Ubuntu

USN-2737-1: Linux kernel (Vivid HWE) vulnerability

September 9, 2015 007admin

Ubuntu Security Notice USN-2737-1

9th September, 2015

linux-lts-vivid vulnerability

A security issue affects these releases of Ubuntu and its
derivatives:

Ubuntu 14.04 LTS

Summary

The system could be made to crash or run programs as an administrator.

Software description

linux-lts-vivid
– Linux hardware enablement kernel from Vivid

Details

It was discovered that an integer overflow error existed in the SCSI
generic (sg) driver in the Linux kernel. A local attacker with write
permission to a SCSI generic device could use this to cause a denial of
service (system crash) or potentially escalate their privileges.

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 14.04 LTS:: linux-image-3.19.0-28-generic-lpae

3.19.0-28.30~14.04.1; linux-image-3.19.0-28-powerpc64-emb

3.19.0-28.30~14.04.1; linux-image-3.19.0-28-powerpc-smp

3.19.0-28.30~14.04.1; linux-image-3.19.0-28-lowlatency

3.19.0-28.30~14.04.1; linux-image-3.19.0-28-generic

3.19.0-28.30~14.04.1; linux-image-3.19.0-28-powerpc-e500mc

3.19.0-28.30~14.04.1; linux-image-3.19.0-28-powerpc64-smp

3.19.0-28.30~14.04.1

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References

CVE-2015-5707

Ubuntu

USN-2738-1: Linux kernel vulnerability

September 9, 2015 007admin

Ubuntu Security Notice USN-2738-1

9th September, 2015

linux vulnerability

A security issue affects these releases of Ubuntu and its
derivatives:

Ubuntu 15.04

Summary

The system could be made to crash or run programs as an administrator.

Software description

linux
– Linux kernel

Details

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 15.04:: linux-image-3.19.0-28-lowlatency

3.19.0-28.30; linux-image-3.19.0-28-powerpc64-emb

3.19.0-28.30; linux-image-3.19.0-28-powerpc-smp

3.19.0-28.30; linux-image-3.19.0-28-generic-lpae

3.19.0-28.30; linux-image-3.19.0-28-generic

3.19.0-28.30; linux-image-3.19.0-28-powerpc-e500mc

3.19.0-28.30; linux-image-3.19.0-28-powerpc64-smp

3.19.0-28.30

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

References

CVE-2015-5707

Drupal

RESTful – Moderately Critical – Access bypass – SA-CONTRIB-2015-147

September 9, 2015 007admin

Advisory ID: DRUPAL-SA-CONTRIB-2015-147
Project: RESTful (third-party module)
Version: 7.x
Date: 2015-September-09
Security risk: 12/25 ( Moderately Critical) AC:Basic/A:None/CI:Some/II:None/E:Theoretical/TD:Default
Vulnerability: Access bypass

Description

This module enables you to expose your Drupal backend by generating a RESTful API.

The module doesn’t sufficiently account for core’s page cache generation for anonymous users, when using non-cookie authentication providers. Authenticated users, via one of the authentication providers, can have their pages cached as anonymous users, and therefore allowing access to potentially restricted information during subsequent anonymous requests.

CVE identifier(s) issued

A CVE identifier will be requested, and added upon issuance, in accordance with Drupal Security Team processes.

Versions affected

RESTful 7.x-1.x versions prior to 7.x-1.3.

Drupal core is not affected. If you do not use the contributed RESTful module, there is nothing you need to do.

Solution

Install the latest version:

If you use the RESTful module for Drupal 7.x, upgrade to RESTful 7.x-1.3

Also see the RESTful project page.

Reported by

Richard Thomas

Fixed by

Mateu Aguiló the module maintainer
Lee Rowlands of the Drupal Security Team

Coordinated by

Lee Rowlands of the Drupal Security Team

Contact and More Information

The Drupal security team can be reached at security at drupal.org or via the contact form at https://www.drupal.org/contact.

Learn more about the Drupal Security team and their policies, writing secure code for Drupal, and securing your site.

Follow the Drupal Security Team on Twitter at https://twitter.com/drupalsecurity

Drupal version:

Drupal 7.x

Full Disclosure

Multiple Cross-Site Scripting vulnerabilities in Synology Download Station

September 9, 2015 007admin

Posted by Securify B.V. on Sep 09

————————————————————————
Multiple Cross-Site Scripting vulnerabilities in Synology Download
Station
————————————————————————
Han Sahin, September 2015

————————————————————————
Abstract
————————————————————————
Multiple Cross-Site Scripting vulnerabilities…

Full Disclosure

Synology Video Station command injection and multiple SQL injection vulnerabilities

September 9, 2015 007admin

Posted by Securify B.V. on Sep 09

————————————————————————
Synology Video Station command injection and multiple SQL injection
vulnerabilities
————————————————————————
Han Sahin, September 2015

————————————————————————
Abstract
————————————————————————
It was discovered that Synology Video…

Drupal

Twitter – Moderately Critical – Access bypass – SA-CONTRIB-2015-146

September 9, 2015 007admin

Advisory ID: DRUPAL-SA-CONTRIB-2015-146
Project: Twitter (third-party module)
Version: 6.x, 7.x
Date: 2015-September-09
Security risk: 12/25 ( Moderately Critical) AC:Basic/A:User/CI:None/II:Some/E:Exploit/TD:Uncommon
Vulnerability: Access bypass

Description

This module enables you to pull in public tweets from Twitter accounts, post messages to Twitter to announce content changes, and authenticate using Twitter.

The module doesn’t sufficiently check for access when using the Twitter Post submodule to post messages to Twitter and allows a tweet to be posted to any authenticated account, not just one that the user owns.

The module also doesn’t sufficiently check for access when listing a user’s connected Twitter accounts, allowing any user to change the options for any other account, including deleting the attached Twitter account.

This vulnerability is mitigated by the fact that an attacker must have a role with the permission “post to twitter” in order to post to Twitter, and have either the permission “add twitter accounts” or “add authenticated twitter accounts” in order to access the accounts list.

CVE identifier(s) issued

A CVE identifier will be requested, and added upon issuance, in accordance with Drupal Security Team processes.

Versions affected

Twitter 6.x-5.x versions prior to 6.x-5.2.
Twitter 7.x-5.x versions prior to 7.x-5.9.
Twitter 7.x-6.x versions prior to 7.x-6.0.

Drupal core is not affected. If you do not use the contributed Twitter module, there is nothing you need to do.

Solution

Install the latest version:

If you use the Twitter 5.x module for Drupal 6.x, upgrade to Twitter 6.x-5.2 or later.
If you use the Twitter 5.x module for Drupal 7.x, upgrade to Twitter 7.x-5.9 or later.
If you use the Twitter 6.x module for Drupal 7.x, upgrade to Twitter 7.x-6.0 or later.

Also see the Twitter project page.

Reported by

Fixed by

adirael
arcovia
Michael Nielson
Damien McKenna, the module maintainer.

Coordinated by

David Snopek of the Drupal Security Team.

Contact and More Information

The Drupal security team can be reached at security at drupal.org or via the contact form at https://www.drupal.org/contact.

Learn more about the Drupal Security team and their policies, writing secure code for Drupal, and securing your site.

Follow the Drupal Security Team on Twitter at https://twitter.com/drupalsecurity

Drupal version:

Drupal 6.x

Drupal 7.x

Security

Android Stagefright Exploit Code Released to Public

September 9, 2015 007admin

Exploit code for the Android Stagefright vulnerability was made public, and researcher Joshua Drake hopes organizations will test Android systems and devices against the code.

Security

GNU Privacy Guard 2.0.29

September 9, 2015 007admin

GnuPG (the GNU Privacy Guard or GPG) is GNU’s tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant to be compatible with PGP from NAI, Inc. Because it does not use any patented algorithms, it can be used without any restrictions.

Kaspersky

Media Alert: Kaspersky Lab North America Managing Director to Speak at CTIA Super Mobility 2015

September 9, 2015 007admin

Security

RSA Identity Management And Governance Cross Site Scripting

September 9, 2015 007admin

RSA Identity Management and Governance contains fixes for cross site scripting vulnerabilities that may potentially be exploited by malicious users to compromise the affected system. All versions are RSA IMG are affected by CVE-2015-4539. Versions prior to 6.9.1 P6 and 6.8.1 P18 are affected by CVE-2015-4540.

Ubuntu Security Notice USN-2737-1

linux-lts-vivid vulnerability

Summary

Software description

Details

Update instructions

References

Ubuntu Security Notice USN-2738-1

linux vulnerability

Summary

Software description

Details

Update instructions

References

Description

CVE identifier(s) issued

Versions affected

Solution

Reported by

Fixed by

Coordinated by

Contact and More Information

Description

CVE identifier(s) issued

Versions affected

Solution

Reported by

Fixed by

Coordinated by

Contact and More Information

Software and Security Information