Monthly Archives: March 2015

Ubuntu

USN-2548-1: Batik vulnerability

Leave a comment

Ubuntu Security Notice USN-2548-1

25th March, 2015

batik vulnerability

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 14.10
  • Ubuntu 14.04 LTS
  • Ubuntu 12.04 LTS

Summary

Batik could be made to consume resources or expose sensitive information.

Software description

  • batik
    – xml.apache.org SVG Library

Details

Nicolas Gregoire and Kevin Schaller discovered that Batik would load XML
external entities by default. If a user or automated system were tricked
into opening a specially crafted SVG file, an attacker could possibly
obtain access to arbitrary files or cause resource consumption.

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 14.10:
libbatik-java

1.7.ubuntu-8ubuntu2.14.10.1
Ubuntu 14.04 LTS:
libbatik-java

1.7.ubuntu-8ubuntu2.14.04.1
Ubuntu 12.04 LTS:
libbatik-java

1.7.ubuntu-8ubuntu1.1

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

CVE-2015-0250

Ubuntu

USN-2549-1: libarchive vulnerabilities

Leave a comment

Ubuntu Security Notice USN-2549-1

25th March, 2015

libarchive vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 14.10
  • Ubuntu 14.04 LTS
  • Ubuntu 12.04 LTS

Summary

libarchive could be made to crash or overwrite files.

Software description

  • libarchive
    – Library to read/write archive files

Details

It was discovered that the libarchive bsdcpio utility extracted absolute
paths by default without using the –insecure flag, contrary to
expectations. If a user or automated system were tricked into extracting
cpio archives containing absolute paths, a remote attacker may be able to
write to arbitrary files. (CVE-2015-2304)

Fabian Yamaguchi discovered that libarchive incorrectly handled certain
type conversions. A remote attacker could possibly use this issue to cause
libarchive to crash, resulting in a denial of service. This issue only
affected Ubuntu 12.04 LTS. (CVE-2013-0211)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 14.10:
bsdcpio

3.1.2-9ubuntu0.1
libarchive13

3.1.2-9ubuntu0.1
Ubuntu 14.04 LTS:
bsdcpio

3.1.2-7ubuntu2.1
libarchive13

3.1.2-7ubuntu2.1
Ubuntu 12.04 LTS:
bsdcpio

3.0.3-6ubuntu1.1
libarchive12

3.0.3-6ubuntu1.1

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

CVE-2013-0211,

CVE-2015-2304

Drupal

Ubercart Webform Checkout Pane – Moderately Critical – Cross Site Scripting (XSS) – Unsupported – SA-CONTRIB-2015-087

Leave a comment

Description

Ubercart Webform Checkout Pane module allows you to define Webform nodes as checkout/order panes in Ubercart.

The module doesn’t sufficiently sanitize user supplied text in some pages, thereby exposing a Cross Site Scripting vulnerability.

This vulnerability is mitigated by the fact that an attacker must have a user with permission to create/edit Ubercart products or webforms.

CVE identifier(s) issued

  • A CVE identifier will be requested, and added upon issuance, in accordance with Drupal Security Team processes.

Versions affected

  • All versions of Ubercart Webform Checkout Pane module

Drupal core is not affected. If you do not use the contributed Ubercart Webform Checkout Pane module, there is nothing you need to do.

Solution

If you use the Ubercart Webform Checkout Pane module you should uninstall it.

Also see the Ubercart Webform Checkout Pane project page.

Reported by

Fixed by

Not applicable.

Coordinated by

Contact and More Information

The Drupal security team can be reached at security at drupal.org or via the contact form at https://www.drupal.org/contact.

Learn more about the Drupal Security team and their policies, writing secure code for Drupal, and securing your site.

Follow the Drupal Security Team on Twitter at https://twitter.com/drupalsecurity

Drupal version: 
Drupal 6.x
Drupal 7.x
Drupal

Decisions – Moderately Critical – Cross Site Request Forgery (CSRF) – Unsupported – SA-CONTRIB-2015-086

Leave a comment

Description

Decisions module is a replacement for the Poll module and provides advanced voting systems and decision-making tools.

The module doesn’t sufficiently protect some links against CSRF. A malicious user can cause another user to remove individual voters by getting their browser to make a request to a specially-crafted URL.

CVE identifier(s) issued

  • A CVE identifier will be requested, and added upon issuance, in accordance with Drupal Security Team processes.

Versions affected

  • All versions of Decisions module

Drupal core is not affected. If you do not use the contributed Decisions module, there is nothing you need to do.

Solution

If you use the Decisions module you should uninstall it.

Also see the Decisions project page.

Reported by

Fixed by

Not applicable.

Coordinated by

Contact and More Information

The Drupal security team can be reached at security at drupal.org or via the contact form at https://www.drupal.org/contact.

Learn more about the Drupal Security team and their policies, writing secure code for Drupal, and securing your site.

Follow the Drupal Security Team on Twitter at https://twitter.com/drupalsecurity

Drupal version: 
Drupal 6.x
Drupal

Invoice – Moderately Critical – Multiple vulnerabilities – Unsupported – SA-CONTRIB-2015-085

Leave a comment

Description

Invoice module allows you to create invoices in Drupal.

The module doesn’t sufficiently sanitize user supplied text in some pages, thereby exposing a Cross Site Scripting vulnerability.

Additionally, some URLs were not protected against CSRF. A malicious user can cause another user to create, delete and alter invoices by getting their browser to make a request to a specially-crafted URL.

The XSS vulnerability is mitigated by the fact that an attacker must have a role with the permission “Administer own invoices” and be able to create/edit nodes of the “Invoice” content type.

CVE identifier(s) issued

  • A CVE identifier will be requested, and added upon issuance, in accordance with Drupal Security Team processes.

Versions affected

  • All versions of Invoice module

Drupal core is not affected. If you do not use the contributed Invoice module, there is nothing you need to do.

Solution

If you use the Invoice module you should uninstall it.

Also see the Invoice project page.

Reported by

Fixed by

Not applicable.

Coordinated by

Contact and More Information

The Drupal security team can be reached at security at drupal.org or via the contact form at https://www.drupal.org/contact.

Learn more about the Drupal Security team and their policies, writing secure code for Drupal, and securing your site.

Follow the Drupal Security Team on Twitter at https://twitter.com/drupalsecurity

Drupal version: 
Drupal 6.x
Drupal 7.x
Drupal

Linear Case – Moderately Critical – Cross Site Scripting (XSS) – SA-CONTRIB-2015-084

Leave a comment

Description

Linear Case module allows you to organize Closed Question documents in case studies.

The module doesn’t sufficiently sanitize user supplied text in some pages, thereby exposing a Cross Site Scripting vulnerability.

This vulnerability is mitigated by the fact that an attacker must have a user with permission to edit/create Linear Case nodes.

CVE identifier(s) issued

  • A CVE identifier will be requested, and added upon issuance, in accordance with Drupal Security Team processes.

Versions affected

  • Linear Case 6.x-1.x versions prior to 6.x-1.3.

Drupal core is not affected. If you do not use the contributed Linear Case module, there is nothing you need to do.

Solution

Install the latest version:

Also see the Linear Case project page.

Reported by

Fixed by

Coordinated by

Contact and More Information

The Drupal security team can be reached at security at drupal.org or via the contact form at https://www.drupal.org/contact.

Learn more about the Drupal Security team and their policies, writing secure code for Drupal, and securing your site.

Follow the Drupal Security Team on Twitter at https://twitter.com/drupalsecurity

Drupal version: 
Drupal 6.x
Drupal

Webform Multiple File Upload – Moderately Critical – Cross Site Request Forgery (CSRF) – SA-CONTRIB-2015-083

Leave a comment

Description

Webform Multiple File Upload module enables you to upload multiple files at once in webforms.

The module doesn’t sufficiently protect some URLs against CSRF. A malicious user can cause a user with edit access to webforms to delete files by getting their browser to make a request to a specially-crafted URL.

CVE identifier(s) issued

  • A CVE identifier will be requested, and added upon issuance, in accordance with Drupal Security Team processes.

Versions affected

  • Webform Multiple File Upload 6.x-1.x versions prior to 6.x-1.3.
  • Webform Multiple File Upload 7.x-1.x versions prior to 7.x-1.3.

Drupal core is not affected. If you do not use the contributed Webform Multiple File Upload module, there is nothing you need to do.

Solution

Install the latest version:

Also see the Webform Multiple File Upload project page.

Reported by

Fixed by

Coordinated by

Contact and More Information

The Drupal security team can be reached at security at drupal.org or via the contact form at https://www.drupal.org/contact.

Learn more about the Drupal Security team and their policies, writing secure code for Drupal, and securing your site.

Follow the Drupal Security Team on Twitter at https://twitter.com/drupalsecurity

Drupal version: 
Drupal 6.x
Drupal 7.x
Panda Security

WhatsApp calls available for Android!

Leave a comment

whatsapp phone

Waiting is over! Calls via WhatsApp are available for Android users, but just for some users and only if they have the latest version installed. These calls can be made with an app beta version and also with the 2.12.5 update, launched already in Google Play.

Nevertheless, if you are an Android user and meet these requirements, but still aren’t able to use it, don’t despair. As before, WhatsApp hasn’t deployed it automatically yet.

How can you activate the calls in WhatsApp? For example, if you get a call from one of your contacts that already has it activated!

If not, just a bit of patience, and wait for your turn! Meanwhile, don’t fall for scams!

And if you want to protect your phone, download now our free Android antivirus.

The post WhatsApp calls available for Android! appeared first on MediaCenter Panda Security.

Drupal

Crumbs – Moderately Critical – Cross Site Scripting (XSS) – SA-CONTRIB-2015-082

Leave a comment

Description

This module enables you to add navigation to your webpages colloquially referred to as “breadcrumbs”.

The module doesn’t sufficiently sanitize custom HTML separators for breadcrumbs, thereby exposing a Cross Site Scripting vulnerability.

This vulnerability is mitigated by the fact that an attacker must have a role with the permission “Administer Crumbs”.

CVE identifier(s) issued

  • A CVE identifier will be requested, and added upon issuance, in accordance with Drupal Security Team processes.

Versions affected

  • Crumbs 7.x-2.x versions prior to 7.x-2.3

Drupal core is not affected. If you do not use the contributed Crumbs module, there is nothing you need to do.

Solution

Install the latest version:

  • If you use the Crumbs module for Drupal 7.x, upgrade to Crumbs 7.x-2.3

Also see the Crumbs project page.

Reported by

Fixed by

Coordinated by

Contact and More Information

The Drupal security team can be reached at security at drupal.org or via the contact form at https://www.drupal.org/contact.

Learn more about the Drupal Security team and their policies, writing secure code for Drupal, and securing your site.

Follow the Drupal Security Team on Twitter at https://twitter.com/drupalsecurity

Drupal version: 
Drupal 7.x