View Full Version : Alerts - Q4-2006-Q1-2007b

2006-11-15, 02:47

Flash v9.0.28.0 released
- http://www.adobe.com/shockwave/download/download.cgi?P1_Prod_Version=ShockwaveFlash
Version: 9,0,28,0
Browser: Firefox, Mozilla, Netscape, Opera, and Internet Explorer
Date Posted: 11/14/2006

Security bulletins and advisories
- http://www.adobe.com/support/security/

Test version installed:
- http://www.macromedia.com/software/flash/about/

- http://isc.sans.org/diary.php?compare=1&storyid=1859
Last Updated: 2006-11-14 23:58:33 UTC
"...Affected versions include 9.x, 8.x and 7.x . If after reading the adobe announcement you are left wondering what modified HTTP headers of client requests can do to cause HTTP Request Splitting attacks, or what those are to start with, take a look at e.g.: http://en.wikipedia.org/wiki/HTTP_Response_splitting ..."

2006-11-15, 15:55

- http://isc.sans.org/diary.php?storyid=1863
Last Updated: 2006-11-15 12:43:39 UTC
"Today, the SANS Institute released an updated Top 20 Internet Security Attack Targets* list. This update reorganizes the list recognizing the new reality of operating system independent issues. Sections for cross-platform applications, network devices, policy and the overall issue of 0-day attacks where added. The list has been released for the last 7 years. From the start, organizations like the FBI assisted in putting the list together. It is in particular useful if you have to set and defend priorities..."

* http://www.sans.org/top20/


2006-12-18, 18:22

- http://www.opera.com/index.dml

Changelog for Opera 9.10 for Windows
- http://www.opera.com/docs/changelogs/windows/910/
"Release Notes
This release of Opera introduces Fraud Protection*..."

* http://www.opera.com/docs/fraudprotection/


2007-01-02, 16:05

- http://www.eweek.com/article2/0,1895,2078180,00.asp
January 1, 2007
"An easy-to-exploit security vulnerability in Apple Computer's QuickTime media player could put millions of Macintosh and Windows users at risk of code execution attacks. The QuickTime flaw kicked off the Month of Apple Bugs project, which promises to expose unpatched Mac OS X and Apple application vulnerabilities on a daily basis throughout the month of January..."

> http://secunia.com/advisories/23540/

- http://blog.washingtonpost.com/securityfix/2007/01/quicktime_flaw_kicks_off_month_1.html
January 1, 2007
"...LMH said the Windows and Mac QuickTime Version 7.1.3 and the Player Version 7.1.3 are vulnerable, and that earlier versions also are likely to be vulnerable. QuickTime users can mitigate the threat from this bug by not opening links that begin with "rtsp://" or by disabling the display of streaming files in QuickTime.

To do that on a Mac, open QuickTime, go to "Preferences," then click on the "Advanced" tab. You should see a "Mime Settings" button; click on that, and then uncheck the box next to "Streaming - Streaming Movies."

For Windows users of the most current QuickTime version, click on "Edit," then 'Preferences," and then "QuickTime Preferences". Click on the "File Types" tab, and then on the plus sign next to "Streaming - Streaming Movies" and uncheck the box next to "RSTP stream descriptor"..."

Also see: http://isc.sans.org/diary.php?storyid=1993
Last Updated: 2007-01-02 00:54:21 UTC
(Screenshots available at the ISC URL above.)

QuickTime RTSP buffer overflow vuln ...iTunes also affected...
> http://www.kb.cert.org/vuls/id/442497
Last Updated: 01/02/2007

:fear: :spider:

2007-01-03, 17:47

Locating new phishing sites
- http://www.f-secure.com/weblog/archives/archive-012007.html#00001067
January 3, 2007 ~ "Phishing sites are easy to locate once the bad boys start spamming out thousands of mails linking to their site. But how can such sites be found before that?... At the time of posting this entry, none of the common browsers (IE, Firefox, Opera) detected this site as a phishing site with their built-in filters. Soon they will."

Flash Phishing
- http://www.f-secure.com/weblog/archives/archive-012007.html#00001066
January 3, 2007 ~ "We've now seen several phishing web sites that are using flash-based content instead of normal HTML. Probably the main to reason to do this is to try to avoid phishing toolbars that analyze page content. Two recent examples, both targeting PayPal: ... ppal-form-ssl. com and ... welcome-ppl. com . These sites look like the real PayPal front page, but they are actually Flash recreations..."

(Screenshots available at the URLs above.)


2007-01-04, 14:04

- http://secunia.com/advisories/23612/
Release Date: 2007-01-04
Critical: Highly critical
Impact: System access
Where: From remote
Solution Status: Vendor Patch
Software: OpenOffice 1.0.x, OpenOffice 1.1.x, OpenOffice.org 2.x
...Successful exploitation may allow the execution of arbitrary code.
Solution: Apply fixes or update to version 2.1...

1. OpenOffice v2.1: http://download.openoffice.org/index.html
2. Patch: http://www.openoffice.org/issues/show_bug.cgi?id=70042

OpenOffice.org 2.1
- http://www.openoffice.org/
"...significant improvement over all previous versions. Among other things:
* Multiple monitor support for Impress
* Improved Calc HTML export
* Enhanced Access support for Base
* Even more languages
* Automatic notification of updates <<< ..."

Release Notes
- http://development.openoffice.org/releases/2.1.0.html

:fear: :spider:

2007-01-10, 12:48

Update available for vulnerabilities in versions 7.0.8 and earlier of Adobe Reader and Acrobat
- http://www.adobe.com/support/security/bulletins/apsb07-01.html
Release date: January 9, 2007
"...Solution: Adobe Reader on Windows
Adobe strongly recommends upgrading to Adobe Reader 8, available from the following site:
http://www.adobe.com/go/getreader .
Users with Adobe Reader 7.0 through 7.0.8, who cannot upgrade to Reader 8, should upgrade to Reader 7.0.9. Adobe Reader 7.0.9 is available as a full installation package and not a patch. It can be installed on top of any older version of Reader 7 and user preferences will be preserved: http://www.adobe.com/go/getreader .

Adobe Acrobat 7.0.9 Standard/Professional/3D update - multiple languages
* http://www.adobe.com/support/downloads/new.jsp

Server-side workarounds to prevent potential cross-site scripting vulnerability in versions 7.0.8 and earlier...
- http://www.adobe.com/support/security/advisories/apsa07-02.html
Release date: January 9, 2007

- http://www.adobe.com/support/security/bulletins/apsb07-01.html
January 16, 2007 — "...Updated to reflect the availability of Adobe Reader and Acrobat 6.0.6* for Windows... Users with Adobe Reader 7.0 through 7.0.8, who cannot upgrade to Reader 8, should upgrade to Reader 7.0.9. Adobe Reader 7.0.9 is available as a full installation package and not a patch. It can be installed on top of any older version of Reader 7 and user preferences will be preserved: http://www.adobe.com/go/getreader.
If customers are using Adobe Reader 6.0–6.0.5 and are unable to upgrade to version 8 or 7.0.9 due to Operating System constraints for example, Adobe recommends upgrading to version 6.0.6 either via a series of patches from:
-or- by using the auto-update mechanism within the product when prompted..."