BugTraq Latest Security Advisories

Syndicate content
The premier general security mailing list. Vulnerabilities are often announced here first, so check frequently!
Updated: 25 min 15 sec ago

ESA-2014-071: RSA Archer® GRC Platform Multiple Vulnerab ilities

8 hours 3 min ago

Posted by Security Alert on Aug 19

ESA-2014-071: RSA Archer® GRC Platform Multiple Vulnerabilities

EMC Identifier: ESA-2014-071

CVE Identifier: CVE-2014-2517, CVE-2014-2505, CVE-2014-0640, CVE-2014-0641

Severity Rating: CVSS v2 Base Score: See below for individual scores

Affected Products:
RSA Archer GRC Platform version 5.x

Summary:
RSA Archer GRC Platform 5.5 SP1 contains fixes for multiple security vulnerabilities that could potentially be
exploited by malicious...
Categories:

[CVE-2014-0232] Apache OFBiz Cross-site scripting (XSS) vulnerability

15 hours 39 min ago

Posted by Jacopo Cappellato on Aug 19

CVE-2014-0232: Apache OFBiz Cross-site scripting (XSS) vulnerability

Severity: Important

Vendor:
The Apache Software Foundation

Versions Affected:
Apache OFBiz 11.04.01 to 11.04.04
Apache OFBiz 12.04.01 to 11.04.03
The unsupported Apache OFBiz 09.04.x, 10.04.x versions may be also affected

Description:
Result and error messages returned by some OFBiz services could be a vector for XSS attacks.

Mitigation:
11.04.x users should upgrade to...
Categories:

ESA-2014-079: EMC Documentum Content Server Multiple Vulnerabilities

15 hours 49 min ago

Posted by Security Alert on Aug 19

ESA-2014-079: EMC Documentum Content Server Multiple Vulnerabilities

EMC Identifier: ESA-2014-079

CVE Identifier: See below for individual CVEs

Severity Rating: CVSS v2 Base Score: See below for individual CVSS score for each CVE

Affected products:
• All EMC Documentum Content Server versions of 7.1 prior to P07
• All EMC Documentum Content Server versions of 7.0
• All EMC Documentum Content Server versions of 6.7...
Categories:

ESA-2014-067: EMC Documentum D2 Privilege Escalation Vulnerability

16 hours 33 sec ago

Posted by Security Alert on Aug 19

ESA-2014-067: EMC Documentum D2 Privilege Escalation Vulnerability

EMC Identifier: ESA-2014-067

CVE Identifier: CVE-2014-2515

Severity: CVSSv2 Base Score: 8.5 (AV:N/AC:M/Au:S/C:C/I:C/A:C)

Affected products:
• EMC Documentum D2 3.1 and patch versions
• EMC Documentum D2 3.1SP1 and patch versions
• EMC Documentum D2 4.0 and patch versions
• EMC Documentum D2 4.1 and patch versions
• EMC Documentum D2 4.2...
Categories:

ESA-2014-059: EMC Documentum Multiple Cross-Site Scripting Vulnerabilities

16 hours 10 min ago

Posted by Security Alert on Aug 19

ESA-2014-059: EMC Documentum Multiple Cross-Site Scripting Vulnerabilities

EMC Identifier: ESA-2014-059

CVE Identifier: CVE-2014-2511

Severity Rating: CVSS v2 Base Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

Affected products:
• EMC WebTop 6.7 SP1, 6.7 SP2
• EMC Documentum Administrator 6.7 SP1, 6.7 SP2, 7.0, 7.1.
• EMC Records Client 6.7 SP1, 6.7 SP2
• EMC Digital Assets Manager 6.5SP5, 6.5SP6
• EMC Web...
Categories:

ESA-2014-073: EMC Documentum Multiple Cross-Site Request Forgery Vulnerabilities

16 hours 20 min ago

Posted by Security Alert on Aug 19

ESA-2014-073: EMC Documentum Multiple Cross-Site Request Forgery Vulnerabilities

EMC Identifier: ESA-2014-073

CVE Identifier: CVE-2014-2518

Severity Rating: CVSS v2 Base Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

Affected products:
• EMC Documentum Webtop Versions prior 6.7SP1 P28
• EMC Documentum Webtop Versions prior 6.7SP2 P15
• EMC Documentum Administrator Versions prior 6.7 SP1 P28
• EMC Documentum...
Categories:

[SECURITY] [DSA 3006-1] xen security update

August 18, 2014 - 12:46pm

Posted by Moritz Muehlenhoff on Aug 18

-------------------------------------------------------------------------
Debian Security Advisory DSA-3006-1 security () debian org
http://www.debian.org/security/ Moritz Muehlenhoff
August 18, 2014 http://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : xen
CVE ID : CVE-2013-1432 CVE-2013-1442...
Categories:

CVE-2014-3577: Apache HttpComponents client: Hostname verification susceptible to MITM attack

August 18, 2014 - 7:38am

Posted by Dirk-Willem van Gulik on Aug 18

Security Advisory - Apache Software Foundation
Apache HttpComponents / hc.apache.org

Hostname verification susceptible to MITM attack

CVE-2014-3577 / CVSS 1.4

Apache HttpComponents (prior to revision 4.3.5/4.0.2) may be susceptible
to a 'Man in the Middle Attack' due to a flaw in the default hostname
verification during SSL/TLS when a specially crafted server side...
Categories:

Outlook.com for Android fails to validate server certificates

August 18, 2014 - 7:28am

Posted by Securify B.V. on Aug 18

------------------------------------------------------------------------
Outlook.com for Android fails to validate server certificates
------------------------------------------------------------------------
Yorick Koster, April 2014

------------------------------------------------------------------------
Abstract
------------------------------------------------------------------------
Outlook.com for Android's WebView contains an insecure...
Categories:

CVE-2014-5289 - Kolibri WebServer 2.0 Vulnerable to RCE via Overly Long POST Request

August 18, 2014 - 7:17am

Posted by tekwizz123 on Aug 18

Exploit Details
------------------
Senkas Kolibri WebServer 2.0 (available at http://www.senkas.com/kolibri/download.php) is vulnerable to RCE via an
overly long POST request.

Sending the exploit will result in a SEH overwrite, which can then be use to redirect execution to a POP POP RET within
the application's binary itself, which once executed, will allow the attacker to execute his/her payload located in the
HOST field.

PoC...
Categories:

Beginners error: Apple's iCloudServices for Windows run rogue program C:\Program.exe (and some more)

August 18, 2014 - 6:38am

Posted by Stefan Kanthak on Aug 18

Hi @ll,

"C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe",
part of Apple's iCloudServices (see <https://www.apple.com/icloud/>), is
configured to be started as (COM) server via SvcHost.Exe.

Unfortunately the developers of this (COM) server (and of course their QA
too) did a lousy job and let their installer create the following erroneous
registry entries with a command line that contains an unquoted...
Categories:

Beginners error: Windows Live Mail 2011 runs rogue C:\Program.exe when opening associated URLs

August 18, 2014 - 6:28am

Posted by Stefan Kanthak on Aug 18

Hi @ll,

the following command lines associated with the URL protocols of
Windows Live Mail 2011 (15.4.3538.513)

WLMail.Url.Mailto=C:\Program Files (x86)\Windows Live\Mail\wlmail.exe /mailurl:"%1"
WLMail.Url.news=C:\Program Files (x86)\Windows Live\Mail\wlmail.exe /newsurl:"%1"
WLMail.Url.nntp=C:\Program Files (x86)\Windows Live\Mail\wlmail.exe /newsurl:"%1"
WLMail.Url.snews=C:\Program Files (x86)\Windows...
Categories:

Beginners error: Apple's Software Update runs rogue program C:\Program.exe (and some more)

August 18, 2014 - 6:17am

Posted by Stefan Kanthak on Aug 18

Hi @ll,

"C:\Program Files\Apple Software Update\SoftwareUpdate.exe", part
of Apple's Software Update and installed together with iTunes,
QuickTime and other of Apple's crap for Windows, is periodically
called with the argument "-task".

This invokes the COM server {91A9E6A9-3935-4A37-AFBA-F0904B166364}
alias AppleSoftwareUpdate.ASUInstallhost, implemented in the DLL
C:\Program Files\Apple Software...
Categories:

[SECURITY] [DSA 3005-1] gpgme1.0 security update

August 14, 2014 - 12:52pm

Posted by Salvatore Bonaccorso on Aug 14

-------------------------------------------------------------------------
Debian Security Advisory DSA-3005-1 security () debian org
http://www.debian.org/security/ Salvatore Bonaccorso
August 14, 2014 http://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : gpgme1.0
CVE ID : CVE-2014-3564
Debian Bug :...
Categories:

APPLE-SA-2014-08-13-1 Safari 6.1.6 and Safari 7.0.6

August 14, 2014 - 5:24am

Posted by Apple Product Security on Aug 14

APPLE-SA-2014-08-13-1 Safari 6.1.6 and Safari 7.0.6

Safari 6.1.6 and Safari 7.0.6 are now available and address the
following:

WebKit
Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5,
OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.4
Impact: Visiting a maliciously crafted website may lead to an
unexpected application termination or arbitrary code execution
Description: Multiple memory corruption issues existed in WebKit.
These...
Categories:

[security bulletin] HPSBMU03090 rev.1 - HP SiteScope, running Apache Struts, Remote Execution of Arbitrary Code

August 14, 2014 - 5:13am

Posted by security-alert on Aug 14

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04399728

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04399728
Version: 1

HPSBMU03090 rev.1 - HP SiteScope, running Apache Struts, Remote Execution of
Arbitrary Code

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release Date: 2014-08-12...
Categories:

[security bulletin] HPSBHF03088 rev.1 - HP Integrity SD2 CB900s i2 and i4 Servers running OpenSSL, Remote Unauthorized Access or Disclosure of Information

August 13, 2014 - 10:50am

Posted by security-alert on Aug 13

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04397114

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04397114
Version: 1

HPSBHF03088 rev.1 - HP Integrity SD2 CB900s i2 and i4 Servers running
OpenSSL, Remote Unauthorized Access or Disclosure of Information

NOTICE: The information in this Security Bulletin should be acted upon as...
Categories:

Reflected Cross-Site Scripting (XSS) in Jamroom

August 13, 2014 - 8:43am

Posted by High-Tech Bridge Security Research on Aug 13

Advisory ID: HTB23224
Product: Jamroom
Vendor: Talldude Networks, LLC
Vulnerable Version(s): 5.2.6 and probably prior
Tested Version: 5.2.6
Advisory Publication: July 23, 2014 [without technical details]
Vendor Notification: July 23, 2014
Vendor Patch: July 23, 2014
Public Disclosure: August 13, 2014
Vulnerability Type: Cross-Site Scripting [CWE-79]
CVE Reference: CVE-2014-5098
Risk Level: Medium
CVSSv2 Base Score: 4.3...
Categories:

[oCERT-2014-006] Ganeti insecure archive permission

August 13, 2014 - 6:56am

Posted by Andrea Barisani on Aug 13

#2014-006 Ganeti insecure archive permission

Description:

Ganeti, an open source virtualisation manager, suffers from an insecure file
permission vulnerability that leads to sensitive information disclosure.

The Ganeti upgrade command 'gnt-cluster upgrade' creates an archive of the
current configuration of the cluster (e.g. the contents of
'/var/lib/ganeti'). The archive is named following the pattern ganet*.tar
and is...
Categories:

BlackBerry Z 10 - Storage and Access File-Exchange Authentication By-Pass [MZ-13-04]

August 13, 2014 - 6:47am

Posted by security on Aug 13

---------------------------------------------------------------------

modzero  Security Advisory:  BlackBerry  Z 10  -  Storage and  Access
File-Exchange Authentication By-Pass [MZ-13-04]

---------------------------------------------------------------------

---------------------------------------------------------------------

1. Timeline

---------------------------------------------------------------------

 * 2013-06-23: Vendor has...
Categories: