CSRF token bypass in GeniXCMS before 1.0.2 could result in escalation of privileges. The forgotpassword.php page can be used to acquire a token.
Monthly Archives: February 2017
Bugtraq: PDFMate PDF Converter Pro 1.7.5.0 – Buffer Overflow Vulnerability
PDFMate PDF Converter Pro 1.7.5.0 – Buffer Overflow Vulnerability
RHSA-2017:0286-1: Moderate: openssl security update
Red Hat Enterprise Linux: An update for openssl is now available for Red Hat Enterprise Linux 6 and Red
Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of
Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a
detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
CVE-2016-8610, CVE-2017-3731
USN-3202-1: Spice vulnerabilities
Ubuntu Security Notice USN-3202-1
20th February, 2017
spice vulnerabilities
A security issue affects these releases of Ubuntu and its
derivatives:
- Ubuntu 16.10
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
Summary
Spice could be made to crash or run programs if it received specially
crafted network traffic.
Software description
- spice
– SPICE protocol client and server library
Details
Frediano Ziglio discovered that Spice incorrectly handled certain client
messages. A remote attacker could use this issue to cause Spice to crash,
resulting in a denial of service, or possibly execute arbitrary code.
Update instructions
The problem can be corrected by updating your system to the following
package version:
- Ubuntu 16.10:
-
libspice-server1
0.12.8-1ubuntu0.1
- Ubuntu 16.04 LTS:
-
libspice-server1
0.12.6-4ubuntu0.2
- Ubuntu 14.04 LTS:
-
libspice-server1
0.12.4-0nocelt2ubuntu1.4
To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.
After a standard system update you need to restart qemu guests to make
all the necessary changes.
References
USN-3203-1: gtk-vnc vulnerabilities
Ubuntu Security Notice USN-3203-1
20th February, 2017
gtk-vnc vulnerabilities
A security issue affects these releases of Ubuntu and its
derivatives:
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary
gtk-vnc could be made to crash or run programs if it received specially
crafted network traffic.
Software description
- gtk-vnc
– VNC viewer widget
Details
It was discovered that gtk-vnc incorrectly validated certain data. A
malicious server could use this issue to cause gtk-vnc to crash, resulting
in a denial of service, or possibly execute arbitrary code.
Update instructions
The problem can be corrected by updating your system to the following
package version:
- Ubuntu 14.04 LTS:
-
libgtk-vnc-1.0-0
0.5.3-0ubuntu2.1
-
libgvnc-1.0-0
0.5.3-0ubuntu2.1
-
libgtk-vnc-2.0-0
0.5.3-0ubuntu2.1
- Ubuntu 12.04 LTS:
-
libgtk-vnc-1.0-0
0.5.0-1ubuntu1.1
-
libgvnc-1.0-0
0.5.0-1ubuntu1.1
-
libgtk-vnc-2.0-0
0.5.0-1ubuntu1.1
To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.
In general, a standard system update will make all the necessary changes.
References
USN-3204-1: Tomcat vulnerability
Ubuntu Security Notice USN-3204-1
20th February, 2017
tomcat6, tomcat7 vulnerability
A security issue affects these releases of Ubuntu and its
derivatives:
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary
Tomcat could be made to consume resources if it received specially crafted
network traffic.
Software description
- tomcat6
– Servlet and JSP engine - tomcat7
– Servlet and JSP engine
Details
It was discovered that Tomcat incorrectly handled certain HTTP requests. A
remote attacker could possibly use this issue to cause Tomcat to consume
resources, resulting in a denial of service.
Update instructions
The problem can be corrected by updating your system to the following
package version:
- Ubuntu 14.04 LTS:
-
tomcat7
7.0.52-1ubuntu0.10
-
libtomcat7-java
7.0.52-1ubuntu0.10
- Ubuntu 12.04 LTS:
-
libtomcat6-java
6.0.35-1ubuntu3.11
-
tomcat6
6.0.35-1ubuntu3.11
To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.
In general, a standard system update will make all the necessary changes.
References
Skilled Attacker Develops Advanced Windows Botnet to Spread Infamous Mirai Malware
Kaspersky Lab experts are analyzing the first Windows-based spreader for the Mirai malware as part of a concerted effort to close down Mirai botnets in the wild.
CryptoMix: Avast adds a new free decryption tool to its collection
In cooperation with researchers from CERT.PL, we are happy to announce the release of another decryptor tool, for the ransomware,CryptoMix. CryptoMix has multiple aliases, including CryptFile2, Zeta, or the most recent alias CryptoShield.
openssl101e-1.0.1e-10.el5
OpenSSL
=======
Security Fixes
————–
* An integer underflow leading to an out of bounds read flaw was found in OpenSSL. A remote attacker could possibly use this flaw to crash a 32-bit TLS/SSL server or client using OpenSSL if it used the RC4-MD5 cipher suite. (CVE-2017-3731)
* A denial of service flaw was found in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections form other clients. (CVE-2016-8610)
* The signing function in crypto/ecdsa/ecdsa_ossl.c in certain OpenSSL versions and forks is vulnerable to timing attacks when signing with the standardized elliptic curve P-256 despite featuring constant-time curve operations and modular inversion. A software defect omits setting the BN_FLG_CONSTTIME flag for nonces, failing to take a secure code path in the BN_mod_inverse method and therefore resulting in a cache-timing attack vulnerability. A malicious user with local access can recover ECDSA P-256 private keys. (CVE-2016-7056)