Showing posts with label security. Show all posts
Showing posts with label security. Show all posts

Thursday, October 11, 2007

Microsoft Security Advisory (943521) - URL Handling Vulnerability

There is an URL handling vulnerability potentially allowing remote code execution in Windows XP and Windows Server 2003 systems equipped with Internet Explorer 7. Systems using other Internet Explorer versions seem not to be affected by this bug.

At this moment there is no evidence that this vulnerability has lead to any attack, but Microsoft is investigating the public reports that announced the vulnerability.

Obviously, if confirmed, this vulnerability will be patched as soon as possible by Microsoft.
In the meantime... use Firefox or Opera.
alle No comments:
Tags: ,

Friday, October 5, 2007

Ubuntu security bulletins (USN-525-1 - libsndfile vulnerabilities)

USN-525-1: libsndfile vulnerabilities
Threat-level (*): Moderate

Affected Ubuntu versions:
  • Ubuntu 6.06 LTS
  • Ubuntu 6.10
  • Ubuntu 7.04
  • (and the corresponding versions of Kubuntu, Edubuntu, and Xubuntu)
It's recommended that you perform (at least) a standard system upgrade to avoid possible:
  • Remote attacks based on wrong memory buffers handling of the libsndfile library, with the following consequences:
    • arbitrary code execution with the user privileges if a specially crafted FLAC file is executed on the attacked system

________
(*) = IMHO = It's just my opinion...
alle No comments:
Tags: , ,

Ubuntu security bulletins (USN-524-1 - OpenOffice vulnerabilities)

USN-524-1: OpenOffice vulnerabilities
Threat-level (*): Moderate

Affected Ubuntu versions:
  • Ubuntu 6.06 LTS
  • Ubuntu 6.10
  • Ubuntu 7.04
  • (and the corresponding versions of Kubuntu, Edubuntu, and Xubuntu)
It's recommended that you perform (at least) a standard system upgrade to avoid possible:
  • Remote attacks based on an integer overflow of the OpenOffice suite, with the following consequences:
    • arbitrary code execution with the user privileges

NOTE: OpenOffice needs to be restarted for the changes to be applied.
________
(*) = IMHO = It's just my opinion...
alle No comments:
Tags: , ,

Thursday, October 4, 2007

Ubuntu security bulletins (USN-523-1 - ImageMagick vulnerabilities)

USN-523-1: ImageMagick vulnerabilities
Threat-level (*): Less-than-moderate

Affected Ubuntu versions:
  • Ubuntu 6.06 LTS
  • Ubuntu 6.10
  • Ubuntu 7.04
  • (and the corresponding versions of Kubuntu, Edubuntu, and Xubuntu)
It's recommended that you perform (at least) a standard system upgrade to avoid possible:
  • Remote attacks based on flaws of the ImageMagick libraries, with the following consequences:
    • arbitrary code execution with user privileges

________
(*) = IMHO = It's just my opinion...
alle No comments:
Tags: , ,

Tuesday, September 25, 2007

Ubuntu security bulletins (USN-518-1 - Kernel vulnerabilities)

USN-518-1: Linux kernel vulnerabilities
Threat-level (*): moderate

Affected Ubuntu versions:
  • Ubuntu 6.06 LTS
  • Ubuntu 6.10
  • Ubuntu 7.04
  • (and the corresponding versions of Kubuntu, Edubuntu, and Xubuntu)
It's strongly recommended that you perform (at least) a standard system upgrade to avoid possible:
  • Local attacks based on ptrace routines, with the following consequences:
    • denial of service
  • Local attacks on PowerPC computers, with the following consequences:
    • denial of service
  • Local attacks performed exploiting a CIFS filesystems vulnerability, with the following consequences:
    • privileges escalation (gain of additional privileges on the local system)
  • Local attacks that exploits some x86_64 kernels vulnerabilities, with the following consequences:
    • privileges escalation (gain of root privileges on the local system)
NOTE: After the upgrade for the changes to affect your system you must restart your computer.

________
(*) = IMHO = It's just my opinion...
alle No comments:
Tags: , ,

Friday, September 21, 2007

PDF Vulnerability

ENGLISH VERSION:
Please pay attention while opening Adobe PDF files: a very dangerous vulnerability has been found, affecting Adobe readers until Adobe Reader 8.1 (included).
Also Fox-It reader seems to be affected, altough in a less severe way.
Both embedded and standalone versions of a document are affected by this vulnerability.

The only solution is to avoid opening PDF files from non-trusted sources.
(Evince or other Linux readers aren't cited in the vulnerabilty report)


ITA VERSION:
Attenzione: una grave vulnerabilità è stata riscontrata nei files Adobe PDF. La vulnerabilità in questione riguarda gran parte dei reader in commercio, fino all'Adobe Reader 8.1.
Nella versione inglese di questo post il link all'annuncio dello scopritore della vulnerabilità.
Nei commenti al suo post si può notare come anche Fox-It Reader sia affetto da tale vulnerabilità (anche se meno gravemente).
Notare come sia le versioni leggibili dal proprio browser, sia quelle standalone dei documenti PDF potrebbero essere ugualmente affette da codice maligno.

Unico consiglio: BUON-SENSO; se non si conosce la provenienza di un documento PDF, o in generale se non si è sicuri del grado di sicurezza garantito dalla fonte dalla quale esso proviene, allora astenersi dall'aprirlo.
(Nessun reader linux sembra essere citato nell'articolo; penso Evince sia abbastanza sicuro)
alle No comments:
Tags: ,

Wednesday, September 19, 2007

Ubuntu security bulletins (USN-514-1 - X.org server)

USN-514-1: X.org-related privilege escalation
Threat-level (*): Moderate

Affected Ubuntu versions:
  • Ubuntu 6.06 LTS
  • (and the corresponding versions of Kubuntu, Edubuntu, and Xubuntu)
It's recommended that you perform (at least) a standard upgrade of your system to avoid possible:
  • Exploits based on a bug found in the server core (and in its composite extension), with the following possible consequences:
    • arbitrary code execution with root user privileges
________
(*) = IMHO = It's just my opinion...
alle No comments:
Tags: , ,

Tuesday, September 18, 2007

Ubuntu security bulletins (USN-513-1 - QT libraries)

USN-513-1: QT libraries possible buffer overflows
Threat-level (*): Less-than-moderate

Affected Ubuntu versions:
  • Ubuntu 6.06 LTS
  • Ubuntu 6.10
  • Ubuntu 7.04
  • (and the corresponding versions of Kubuntu, Edubuntu, and Xubuntu)
Notice that QT3 libraries are used by all KD3-based applications.
It's recommended that you perform (at least) a standard upgrade of your system to avoid possible:
  • Attacks based on specially crafted UTF-8 strings that can lead to small buffer overflows, with the following possible consequences:
    • arbitrary code execution
    • denial of service
After the upgrade for the changes to affect your system you need to restart your user-session (i.e. log-out and then re-log-in to your system).

________
(*) = IMHO = It's just my opinion...
alle No comments:
Tags: , ,

Thursday, September 6, 2007

KB939268: Windows Server 2003 SP1/SP2 stops responding

As specified here, an hotfix is available to resolve one very annoying Windows Server 2003 problem: when the system stops responding but ICMP "ping" works anyway, it COULD be a system process (LSASS.EXE) that stopped working the right way.

The bug affects both SP1 and SP2 patched systems.

The hotfix resolves this situation but must be obtained by contacting the Microsoft Online Customer Services.
alle No comments:
Tags: ,

Monday, August 27, 2007

Ubuntu security bulletins (USN-503-1 - Thunderbird)

USN-503-1: Thunderbird Javascript flaws
Threat-level (*): Less-than-moderate

Affected Ubuntu versions:
  • Ubuntu 6.06 LTS
  • Ubuntu 6.10
  • Ubuntu 7.04
  • (and the corresponding versions of Kubuntu, Edubuntu, and Xubuntu)
Affected Thunderbird version:
  • mozilla-thunderbird 1.5
It's recommended that you perform (at least) a standard upgrade of your system to avoid possible:
  • Attacks based on malicious-emails (based on Thunderbird Javascript flaws):
    • arbitrary execution of applications placed on the attacked computer with the privileges of the user that opened the malicious mail
    • execution of arbitrary code with the privileges of the user
________
(*) = IMHO = It's just my opinion...
alle No comments:
Tags: , , ,

Sunday, August 26, 2007

Ubuntu security bulletins (USN-499-1 - Apache)

Today I inaugurate a new service: thanks to the Ubuntu Security Notices, I am able to provide an updated list of the Ubuntu vulnerabilities as they are discovered and posted to the ubuntu-security-announce mailing list.
I won't provide every report submitted to this list, but I think I'll select just the more interesting among them.

The first post is for the Apache-aholik ones:

USN-499-1: Apache vulnerabilities
Threat level (*): MODERATE

Affected Ubuntu versions:
  • Ubuntu 6.06 LTS
  • Ubuntu 6.10
  • Ubuntu 7.04
  • (and the corresponding versions of Kubuntu, Edubuntu, and Xubuntu)
It's recommended that you perform (at least) a standard upgrade of your system to avoid possible:
  • XSS attacks (consequences: data/passwords stealing and other minor threats)
  • Denial-of-service attacks
  • Apache signal handling flaws
________
(*) = IMHO = It's just my opinion...
alle No comments:
Tags: , , ,
Subscribe to: Posts (Atom)