed Software
> *****************************
>
> (1) CRITICAL: Adobe PDF Viewer Remote Code Execution
> Affected:
> Adobe Reader versions 8.1 and prior
> Adobe Acrobat versions 8.1 and prior
> Adobe Acrobat Elements versions 8.1 and prior
> Adobe Acrobat 3D
>
> Description: Adobe has disclosed information related to a remote code
> execution vulnerability in its Portable Document Format (PDF) viewing
> applications that was discussed in an earlier edition of @RISK. A
> specially crafted PDF file could trigger this vulnerability to execute
> arbitrary code when the file is viewed. Only systems running Microsoft
> Windows XP and Microsoft Internet Explorer 7 are vulnerable. Microsoft
> Windows Vista is not affected. The flaw relates to a failure
> to properly
> handle URLs included in PDF files. Some technical details for this
> vulnerability are publicly available, and a proof-of-concept
> is believed
> to be available in the wild.
>
> Status: Adobe confirmed, no updates available. A workaround
> is available
> in Adobe's advisory.
>
> References:
> Adobe Security Advisory
> http://www.adobe.com/support/security/advisories/apsa07-04.html
> Previous @RISK Entry
> http://www.sans.org/newsletters/risk/display.php?v=7&i=39#widely5
> Slashdot Discussion
> http://it.slashdot.org/article.pl?sid=07/10/08/1340224
> SecurityFocus BID
> http://www.securityfocus.com/bid/25748
>
> **********************************************************
>
> (2) HIGH: Borland InterBase and Firebird Databases Multiple
> Buffer Overflows
> Affected:
> Firebird versions 2.0.1 and prior
> Borland InterBase versions 2007 SP2 and prior
>
> Description: Borland InterBase is a popular enterprise
> database server.
> The Firebird database is a popular database server based on the open
> source release of Borland InterBase. These servers contain multiple
> buffer overflow vulnerabilities in their handling of database
> requests.
> A specially crafted request to the database server could
> trigger one of
> these buffer overflows and execute arbitrary code with the privileges
> of the vulnerable process. Some of these buffer overflows may be
> exploitable via SQL injection vulnerabilities in externally facing
> websites. Multiple exploits are available for these vulnerabilities.
>
> Status: Firebird updates available. No vendor-supplied patches appear
> to be available for Borland InterBase.
>
> References:
> Exploits
> http://downloads.securityfocus.com/vulnerabilities/exploits/ib
> _inet_connect.rb
> http://downloads.securityfocus.com/vulnerabilities/exploits/ib
> _jrd8_create_database.rb
> http://downloads.securityfocus.com/vulnerabilities/exploits/ib
> _open_marker_file.rb
> http://downloads.securityfocus.com/vulnerabilities/exploits/ib
> _pwd_db_aliased.rb
> http://downloads.securityfocus.com/vulnerabilities/exploits/ib
> _isc_attach_database.rb
> http://downloads.securityfocus.com/vulnerabilities/exploits/ib
> _isc_create_database.rb
> http://downloads.securityfocus.com/vulnerabilities/exploits/ib
> _svc_attach.rb
> http://downloads.securityfocus.com/vulnerabilities/exploits/fb
> _isc_attach_database.rb
> http://downloads.securityfocus.com/vulnerabilities/exploits/fb
> _isc_create_database.rb
> http://downloads.securityfocus.com/vulnerabilities/exploits/fb
> _svc_attach.rb
> Product Home Pages
> http://www.codegear.com/products/interbase
> http://www.firebirdsql.org/
> SecurityFocus BID
> http://www.securityfocus.com/bid/25917
>
> **********************************************************
>
> (3) HIGH: Apple QuickTime Arbitrary Script Injection Vulnerability
> Affected:
> Apple QuickTime for Windows versions 7.2 and prior
>
> Description:  QuickTime is Apple's streaming media framework, and is
> available for Apple Mac OS X and Microsoft Windows. The Microsoft
> Windows version contains a flaw in its handling of URLs. A specially
> crafted QuickTime Link (QTL) file containing a URL could trigger this
> vulnerability and allow an attacker to execute arbitrary script code
> with the privileges of the current user. This issue may be related to
> an issue discussed in a previous @RISK. Note that this issue only
> affects QuickTime when installed on Microsoft Windows; QuickTime on
> Apple Mac OS X is not affected.
>
> Status: Apple confirmed, updates available.
>
> References:
> Apple Security Advisory
> http://docs.info.apple.com/article.html?artnum=306560
> Previous @RISK Entry
> http://www.sans.org/newsletters/risk/display.php?v=7&i=38#widely3
> SecurityFocus BID
> http://www.securityfocus.com/bid/25913
>
> **********************************************************
>
> (4) MODERATE: X.org/Sun X Font Server Multiple Vulnerabilities
> Affected:
> X.org X Font Server versions 1.0.4 and prior
>
> Description: The X Font Server is used by the X Window System to serve
> fonts to remote clients for display. The X.org reference
> implementation
> of this software is considered to be the standard
> implementation and is
> the most widely deployed version. It is installed by default
> on numerous
> Unix, Unix-like, and Linux operating systems. It contains multiple
> memory corruption vulnerabilities. A specially crafted request to the
> server could exploit one of these vulnerabilities an allow an attacker
> to execute arbitrary code with the privileges of the
> vulnerable process.
> While the vulnerable software is installed on a wide selection of
> operating systems, Sun's Solaris  is the only major operating system
> known to expose the vulnerable software remotely.  Technical
> details for
> this  vulnerability are available via source code analysis. Other X
> implementations, such as XFree86 may also be vulnerable, but currently
> only the X.org implementation included with Sun Solaris is known to be
> remotely vulnerable.
>
> Status: X.org confirmed, updates available. Users can mitigate the
> impact of this vulnerability by blocking access to TCP port
> 7100 at the
> network perimeter, if possible.
>
> References:
> X.org Security Advisory
> http://lists.freedesktop.org/archives/xorg-announce/2007-Octob
> er/000416.html
> iDefense Security Advisory
> http://labs.idefense.com/intelligence/vulnerabilities/display.
> php?id=602
> Wikipedia Article on the X Window System
> http://en.wikipedia.org/wiki/X_Window_System
> Vendor Home Page
> http://www.x.org/wiki
> SecurityFocus BID
> http://www.securityfocus.com/bid/25898
>
> **********************************************************
>
> (5) MODERATE: Sun Java Runtime Environment Multiple Vulnerabilities
> Affected:
> Sun Java Runtime Environment version 6 Update 2 and prior
> Sun Java Development Kit version 6 Update 2 and prior
>
> Description: The Sun Java Runtime Environment contains multiple
> vulnerabilities. A specially crafted applet or application
> could exploit
> these vulnerabilities to access web pages or other network services
> other than the server that originated the applet, access
> arbitrary local
> files, or disclose information to the attacker. Some technical details
> are publicly available for these vulnerabilities. The Sun Java Runtime
> Environment is installed by default on Sun Solaris, Apple Mac
> OS X, some
> Unix and Unix-like systems, some Linux distributions, and is
> very often
> installed on Microsoft Windows.
>
> Status: Sun confirmed, updates available.
>
> References:
> Sun Security Advisories
> http://sunsolve.sun.com/search/document.do?assetkey=1-26-103072-1
> http://sunsolve.sun.com/search/document.do?assetkey=1-26-103073-1
> http://sunsolve.sun.com/search/document.do?assetkey=1-26-103079-1
> http://sunsolve.sun.com/search/document.do?assetkey=1-26-103078-1
> SecurityFocus BID
> http://www.securityfocus.com/bid/25918
>
>



 




Copyright © Lexa Software, 1996-2009.