Monthly Archives: September 2015

Ubuntu

USN-2741-1: Unity Settings Daemon vulnerability

Ubuntu Security Notice USN-2741-1

16th September, 2015

unity-settings-daemon vulnerability

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 15.04
  • Ubuntu 14.04 LTS

Summary

Unity Settings Daemon would allow mounting removable media while the screen
is locked.

Software description

  • unity-settings-daemon
    – daemon handling the Unity session settings

Details

It was discovered that the Unity Settings Daemon incorrectly allowed
removable media to be mounted when the screen is locked. If a vulnerability
were discovered in some other desktop component, such as an image library,
a local attacker could possibly use this issue to gain access to the
session.

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 15.04:
unity-settings-daemon

15.04.1+15.04.20150408-0ubuntu1.2
Ubuntu 14.04 LTS:
unity-settings-daemon

14.04.0+14.04.20150825-0ubuntu2

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to restart your session to make
all the necessary changes.

References

CVE-2015-1319

Ubuntu

USN-2742-1: OpenLDAP vulnerabilities

Ubuntu Security Notice USN-2742-1

16th September, 2015

openldap vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 15.04
  • Ubuntu 14.04 LTS
  • Ubuntu 12.04 LTS

Summary

Several security issues were fixed in OpenLDAP.

Software description

  • openldap
    – OpenLDAP utilities

Details

Denis Andzakovic discovered that OpenLDAP incorrectly handled certain BER
data. A remote attacker could possibly use this issue to cause OpenLDAP to
crash, resulting in a denial of service. (CVE-2015-6908)

Dietrich Clauss discovered that the OpenLDAP package incorrectly shipped
with a potentially unsafe default access control configuration. Depending
on how the database is configure, this may allow users to impersonate
others by modifying attributes such as their Unix user and group numbers.
(CVE-2014-9713)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 15.04:
slapd

2.4.31-1+nmu2ubuntu12.3
Ubuntu 14.04 LTS:
slapd

2.4.31-1+nmu2ubuntu8.2
Ubuntu 12.04 LTS:
slapd

2.4.28-1.1ubuntu4.6

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

For existing installations, access rules that begin with “to *” need to be
manually adjusted to remove any instances of “by self write”.

References

CVE-2014-9713,

CVE-2015-6908

NVD

CVE-2014-8778

Checkmarx CxSAST (formerly CxSuite) before 7.1.8 allows remote authenticated users to bypass the CxQL sandbox protection mechanism and execute arbitrary C# code by asserting the (1) System.Security.Permissions.PermissionState.Unrestricted or (2) System.Security.Permissions.SecurityPermissionFlag.AllFlags permission.

NVD

CVE-2015-1173

Unit4 Polska TETA Web (formerly TETA Galactica) 22.62.3.4 does not properly restrict access to the (1) Design Mode and (2) Debug Logger mode modules, which allows remote attackers to gain privileges via crafted “received parameters.”

NVD

CVE-2015-3623

XML external entity (XXE) vulnerability in QlikTech Qlikview before 11.20 SR12 allows remote attackers to conduct server-side request forgery (SSRF) attacks and read arbitrary files via crafted XML data in a request to AccessPoint.aspx.

NVD

CVE-2015-5465

Silicon Integrated Systems WindowsXP Display Manager (aka VGA Driver Manager and VGA Display Manager) 6.14.10.3930 allows local users to gain privileges via a crafted (1) 0x96002400 or (2) 0x96002404 IOCTL call.

NVD

CVE-2015-6929

Multiple cross-site scripting (XSS) vulnerabilities in Nokia Networks (formerly Nokia Solutions and Networks and Nokia Siemens Networks) @vantage Commander allow remote attackers to inject arbitrary web script or HTML via the (1) idFilter or (2) nameFilter parameter to cftraces/filter/fl_copy.jsp; the (3) flName parameter to cftraces/filter/fl_crea1.jsp; the (4) serchStatus, (5) refreshTime, or (6) serchNode parameter to cftraces/process/pr_show_process.jsp; the (7) MaxActivationTime, (8) NumberOfBytes, (9) NumberOfTracefiles, (10) SessionName, or (11) serchSessionkind parameter to cftraces/session/se_crea.jsp; the (12) serchSessionDescription parameter to cftraces/session/se_show.jsp; the (13) serchApplication or (14) serchApplicationkind parameter to cftraces/session/tr_crea_filter.jsp; the (15) columKeyUnique, (16) columParameter, (17) componentName, (18) criteria1, (19) criteria2, (20) criteria3, (21) description, (22) filter, (23) id, (24) pathName, (25) tableName,
or (26) component parameter to cftraces/session/tr_create_tagg_para.jsp; or the (27) userid parameter to home/certificate_association.jsp.

US-CERT

Internet Systems Consortium (ISC) Releases Security Updates for BIND

Original release date: September 16, 2015

ISC has released security updates to address vulnerabilities in BIND. Exploitation of these vulnerabilities may allow a remote attacker to cause a denial-of-service condition.

Available updates include:

  • BIND 9 version 9.9.8
  • BIND 9 version 9.10.3
  • BIND 9 version 9.9.8-S1

Users and administrators are encouraged to review ISC Knowledge Base Articles AA-01305AA-01306, and AA-01307 and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.