Old Alerts

[AplusWebMaster]

FYI...

Google Chrome v8.0.552.215 released
- http://secunia.com/advisories/42472/
Release Date: 2010-12-03
Impact: Unknown, Exposure of sensitive information, DoS, System access
Where: From remote
Solution: Fixed in version 8.0.552.215.

- http://googlechromereleases.blogspot...able%20updates
December 2, 2010 - "... over 800 bug fixes and stability improvements..."

- http://www.securitytracker.com/id?1024821
Dec 3 2010

- http://www.informationweek.com/share...leID=228400159
Nov. 29, 2010

- http://weblogs.mozillazine.org/asa/a..._think_th.html
November 28, 2010

[AplusWebMaster]

FYI...

Winamp v5.601 released
- http://secunia.com/advisories/42475/
Release Date: 2010-12-07
Criticality level: Moderately critical
Impact: Unknown
Where: From remote
Solution Status: Vendor Patch
... The vulnerability is reported in versions prior to 5.601.
Solution: Update to version 5.601.
Original Advisory: http://forums.winamp.com/showthread....hreadid=159785

- http://www.winamp.com/help/Version_H...1_.28Latest.29
___

- http://secunia.com/advisories/44600/
Release Date: 2011-05-16
Criticality level: Highly critical
Impact: System access
Where: From remote
Solution Status: Unpatched
"... vulnerability is confirmed in version 5.61. Other versions may also be affected..."

- http://www.winamp.com/help/Version_History#Winamp_5.61

[AplusWebMaster]

FYI...

QuickTime v7.6.9 released
- http://support.apple.com/kb/DL837
Version: 7.6.9
Post Date: December 07, 2010
Download ID: DL837
File Size: 32.86 MB
Windows XP (SP2 or later), Windows Vista, Windows 7

- http://support.apple.com/kb/HT4447
CVEs: CVE-2010-3787, CVE-2010-3788, CVE-2010-3789, CVE-2010-3790, CVE-2010-3791, CVE-2010-3792, CVE-2010-3793, CVE-2010-3794, CVE-2010-3795, CVE-2010-3800, CVE-2010-3801, CVE-2010-3802, CVE-2010-1508, CVE-2010-0530, CVE-2010-4009

- http://apple.com/quicktime/download
... or update via Apple Software Update.

- http://www.securitytracker.com/id?1024829
Dec 7 2010
- http://www.securitytracker.com/id?1024830
Dec 7 2010

- http://secunia.com/advisories/39259/
Last Update: 2010-12-08
Criticality level: Highly critical
Impact: Exposure of sensitive information, System access, Manipulation of data
Where: From remote...
Solution: Update to version 7.6.9.

[AplusWebMaster]

FYI...

WordPress v3.0.3 released
- http://wordpress.org/download/
December 8, 2010 - "The latest stable release of WordPress (Version 3.0.3) is available..."

- http://wordpress.org/news/2010/12/wordpress-3-0-3/
"...security update for all previous WordPress versions. This release fixes issues in the remote publishing interface, which under certain circumstances allowed Author- and Contributor-level users to improperly edit, publish, or delete posts. These issues only affect sites that have remote publishing enabled. Remote publishing is disabled by default, but you may have enabled it to use a remote publishing client such as one of the WordPress mobile apps. You can check these settings on the “Settings ? Writing” screen..."

- http://www.securitytracker.com/id?1024842
Dec 9 2010

[AplusWebMaster]

FYI...

Thunderbird v3.1.7 released
- http://www.mozillamessaging.com/thunderbird/
released December 9, 2010

- http://www.mozillamessaging.com/thun.../releasenotes/

- http://www.mozilla.org/security/know...underbird3.1.7
Fixed in Thunderbird 3.1.7
MFSA 2010-78 Add support for OTS font sanitizer
MFSA 2010-75 Buffer overflow while line breaking after document.write with long string
MFSA 2010-74 Miscellaneous memory safety hazards (rv:1.9.2.13/ 1.9.1.16)

- https://bugzilla.mozilla.org/buglist...0-0-0=.7-fixed
85 bugs fixed...

- http://secunia.com/advisories/42519/
Release Date: 2010-12-10
Criticality level: Highly critical
Impact: System access
Where: From remote
Solution Status: Vendor Patch...
Solution: Update to version 3.1.7 or 3.0.11.
Original Advisory:
http://www.mozilla.org/security/anno...sa2010-74.html
http://www.mozilla.org/security/anno...sa2010-75.html
http://www.mozilla.org/security/anno...sa2010-78.html

- http://www.securitytracker.com/id?1024846
Dec 10 2010

[AplusWebMaster]

FYI...

Chrome v8.0.552.224 released
- http://secunia.com/advisories/42605/
Release Date: 2010-12-14
Criticality level: Highly critical
Impact: Unknown, DoS, System access
Where: From remote
Solution Status: Vendor Patch...
Solution: Update to version 8.0.552.224.
Original Advisory:
http://googlechromereleases.blogspot...pdates_13.html

[AplusWebMaster]

FYI...

IrfanView v4.28 released
LuraDocument Format PlugIn Memory Corruption Vulnerability
- http://secunia.com/advisories/41439/
Release Date: 2010-12-17
Criticality level: Highly critical
Impact: System access
Where: From remote
Solution: No updated version of the plugin will be made available. The vendor has removed the plugin in version 4.28 of the plugins distribution.
Original Advisory:
http://irfanview.com/main_history.htm
Version 4.28 ( - CURRENT VERSION - ) (Release date: 2010-12-16)

[AplusWebMaster]

FYI...

Kerio Firewall vuln - patch available
- http://www.securitytracker.com/id?1024913
Dec 20 2010
Solution: The vendor has issued a fix (7.1.0 Patch 1).
The vendor's advisory is available* ...
* http://www.kerio.com/support/security-advisories#1012
Date: December 20, 2010
Severity: High
Name: HTTP cache poisoning vulnerability
Affected products: Kerio WinRoute Firewall all versions, Kerio Control up to version 7.1.0
Fix availability: The following product versions are not vulnerable: Kerio Control version 7.1.0 Patch 1 and higher.
Description: By sending a specially crafted HTTP data over a non-HTTP TCP connection a malicious web site could trick the HTTP cache to store arbitrary data. That data would then be served to clients instead of the legitimate content.
Mitigation factors: HTTP cache is disabled by default. It must be enabled in order for this attack to succeed.
Workaround: Disable HTTP cache...
> http://www.kerio.com/node/588
Release history

[AplusWebMaster]

FYI...

Mozilla - password Security Breach
"... partial database of addons.mozilla.org user accounts..."
- http://isc.sans.edu/diary.html?storyid=10162
Last Updated: 2010-12-28 17:14:52 UTC - "Mozilla has published a blog* and sent out an e-mail notifying users.. User IDs and password hashes for users were available for public access briefly. Users who have not been active before April 2009, however, had their password hashes stored in MD5 hashes which could be retrieved via password cracking. This method of storing passwords has been retired by Mozilla which is why users who logged in after April 2009 are safe. The problem would come in for those users who use the same password across multiple sites (particularly the same password to access the e-mail account they registered with).
As a quick tip, we all have dozens (at least) of "low-impact" sites we have passwords for: new sites, blogs, etc. The impact of those accounts being compromised is trivial, at best. However, if the same password is used (and that password is mapped to an e-mail address or username) it can be used to access other, more sensitive accounts. You could have a different password for each site, which quickly becomes impractical. Sites using centralized logins are few and far-between (say Open ID). A solution I've tried to use is to have an insecure password but salt it with some designation for the site I'm accessing. Say the insecure password is qwerty. I can add two characters designating what I'm accessing for each site. So qwertyFF (FF for Firefox) for addons.mozilla.org. This allows for different passwords at each site, but in a way that is easy to remember multiple passwords. Obviously, you -won't- want to user "qwerty" as the base for those passwords, but you get the idea."
* http://blog.mozilla.com/security/201...rg-disclosure/
"... partial database of addons.mozilla.org user accounts..."

[AplusWebMaster]

FYI...

Malware Domains 2234.in, 0000002.in & co
- http://isc.sans.edu/diary.html?storyid=10165
Last Updated: 2010-12-29 00:04:58 UTC - "... recent increase of malicious sites with ".in" domain names. The current set of names follow the four-digit and seven-digit pattern. Passive DNS Replication like RUS-CERT/BFK shows that a big chunk of these domains currently seems to point to 91.204.48.52 (AS24965) and 195.80.151.83 (AS50877). The former Netblock is in the Ukraine (where else), the latter likely in Moldavia. Both show up prominently on Google's filter (AS24965, AS50877), Zeustracker, Spamhaus (AS24965, AS50877) and many other sites that maintain filter lists of malicious hosts. A URL block system that can do regular expressions comes in pretty handy for these - \d{4}\.in and \d{7}\.in takes care of the whole lot, likely with minimal side effects, since (benign) all-numerical domain names under ".in" are quite rare. If you're into blocking entire network ranges, zapping 91.204.48.0/22 and 195.80.148.0/22 should nicely take care of this current as well as future badness..."
[ 91.204.48.* / 195.80.148.* ]

- http://cidr-report.org/cgi-bin/as-report?as=AS24965

- http://cidr-report.org/cgi-bin/as-report?as=AS50877