phpMyAdmin 3.x - potential compromise
FYI...
phpMyAdmin 3.x - potential compromise
- https://secunia.com/advisories/50703/
Release Date: 2012-09-25
Criticality level: Extremely critical
Impact: System access
Where: From remote
... distribution of a compromised phpMyAdmin source code package containing a backdoor, which can be exploited to e.g. execute arbitrary PHP code.
Solution: Download and reinstall phpMyAdmin.
Software: phpMyAdmin 3.x
Original Advisory:
http://www.phpmyadmin.net/home_page/...ASA-2012-5.php
Date: 2012-09-25
Summary: One server from the SourceForge.net mirror system was distributing a phpMyAdmin kit containing a backdoor...
Severity: We consider this vulnerability to be critical.
Affected Versions: We currently know only about phpMyAdmin-3.5.2.2-all-languages.zip being affected, check if your download contains a file named server_sync.php.
Solution: Check your phpMyAdmin distribution and download it again from a trusted mirror if your copy contains a file named server_sync.php...
> http://www.phpmyadmin.net/home_page/downloads.php
phpMyAdmin 3.5.2.2 - Released 12 Aug 2012
___
- https://threatpost.com/en_us/blogs/s...myadmin-092512
Sep 25, 2012
- http://h-online.com/-1717644
26 Sep 2012
:fear: :fear: :fear:
RE: Apple iOS 6 release / Apple maps ...
FYI...
RE: iOS 6 release / Apple maps...
- http://news.yahoo.com/tim-cook-apple...135819039.html
Sep 28, 2012 - "Apple CEO Tim Cook says the company is "extremely sorry" for the frustration that its maps application has caused and it's doing everything it can to make it better. Cook said in a letter posted online Friday that Apple "fell short" in its commitment to make the best possible products for its customers. He recommends that people try alternatives by downloading competing map apps from the App Store while Apple works on its own maps products.... 'had released an update to its iPhone and iPad operating system last week that replaced Google Maps with Apple's own maps application. But users complained that the new maps have fewer details, lack public transit directions and misplace landmarks, among other problems."
* https://www.apple.com/letter-from-tim-cook-on-maps/
Sep 28, 2012
:fear: :sad:
Thunderbird v16.0.1 released
FYI...
Thunderbird v16.0.1 released
- https://www.mozilla.org/en-US/thunde...1/releasenotes
October 11, 2012 ... See Known Issues
Download
- https://www.mozilla.org/thunderbird/all.html
Security Advisories
- https://www.mozilla.org/security/kno...nderbird16.0.1
Fixed in Thunderbird 16.0.1
MFSA 2012-89 defaultValue security checks not applied
MFSA 2012-88 Miscellaneous memory safety hazards (rv:16.0.1)
- https://web.nvd.nist.gov/view/vuln/d...=CVE-2012-4190 - 10.0 (HIGH)
- https://web.nvd.nist.gov/view/vuln/d...=CVE-2012-4191 - 10.0 (HIGH)
- https://web.nvd.nist.gov/view/vuln/d...=CVE-2012-4192 - 4.3
- https://web.nvd.nist.gov/view/vuln/d...=CVE-2012-4193 - 9.3 (HIGH)
___
Bugs fixed
- https://www.mozilla.org/en-US/thunde...s/buglist.html
___
- http://www.securitytracker.com/id/1027652
CVE Reference: CVE-2012-4190, CVE-2012-4191
Oct 12 2012
Impact: A remote user can create HTML that, when loaded by the target user, will execute arbitrary code on the target user's system.
Solution: The vendor has issued a fix (16.0.1).
- https://secunia.com/advisories/50932/
Last Update: 2012-10-12
Criticality level: Highly critical
Impact: Security Bypass, System access
Where: From remote
CVE Reference(s): CVE-2012-4190, CVE-2012-4191, CVE-2012-4192, CVE-2012-4193
... vulnerabilities are reported in Firefox and Thunderbird versions -prior- to 16.0.1 and SeaMonkey versions -prior- to 2.13.1.
Solution: Update Firefox and Thunderbird to versions 16.0.1 and SeaMonkey to version 2.13.1.
:fear:
Oracle Critical Patch Updates - October 2012
FYI...
Oracle Critical Patch Update Advisory - October 2012
- http://www.oracle.com/technetwork/to...2-1515893.html
Oct 16, 2012 - "... Critical Patch Update patches are usually cumulative but each advisory describes only the security fixes added since the previous Critical Patch Update advisory... Oracle strongly recommends that customers apply CPU fixes as soon as possible. This Critical Patch Update contains 109 new security fixes..."
Patch Availability Table
- http://www.oracle.com/technetwork/to...15893.html#PIN
Risk Matrices
- http://www.oracle.com/technetwork/to...e-1515934.html
___
- http://atlas.arbor.net/briefs/index#968980828
Severity: High Severity
October 17, 2012
In addition to patching Java, Oracle releases patches for other products as well.
Analysis: While the Java security issues get the most press due it's widespread exploitation, the Oracle database and other products are often used to protect sensitive information and should also be protected. Some of these other products don't have the same attack footprint as Java however if an attacker is already inside the network then other Oracle software is easier to reach and exploit.
Source: http://h-online.com/-1731176
Oct 17 2012
Sun SPARC Server Bug in Integrated Lights Out Manager Lets Local Users Access Data
http://www.securitytracker.com/id/1027677
Sun GlassFish Enterprise Server CORBA Bug Lets Remote Users Cause Partial DoS Conditions
http://www.securitytracker.com/id/1027676
Oracle Industry Applications Bugs Let Remote Users Partially Access and Modify Data and Deny Service
http://www.securitytracker.com/id/1027675
Oracle Siebel CRM Bugs Let Remote Users Access Data on the Target System
http://www.securitytracker.com/id/1027674
Oracle Financial Services Software Bugs Lets Remote Authenticated Users Access and Modify Data and Deny Service
http://www.securitytracker.com/id/1027673
Oracle Java Runtime Environment (JRE) Bugs Let Remote Users Gain Full Control of the Target System
http://www.securitytracker.com/id/1027672
Oracle PeopleSoft Products Bugs Lets Remote Authenticated Users Partially Access Data, Modify Data, and Deny Service
http://www.securitytracker.com/id/1027671
Oracle Supply Chain Products Suite Bugs Let Remote Users Access and Modify Data
http://www.securitytracker.com/id/1027670
Oracle Fusion Middleware Bugs Let Remote Users Access and Modify Data and Local and Remote Users Deny Service
http://www.securitytracker.com/id/1027669
Oracle E-Business Suite Bugs Let Remote Users Partially Access and Modify Data and Partially Deny Service
http://www.securitytracker.com/id/1027668
Solaris Lets Local Users Gain Root Privileges and Remote Users Deny Service
http://www.securitytracker.com/id/1027667
Oracle Virtualization Bugs Let Remote Users Partially Modify Data and Local Users Partially Deny Service
http://www.securitytracker.com/id/1027666
MySQL Multiple Bugs Let Remote Authenticated Users Access and Modify Data and Deny Service and Local Users Access Data
http://www.securitytracker.com/id/1027665
Oracle Database Bugs Let Remote Authenticated Users Partially Modify Data and Cause Partial Denial of Service Conditions
http://www.securitytracker.com/id/1027664
.
iOS 6.0.1, Safari 6.0.2 released
FYI...
iOS 6.0.1 Software Update
- https://support.apple.com/kb/DL1606
Nov 1, 2012
"This update contains improvements and bug fixes, including:
• Fixes a bug that prevents iPhone 5 from installing software updates wirelessly over the air
• Fixes a bug where horizontal lines may be displayed across the keyboard
• Fixes an issue that could cause camera flash to not go off
• Improves reliability of iPhone 5 and iPod touch (5th generation) when connected to encrypted WPA2 Wi-Fi networks
• Resolves an issue that prevents iPhone from using the cellular network in some instances
• Consolidated the Use Cellular Data switch for iTunes Match
• Fixes a Passcode Lock bug which sometimes allowed access to Passbook pass details from lock screen
• Fixes a bug affecting Exchange meetings
For information on the security content of this update, please visit this website:
http://support.apple.com/kb/HT1222
This update is available via iTunes and wirelessly."
- https://secunia.com/advisories/51162/
Release Date: 2012-11-02
Criticality level: Highly critical
Impact: Security Bypass, Exposure of system information, System access
Where: From remote
CVE Reference(s): CVE-2012-3748, CVE-2012-3749, CVE-2012-3750, CVE-2012-5112
For more information: https://secunia.com/SA51157/
Solution: Apply iOS 6.0.1 Software Update.
Original Advisory: APPLE-SA-2012-11-01-1:
http://support.apple.com/kb/HT5567
> http://lists.apple.com/archives/secu.../msg00000.html
___
Safari 6.0.2 released
- https://support.apple.com/kb/HT5568
Nov 1, 2012
Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.2
... WebKit -
1) Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution
Description: A time of check to time of use issue existed in the handling of JavaScript arrays. This issue was addressed through additional validation of JavaScript arrays.
CVE-2012-3748 : Joost Pol and Daan Keuper of Certified Secure working with HP TippingPoint's Zero Day Initiative
2) Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution
Description: A use after free issue existed in the handling of SVG images. This issue was addressed through improved memory handling.
CVE-2012-5112 : Pinkie Pie working with Google's Pwnium 2 contest...
- https://secunia.com/advisories/51157/
Release Date: 2012-11-02
Criticality level: Highly critical
Impact: System access
Where: From remote
CVE Reference(s): CVE-2012-3748, CVE-2012-5112
For more information: https://secunia.com/SA50954/
The vulnerabilities are reported in versions prior to 6.0.2 running on OS X Lion and OS X Mountain Lion.
Solution: Update to version 6.0.2.
Original Advisory: APPLE-SA-2012-11-01-2:
http://support.apple.com/kb/HT5568
> http://lists.apple.com/archives/secu.../msg00001.html
:fear::fear:
Adobe PDF Reader 0-day in-the-wild ...
FYI...
Adobe PDF Reader 0-day in-the-wild ...
- https://krebsonsecurity.com/2012/11/...-adobe-reader/
Nov 7th, 2012 - "Software vendor Adobe says it is investigating claims that instructions for exploiting a previously unknown critical security hole in the latest versions of its widely-used PDF Reader software are being sold in the cybercriminal underground. The finding comes from malware analysts at Moscow-based forensics firm Group-IB, who say they’ve discovered that a new exploit capable of compromising the security of computers running Adobe X and XI (Adobe Reader 10 and 11) is being sold in the underground for up to $50,000. This is significant because — beginning with Reader X– Adobe introduced a “sandbox” feature aimed at blocking the exploitation of previously unidentified security holes in its software, and so far that protection has held its ground. But according to Andrey Komarov, Group-IB’s head of international projects, this vulnerability allows attackers to sidestep Reader’s sandbox protection...
> https://www.youtube.com/watch?featur...F8VDBkK0M#t=0s
... Adobe spokeswoman Wiebke Lips said the company was not contacted by Group-IB, and is unable to verify their claims, given the limited amount of information currently available... Group-IB says the vulnerability is included in a new, custom version of the Blackhole Exploit Kit, a malicious software framework sold in the underground that is designed to be stitched into hacked Web sites and deploy malware via exploits such as this one... consumers should realize that there are several PDF reader option apart from Adobe’s, including Foxit, PDF-Xchange Viewer, Nitro PDF and Sumatra PDF*."
* http://blog.kowalczyk.info/software/...df-viewer.html
___
- http://h-online.com/-1746442
8 Nov 2012
:fear::fear:
QuickTime v7.7.3 released
FYI...
QuickTime v7.7.3 released
- https://secunia.com/advisories/51226/
Release Date: 2012-11-08
Criticality level: Highly critical
Impact: System access
Where: From remote
CVE Reference(s): CVE-2011-1374, CVE-2012-3751, CVE-2012-3752, CVE-2012-3753, CVE-2012-3754, CVE-2012-3755, CVE-2012-3756, CVE-2012-3757, CVE-2012-3758
... vulnerabilities are reported in versions prior to 7.7.3.
Solution: Update to version 7.7.3.
Original Advisory: http://support.apple.com/kb/HT5581
> http://lists.apple.com/archives/secu.../msg00002.html
... QuickTime 7.7.3 may be obtained from the QuickTime Downloads site:
http://www.apple.com/quicktime/download/
-or-
Use Apple Software Update.
___
- http://h-online.com/-1746273
8 Nov 2012
:fear:
Skype - pwd reset vuln ...
FYI...
Skype - pwd reset vuln...
- http://heartbeat.skype.com/2012/11/security_issue.html
Nov 14, 2012 - "Early this morning we were notified of user concerns surrounding the security of the password reset feature on our website. This issue affected some users where multiple Skype accounts were registered to the same email address. We suspended the password reset feature temporarily this morning as a precaution and have made updates to the password reset process today so that it is now working properly. We are reaching out to a small number of users who may have been impacted to assist as necessary. Skype is committed to providing a safe and secure communications experience to our users and we apologize for the inconvenience."
___
- http://h-online.com/-1749720
14 Nov 2012
- http://www.theregister.co.uk/2012/11...es_hijack_bug/
14 Nov 2012
:fear: