Sumatra PDF Reader v1.9 released
FYI...
Sumatra PDF Reader v1.9 released
- http://blog.kowalczyk.info/software/...apdf/news.html
Version history 1.9 (2011-11-23)
Changes in this release:
support for CHM documents
support touch gestures, available on Windows 7 or later. Contributed by Robert Prouse
open linked audio and video files in an external media player
improved support for PDF transparency groups...
Download
- http://blog.kowalczyk.info/software/...df-viewer.html
:spider:
Cisco Linksys router WRT54G WRT54GX UPnP vuln
FYI...
Cisco Linksys router WRT54G WRT54GX UPnP vuln ...
- http://web.nvd.nist.gov/view/vuln/de...=CVE-2011-4499
Last revised: 11/22/2011
CVSS v2 Base Score: 7.5 (HIGH)
"... Cisco Linksys WRT54G* with firmware before 4.30.5, WRT54GS v1 through v3 with firmware before 4.71.1, and WRT54GS v4 with firmware before 1.06.1.."
- http://web.nvd.nist.gov/view/vuln/de...=CVE-2011-4500
Last revised: 11/22/2011
CVSS v2 Base Score: 7.5 (HIGH)
"... Cisco Linksys WRT54GX* with firmware 2.00.05, when UPnP is enabled..."
- http://web.nvd.nist.gov/view/vuln/de...=CVE-2011-4501
- http://web.nvd.nist.gov/view/vuln/de...=CVE-2011-4502
"... Edimax BR-6104K with firmware before 3.25, Edimax 6114Wg, Canyon-Tech CN-WF512 with firmware 1.83, Canyon-Tech CN-WF514 with firmware 2.08, Sitecom WL-153 with firmware before 1.39, and Sweex LB000021 with firmware 3.15..."
- http://www.kb.cert.org/vuls/id/357851
Last Updated: 2011-10-07 - "... Workarounds: Disable UPnP* on the device..."
* http://192.168.1.1/Manage.htm
... Administration - UPnP: > Disable...
- http://www.upnp-hacks.org/devices.html#linksys
___
- http://h-online.com/-1329727
24 August 2011
:fear::fear:
HP LaserJet network ptrs vuln ...
FYI...
- http://h20000.www2.hp.com/bizsupport...ctID=c03102449
Last Updated: 2011-12-23 Version: 2 (rev.2)
23 December 2011 Code signing firmware available
___
HP LaserJet printers - firmware access vuln
- http://www.securitytracker.com/id/1026357
CVE Reference: CVE-2011-4161
Updated: Dec 1 2011
Impact: Execution of arbitrary code via network, Root access via network
Vendor Confirmed: Yes
Description: A vulnerability was reported in some HP LaserJet Printers. A remote user can update the firmware with arbitrary code. A remote user can send a specially crafted print job or specially crafted data to TCP port 9100 on the target printer to trigger an unspecified flaw and cause the printer to upgrade its firmware with arbitrary code. Some printers do not check digital signatures on firmware upgrades...
The original advisory is available at:
http://redtape.msnbc.msn.com/_news/2...esearchers-say
Impact: A remote user can upgrade the printer's firmware with arbitrary code.
Solution: ... The vendor recommends disabling the 'Printer Firmware Update' feature as described at:
http://h71028.www7.hp.com/enterprise...-Imaging10.pdf
The vendor's advisory is available at:
http://h20565.www2.hp.com/portal/sit...r_na-c03102449
Last Updated: 2011-12-23
- http://web.nvd.nist.gov/view/vuln/de...=CVE-2011-4161
Last revised: 12/02/2011
CVSS v2 Base Score: 10.0 (HIGH)
- https://secunia.com/advisories/47063/
Release Date: 2011-12-28
Criticality level: Moderately critical
Impact: Security Bypass ...
- https://isc.sans.edu/diary.html?storyid=12112
Last Updated: 2011-11-29 16:22:00 UTC
- http://h-online.com/-1387374
30 November 2011
___
- http://www.hp.com/hpinfo/newsroom/pr...1/111129b.html
Nov. 29, 2011 - "... Today there has been sensational and inaccurate reporting regarding a potential security vulnerability with some HP LaserJet printers. No customer has reported unauthorized access. Speculation regarding potential for devices to catch fire due to a firmware change is false. HP LaserJet printers have a hardware element called a “thermal breaker” that is designed to prevent the fuser from overheating or causing a fire. It cannot be overcome by a firmware change or this proposed vulnerability. While HP has identified a potential security vulnerability with some HP LaserJet printers, no customer has reported unauthorized access. The specific vulnerability exists for some HP LaserJet devices if placed on a public internet without a firewall. In a private network, some printers may be vulnerable if a malicious effort is made to modify the firmware of the device by a trusted party on the network. In some Linux or Mac environments, it may be possible for a specially formatted corrupt print job to trigger a firmware upgrade.
HP is building a firmware upgrade to mitigate this issue and will be communicating this proactively to customers and partners who may be impacted. In the meantime, HP reiterates its recommendation to follow best practices for securing devices by placing printers behind a firewall and, where possible, disabling remote firmware upload on exposed printers..."
:fear: :sad:
Yahoo Messenger v11.5.0.152-us / 0-Day exploit - 2011.12.02 ...
FYI...
Yahoo Messenger v11.5.0.152 / 0-Day exploit - 2011.12.02...
- http://www.malwarecity.com/blog/new-...date-1229.html
2 December 2011 - "... A newly discovered exploit in version 11.x of the Messenger client (including the freshly-released 11.5.0.152-us*) allows a remote attacker to arbitrarily change the status message of virtually any Yahoo Messenger user that runs the vulnerable version...
You are -not- vulnerable if... You have Yahoo Messenger set to 'ignore anyone who is not in your Yahoo! Contacts' (which is off by default)..."
* Yahoo Messenger v11.5.0.152-us:
> http://www.majorgeeks.com/Yahoo_Messenger_d4235.html
Date: 2011-11-30 / Size: 18 MB / License: Freeware
- https://secure.wikimedia.org/wikiped...istory#Windows
v11.5.0.152 - November 29, 2011
Tabbed IMs / Improved Spam Management / New Social Games / Easy Access to Recent Contacts
Smart Archiving / Snap and Share / Quick Access to All Emoticons...
:fear:
-780- attempted exploitations...
FYI...
- http://forums.spybot.info/showpost.p...4&postcount=57
Dec. 16, 2011
___
- http://www.symantec.com/security_res...atconlearn.jsp
Updated: Dec 21 - "... For the period of December 8, 2011 through December 20, 2011, Symantec intelligence products have detected a total of -780- attempted exploits of CVE-2011-2462*. Exercise extreme caution when opening PDF files from untrusted sources. Any email attachments received from unfamiliar senders or unexpectedly from known senders should be treated suspiciously. Email attachments are a common vector for targeted attacks using vulnerabilities of this kind..."
___
- https://www.adobe.com/support/securi...apsa11-04.html
Last updated: December 15, 2011 - "... We are in the process of finalizing a fix for the issue and expect to make available an update for Adobe Reader 9.x and Acrobat 9.x for Windows on December 16, 2011..."
* http://web.nvd.nist.gov/view/vuln/de...=CVE-2011-2462
Last revised: 12/21/2011
CVSS v2 Base Score: 10.0 (HIGH)
"... as exploited in the wild in December 2011..."
:fear::mad:
Thunderbird v9.0 released
FYI...
Thunderbird v9.0 released
- https://www.mozilla.org/en-US/thunde.../releasenotes/
December 20, 2011
Download
- https://www.mozilla.org/en-US/thunderbird/all.html
Fixed in Thunderbird 9
- https://www.mozilla.org/security/kno...l#thunderbird9
MFSA 2011-58 Crash scaling <video> to extreme sizes
MFSA 2011-57 Crash when plugin removes itself on Mac OS X
MFSA 2011-56 Key detection without JavaScript via SVG animation
MFSA 2011-55 nsSVGValue out-of-bounds access
MFSA 2011-54 Potentially exploitable crash in the YARR regular expression library
MFSA 2011-53 Miscellaneous memory safety hazards (rv:9.0)
- http://web.nvd.nist.gov/view/vuln/de...=CVE-2011-3658 - 7.5 (HIGH)
- http://web.nvd.nist.gov/view/vuln/de...=CVE-2011-3660 - 10.0 (HIGH)
- http://web.nvd.nist.gov/view/vuln/de...=CVE-2011-3661 - 7.5 (HIGH)
- http://web.nvd.nist.gov/view/vuln/de...=CVE-2011-3663 - 4.3
- http://web.nvd.nist.gov/view/vuln/de...=CVE-2011-3664 - 6.8
- http://web.nvd.nist.gov/view/vuln/de...=CVE-2011-3665 - 7.5 (HIGH)
Last revised: 12/21/2011
"... Thunderbird 5.0 through 8.0..."
- http://www.securitytracker.com/id/1026447
Dec 21 2011
___
Thunderbird v3.1.7 released
- https://www.mozilla.org/en-US/thunde...all-older.html
- http://web.nvd.nist.gov/view/vuln/de...=CVE-2011-3666
Last revised: 12/21/2011
CVSS v2 Base Score: 6.8 (MEDIUM)
"... Thunderbird before 3.1.7..."
___
- http://h-online.com/-1400073
22 December 2011
:fear::spider:
WordPress Connections plugin vuln - updates available
FYI...
WordPress Connections plugin vuln - updates available
- https://secunia.com/advisories/47390/
Release Date: 2011-12-29
Criticality level: Moderately critical
Impact: Unknown
Where: From remote...
Solution... see: Connections Changelog:
http://wordpress.org/extend/plugins/...ons/changelog/
Latest: 0.7.2.2 - 12/25/11
0.7.1.6 - 06/15/2011 > Fixes security vulnerability
Requires: 3.2 or higher
Compatible up to: 3.3
Last Updated: 2011-12-26
:fear:
WordPress v3.3.1 released
FYI...
WordPress v3.3.1 released
- https://wordpress.org/download/
January 3, 2012 - "The latest stable release of WordPress (Version 3.3.1) is available..."
WordPress 3.3.1 Security and Maintenance Release
- https://wordpress.org/news/2012/01/wordpress-3-3-1/
January 3, 2012 - "This maintenance release fixes 15 issues with WordPress 3.3, as well as a fix for a cross-site scripting vulnerability that affected version 3.3..."
- https://core.trac.wordpress.org/quer...order=priority
___
- http://h-online.com/-1403297
4 January 2012
___
- http://www.securitytracker.com/id/1026542
CVE Reference: CVE-2012-0287
Date: Jan 19 2012
Impact: Disclosure of authentication information, Disclosure of user information, Execution of arbitrary code via network, Modification of user information
Version(s): 3.3
Solution: The vendor has issued a fix (3.3.1)...
:fear:
OpenSSL security advisory ...
FYI...
OpenSSL vulns/fixes ...
- https://isc.sans.edu/diary.html?storyid=12322
Last Updated: 2012-01-05 00:46:00 UTC - "... CVEs include:
DTLS Plaintext Recovery Attack (CVE-2011-4108)
Double-free in Policy Checks (CVE-2011-4109)
Uninitialized SSL 3.0 Padding (CVE-2011-4576)
Malformed RFC 3779 Data Can Cause Assertion Failures (CVE-2011-4577)
SGC Restart DoS Attack (CVE-2011-4619)
Invalid GOST parameters DoS Attack (CVE-2012-0027)
Details here: http://openssl.org/news/secadv_20120104.txt
Downloads here: http://openssl.org/source/ ..."
- http://www.openssl.org/news/secadv_20120104.txt
04 Jan 2012 - "... Affected users should upgrade to OpenSSL 1.0.0f or 0.9.8s..."
- https://secunia.com/advisories/47426/
Release Date: 2012-01-05
Criticality level: Moderately critical
Impact: Exposure of sensitive information, DoS, System access
Where: From remote
Solution: Update to version 0.9.8s or 1.0.0f.
- http://www.securitytracker.com/id/1026485
CVE Reference: CVE-2011-4108, CVE-2011-4109, CVE-2011-4576, CVE-2011-4577, CVE-2011-4619, CVE-2012-0027, CVE-2012-0390
Updated: Jan 6 2012
Impact: Denial of service via network, Disclosure of user information, Execution of arbitrary code via network, User access via network
Version(s): prior to 0.9.8s; 1.x prior to 1.0.0f
:fear: