Antoine Delignat-Lavaud from Inria discovered an issue in the way NSS
(the Mozilla Network Security Service library, embedded in Wheezy’s
Iceweasel package), was parsing ASN.1 data used in signatures, making it
vulnerable to a signature forgery attack.
All posts by 007admin
DSA-3033 nss – security update
Antoine Delignat-Lavaud from Inria discovered an issue in the way NSS
(the Mozilla Network Security Service library) was parsing ASN.1 data
used in signatures, making it vulnerable to a signature forgery attack.
DSA-3035 bash – security update
Tavis Ormandy discovered that the patch applied to fix CVE-2014-6271
released in DSA-3032-1 for bash, the GNU Bourne-Again Shell, was
incomplete and could still allow some characters to be injected into
another environment (CVE-2014-7169). With this update prefix and suffix
for environment variable names which contain shell functions are added
as hardening measure.
Bourne Again Shell (Bash) Remote Code Execution Vulnerability
Original release date: September 24, 2014
US-CERT is aware of a Bash vulnerability affecting Unix-based operating systems such as Linux and Mac OS X. Exploitation of this vulnerability may allow a remote attacker to execute arbitrary code on an affected system.
Â
US-CERT recommends users and administrators review the Redhat Security Blog for additional details and to refer to their respective Linux or Unix-based OS vendor(s) for an appropriate patch. A GNU Bash patch is also available for experienced users and administrators to implement.
Operating systems with updates include:
This product is provided subject to this Notification and this Privacy & Use policy.
[ MDVSA-2014:186 ] bash
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2014:186 http://www.mandriva.com/en/support/security/ _______________________________________________________________________ Package : bash Date : September 24, 2014 Affected: Business Server 1.0 _______________________________________________________________________ Problem Description: A flaw was found in the way Bash evaluated certain specially crafted environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Certain services and applications allow remote unauthenticated attackers to provide environment variables, allowing them to exploit this issue (CVE-2014-6271). _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6271 https://rhn.redhat.co
Bash Lets You Do Bad Things
Researchers Work to Predict Malicious Domains
SEATTLE–A typical phishing or Web-based malware attack usually isn’t terribly complex. But they need a few things in order to work, and one of the key components often is a malicious domain. Researchers spend a lot of time identifying and taking these domains down, but some researchers now are trying to stay a step ahead […]
Mozilla Network Security Services (NSS) Library Vulnerability
Original release date: September 24, 2014
A vulnerability in the Mozilla NSS library could allow an attacker to forge an RSA signature, such as an SSL certificate. The package is often included in 3rd party software, including Linux distributions, Google Chrome, and others. It is possible that other cryptographic libraries may be similarly affected.
US-CERT recommends users and administrators review Vulnerability Note VU#772676, Mozilla Foundation Security Advisory 2014-73, and Google Stable Channel Update Blog for additional information and mitigation details.
This product is provided subject to this Notification and this Privacy & Use policy.
As Bug Bounties Become the Norm, Challenges Remain
SEATTLE–For many years, Microsoft and other large software vendors resisted the idea of providing bug bounties or other financial incentives for researchers to report vulnerabilities. That changed when the landscape began to shift and more researchers began reporting vulnerabilities through brokers or selling them on the open market. While bounties have now become commonplace, simply […]
SA-CONTRIB-2014-095 – Safeword – Cross Site Scripting (XSS)
- Advisory ID: DRUPAL-SA-CONTRIB-2014-095
- Project: Safeword (third-party module)
- Version: 7.x
- Date: 2014-September-23
- Security risk: 7/25 ( Less Critical) AC:Basic/A:Admin/CI:None/II:None/E:Theoretical/TD:All
- Vulnerability: Cross Site Scripting
Description
The safeword module provides an automatically generated ‘Machine Name’ when text is entered into a human-readable field.
The module doesn’t sufficiently sanitize the field description that can be used as help text under the machine name editing field.
This vulnerability is mitigated by the fact that an attacker must have a role with the permission “administer taxonomy”.
CVE identifier(s) issued
- A CVE identifier will be requested, and added upon issuance, in accordance
with Drupal Security Team processes.
Versions affected
- Safeword 7.x-1.x versions prior to 7.x-1.9.
Drupal core is not affected. If you do not use the contributed Safeword module,
there is nothing you need to do.
Solution
Install the latest version:
- If you use the Safeword module for Drupal 7.x, upgrade to Safeword 7.x-1.10
Also see the Safeword project page.
Reported by
Fixed by
- Matt Vance provisional member the Drupal Security Team
- Francisco José Cruz Romanos provisional member the Drupal Security Team
Coordinated by
- Rick Manelius of the Drupal Security Team
Contact and More Information
The Drupal security team can be reached at security at drupal.org or via the contact form at
https://www.drupal.org/contact.
Learn more about the Drupal Security team and their policies,
writing secure code for Drupal, and
securing your site.