ESA-2016-064: EMC Data Domain Information Disclosure Vulnerability
Monthly Archives: June 2016
Bugtraq: [security bulletin] HPSBMU03614 rev.1 – HPE Systems Insight Manager using Samba, Multiple Remote Vulnerabilities
[security bulletin] HPSBMU03614 rev.1 – HPE Systems Insight Manager using Samba, Multiple Remote Vulnerabilities
Bugtraq: CVE-2016-3085: Apache CloudStack Authentication Bypass Vulnerability
CVE-2016-3085: Apache CloudStack Authentication Bypass Vulnerability
Bugtraq: [SECURITY] [DSA 3599-1] p7zip security update
[SECURITY] [DSA 3599-1] p7zip security update
USN-2993-1: Firefox vulnerabilities
Ubuntu Security Notice USN-2993-1
9th June, 2016
firefox vulnerabilities
A security issue affects these releases of Ubuntu and its
derivatives:
- Ubuntu 16.04 LTS
- Ubuntu 15.10
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary
Firefox could be made to crash or run programs as your login if it
opened a malicious website.
Software description
- firefox
– Mozilla Open Source web browser
Details
Christian Holler, Gary Kwong, Jesse Ruderman, Tyson Smith, Timothy Nikkel,
Sylvestre Ledru, Julian Seward, Olli Pettay, Karl Tomlinson, Christoph
Diehl, Julian Hector, Jan de Mooij, Mats Palmgren, and Tooru Fujisawa
discovered multiple memory safety issues in Firefox. If a user were
tricked in to opening a specially crafted website, an attacker could
potentially exploit these to cause a denial of service via application
crash, or execute arbitrary code. (CVE-2016-2815, CVE-2016-2818)
A buffer overflow was discovered when parsing HTML5 fragments in some
circumstances. If a user were tricked in to opening a specially crafted
website, an attacker could potentially exploit this to cause a denial of
service via application crash, or execute arbitrary code. (CVE-2016-2819)
A use-after-free was discovered in contenteditable mode in some
circumstances. If a user were tricked in to opening a specially crafted
website, an attacker could potentially exploit this to cause a denial of
service via application crash, or execute arbitrary code. (CVE-2016-2821)
Jordi Chancel discovered a way to use a persistent menu within a <select>
element and place this in an arbitrary location. If a user were tricked in
to opening a specially crafted website, an attacker could potentially
exploit this to spoof the addressbar contents. (CVE-2016-2822)
Armin Razmdjou that the location.host property can be set to an arbitrary
string after creating an invalid data: URI. If a user were tricked in to
opening a specially crafted website, an attacker could potentially exploit
this to bypass some same-origin protections. (CVE-2016-2825)
A use-after-free was discovered when processing WebGL content in some
circumstances. If a user were tricked in to opening a specially crafted
website, an attacker could potentially exploit this to cause a denial of
service via application crash, or execute arbitrary code. (CVE-2016-2828)
Tim McCormack discovered that the permissions notification can show the
wrong icon when a page requests several permissions in quick succession.
An attacker could potentially exploit this by tricking the user in to
giving consent for access to the wrong resource. (CVE-2016-2829)
It was discovered that a pointerlock can be created in a fullscreen
window without user consent in some circumstances, and this pointerlock
cannot be cancelled without quitting Firefox. If a user were tricked in
to opening a specially crafted website, an attacker could potentially
exploit this to cause a denial of service or conduct clickjacking attacks.
(CVE-2016-2831)
John Schoenick discovered that CSS pseudo-classes can leak information
about plugins that are installed but disabled. An attacker could
potentially exploit this to fingerprint users. (CVE-2016-2832)
Matt Wobensmith discovered that Content Security Policy (CSP) does not
block the loading of cross-domain Java applets when specified by policy.
An attacker could potentially exploit this to bypass CSP protections and
conduct cross-site scripting (XSS) attacks. (CVE-2016-2833)
In addition, multiple unspecified security issues were discovered in NSS.
(CVE-2016-2834)
Update instructions
The problem can be corrected by updating your system to the following
package version:
- Ubuntu 16.04 LTS:
-
firefox
47.0+build3-0ubuntu0.16.04.1
- Ubuntu 15.10:
-
firefox
47.0+build3-0ubuntu0.15.10.1
- Ubuntu 14.04 LTS:
-
firefox
47.0+build3-0ubuntu0.14.04.1
- Ubuntu 12.04 LTS:
-
firefox
47.0+build3-0ubuntu0.12.04.1
To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.
After a standard system update you need to restart Firefox to make
all the necessary changes.
References
USN-2995-1: Squid vulnerabilities
Ubuntu Security Notice USN-2995-1
9th June, 2016
squid3 vulnerabilities
A security issue affects these releases of Ubuntu and its
derivatives:
- Ubuntu 16.04 LTS
- Ubuntu 15.10
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary
Several security issues were fixed in Squid.
Software description
- squid3
– Web proxy cache server
Details
Yuriy M. Kaminskiy discovered that the Squid pinger utility incorrectly
handled certain ICMPv6 packets. A remote attacker could use this issue to
cause Squid to crash, resulting in a denial of service, or possibly cause
Squid to leak information into log files. (CVE-2016-3947)
Yuriy M. Kaminskiy discovered that the Squid cachemgr.cgi tool incorrectly
handled certain crafted data. A remote attacker could use this issue to
cause Squid to crash, resulting in a denial of service, or possibly execute
arbitrary code. (CVE-2016-4051)
It was discovered that Squid incorrectly handled certain Edge Side Includes
(ESI) responses. A remote attacker could possibly use this issue to cause
Squid to crash, resulting in a denial of service, or possibly execute
arbitrary code. (CVE-2016-4052, CVE-2016-4053, CVE-2016-4054)
Jianjun Chen discovered that Squid did not correctly ignore the Host header
when absolute-URI is provided. A remote attacker could possibly use this
issue to conduct cache-poisoning attacks. This issue only affected Ubuntu
14.04 LTS, Ubuntu 15.10 and Ubuntu 16.04 LTS. (CVE-2016-4553)
Jianjun Chen discovered that Squid incorrectly handled certain HTTP Host
headers. A remote attacker could possibly use this issue to conduct
cache-poisoning attacks. (CVE-2016-4554)
It was discovered that Squid incorrectly handled certain Edge Side Includes
(ESI) responses. A remote attacker could possibly use this issue to cause
Squid to crash, resulting in a denial of service. (CVE-2016-4555,
CVE-2016-4556)
Update instructions
The problem can be corrected by updating your system to the following
package version:
- Ubuntu 16.04 LTS:
-
squid-cgi
3.5.12-1ubuntu7.2
-
squid3
3.5.12-1ubuntu7.2
- Ubuntu 15.10:
-
squid-cgi
3.3.8-1ubuntu16.3
-
squid3
3.3.8-1ubuntu16.3
- Ubuntu 14.04 LTS:
-
squid-cgi
3.3.8-1ubuntu6.8
-
squid3
3.3.8-1ubuntu6.8
- Ubuntu 12.04 LTS:
-
squid-cgi
3.1.19-1ubuntu3.12.04.7
-
squid3
3.1.19-1ubuntu3.12.04.7
To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.
In general, a standard system update will make all the necessary changes.
References
CVE-2015-8268
The up.time agent in Idera Uptime Infrastructure Monitor 7.5 and 7.6 on Linux allows remote attackers to read arbitrary files via unspecified vectors.
CVE-2016-0910
EMC Data Domain OS 5.5 before 5.5.4.0, 5.6 before 5.6.1.004, and 5.7 before 5.7.2.0 stores session identifiers of GUI users in a world-readable file, which allows local users to hijack arbitrary accounts via unspecified vectors.
CVE-2016-0916
EMC NetWorker 8.2.1.x and 8.2.2.x before 8.2.2.6 and 9.x before 9.0.0.6 mishandles authentication, which allows remote attackers to execute arbitrary commands by leveraging access to a different NetWorker instance.
CVE-2016-1419
Cisco Access Point devices with software 8.2(102.43) allow remote attackers to cause a denial of service (device reload) via crafted ARP packets, aka Bug ID CSCuy55803.