Monthly Archives: July 2015

Ubuntu

USN-2673-1: Thunderbird vulnerabilities

Ubuntu Security Notice USN-2673-1

20th July, 2015

thunderbird vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 15.04
  • Ubuntu 14.10
  • Ubuntu 14.04 LTS
  • Ubuntu 12.04 LTS

Summary

Several security issues were fixed in Thunderbird.

Software description

  • thunderbird
    – Mozilla Open Source mail and newsgroup client

Details

Karthikeyan Bhargavan discovered that NSS incorrectly handled state
transitions for the TLS state machine. If a remote attacker were able to
perform a man-in-the-middle attack, this flaw could be exploited to skip
the ServerKeyExchange message and remove the forward-secrecy property.
(CVE-2015-2721)

Bob Clary, Christian Holler, Bobby Holley, and Andrew McCreight discovered
multiple memory safety issues in Thunderbird. If a user were tricked in to
opening a specially crafted website in a browsing context, an attacker
could potentially exploit these to cause a denial of service via
application crash, or execute arbitrary code with the privileges of the
user invoking Thunderbird. (CVE-2015-2724)

Ronald Crane discovered multiple security vulnerabilities. If a user were
tricked in to opening a specially crafted website in a browsing context,
an attacker could potentially exploit these to cause a denial of service
via application crash, or execute arbitrary code with the privileges of
the user invoking Thunderbird. (CVE-2015-2734, CVE-2015-2735,
CVE-2015-2736, CVE-2015-2737, CVE-2015-2738, CVE-2015-2739, CVE-2015-2740)

Matthew Green discovered a DHE key processing issue in NSS where a MITM
could force a server to downgrade TLS connections to 512-bit export-grade
cryptography. An attacker could potentially exploit this to impersonate
the server. (CVE-2015-4000)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 15.04:
thunderbird

1:31.8.0+build1-0ubuntu0.15.04.1
Ubuntu 14.10:
thunderbird

1:31.8.0+build1-0ubuntu0.14.10.1
Ubuntu 14.04 LTS:
thunderbird

1:31.8.0+build1-0ubuntu0.14.04.1
Ubuntu 12.04 LTS:
thunderbird

1:31.8.0+build1-0ubuntu0.12.04.1

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to restart Thunderbird to make
all the necessary changes.

References

CVE-2015-2721,

CVE-2015-2724,

CVE-2015-2734,

CVE-2015-2735,

CVE-2015-2736,

CVE-2015-2737,

CVE-2015-2738,

CVE-2015-2739,

CVE-2015-2740,

CVE-2015-4000

Avira

Patch now: Microsoft Emergency Fix

Yesterday Microsoft released an emergency security update for all of the supported Windows version (this means Windows 7, Windows 8/8.1, Windows RT and apparently even the unreleased Windows 10). The patch is supposed to fix an exploit that would allow hackers to access another computer easily.  According to the company the flaw lies in the way the Windows Adobe Type Manager Library improperly handles specially crafted OpenType fonts.

“An attacker who successfully exploited this vulnerability could take complete control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights,” Microsoft says in their security bulletin. “There are multiple ways an attacker could exploit this vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage that contains embedded OpenType fonts. The update addresses the vulnerability by correcting how the Windows Adobe Type Manager Library handles OpenType fonts.“

Microsoft also says that while they had information that indicates that the issue was public there is no evidence that the vulnerability was used in any actual attack on customers.

The vulnerability itself was apparently found after going through loads of data from the Hacking Team email breach.

The post Patch now: Microsoft Emergency Fix appeared first on Avira Blog.

Full Disclosure

Cross-Site Request Forgery Vulnerability in Portfolio Plugin WordPress Plugin v1.0

Posted by Nitin Venkatesh on Jul 21

# Title: Cross-Site Request Forgery Vulnerability in Portfolio Plugin
Wordpress Plugin v1.0
# Submitter: Nitin Venkatesh
# Product: Portfolio Plugin WordPress Plugin
# Product URL: https://wordpress.org/plugins/portfolio-by-lisa-westlund/
# Vulnerability Type: Cross-site Request Forgery [CWE-352]
# Affected Versions: v1.0
# Tested versions: v1.0
# Fixed Version: v1.05
# Link to code diff:…

Full Disclosure

Joomla! plugin Helpdesk Pro < 1.4.0

Posted by Simon Rawet on Jul 21

Document Title
==============
Joomla! plugin Helpdesk Pro < 1.4.0

Reported By
===========
Simon Rawet from Outpost24
Kristian Varnai from Outpost24
Gregor Mynarsky from Outpost24
https://www.outpost24.com/

For full details, see;
https://www.outpost24.com/outpost24-has-found-critical-vulnerabilities-in-joomla-helpdesk-pro/

Tested on
=========
All exploits were tested and verified by Outpost24 for HelpDesk Pro
version 1.3.0. While no official…

Full Disclosure

Ashley Madison Hacked

Posted by Brian Offenheim on Jul 21

–This message has been forwarded to you safely using www.spamex.com
–Your real email address has not been disclosed to the sender

Ashley Madison, the world’s #1 affair/cheating online dating site, has been hacked.
http://imgur.com/8gQs8KV
https://bitbucket.org/TheImpactTeam/ashley
https://bitbucket.org/TheImpactTeam/ashleymadisondump
https://gitlab.com/ImpactTeam/ashley
https://gitlab.com/ImpactTeam/ashleymadisondump

Fedora

Fedora 22 Security Update: drupal7-path_breadcrumbs-3.3-1.fc22

Resolved Bugs
1243614 – drupal7-path_breadcrumbs-3.3 is available<br
## 7.x-3.3
See [SA-CONTRIB-2015-133](https://www.drupal.org/node/2533926)
* New token `%site:current-page:path-menu-trail:pb-join:*` is an alternative approach to build breadcrumbs based on path hierarchy.
* Fixed #2473109: Destination parameter is present but doesn’t work during editing breadcrumb
* Other improvements and fixes.