ep's blog

Broadcom NetXtreme Ethernet Card possible remote vulnerability


"A buffer overflow vulnerability exists in the Broadcom NetXtreme
management firmware. This vulnerability may allow a remote attacker to
execute arbitrary code on an affected device."

This affects the firmware on the card itself, regardless of whether the
machine is turned on or off. Both Dell and HP use these cards in their
desktops and servers.

The following devices/firmwares are affected:

Would You Have Spotted this ATM Fraud?


I don't know about you, but I cringe every time I go to an ATM nowadays.  "Why?" you ask.  Because I've heard of a lot of reports and seen a lot of pictures of ATM skimmers.  These devices attach to the front of an ATM where your card goes in.  When you insert your card, they scan it as well as the ATM.  Now they can create a copy of your card.

Adobe Flash Media Server Directory Traversal Vulnerability


"Adobe Flash Media Server is prone to a directory-traversal
vulnerability because it fails to sufficiently sanitize user-supplied input.

Exploiting this issue can allow an attacker to load arbitrary Dynamic
Linked Libraries (DLLs) present on the server. This could help the
attacker launch further attacks. "

This affects Adobe Flash Media Server 3.5.2 and prior.
This affects Adobe Flash Media Server 3.0.4 and prior.

GNU Tar and GNU Cpio Remote Buffer Overflow Vulnerability


"GNU Tar and GNU Cpio are prone to a remote buffer-overflow
vulnerability because the applications fail to perform adequate boundary
checks on user-supplied data.

An attacker can exploit this issue to execute arbitrary code with the
privileges of the user running the affected application. Failed exploit
attempts will result in a denial-of-service condition.

This issue affects the following:

MFSA 2010-08 Firefox 3.6.2 released early


Mozilla was originally going to release 3.6.2 on March 30.

"Firefox 3.6.2 fixes the following issues found in previous versions of
Firefox 3.6:

* Fixed a critical security issue that could potentially allow
remote code execution (see bug 552216).
* Fixed several additional security issues.
* Fixed several stability issues."

It is recommended that all Firefox 3.6.x users update to 3.6.2.

CVE-2010-0419 kvm: emulator privilege escalation segment selector check


"The Linux kernel is prone to a privilege-escalation vulnerability
affecting the Kernel-based Virtual Machine (KVM).

A guest user could exploit this issue to gain elevated privileges on the
guest operating system or crash the guest."


It is recommended that kvm package updates be applied to mitigate this

Opera Browser "Content-Length" Header Buffer Overflow Vulnerability in newly released 10.50


Two new vulnerabilities have been found in 10.50 and earlier versions.
The first can cause a DoS, the second could allow for remote code execution.

No patches are available as of yet. Recommendations from the Secunia
report are "do not browse untrusted websites or follow untrusted links."
This is a good recommendation in general. Other recommendations have
been to stop using Opera all together until an official patch is available.

Apache HTTP Server (httpd) 2.2.15 Released - includes security fixes


Version 2.2.15 fixes these three vulnerabilities.

* important: mod_isapi module unload flaw CVE-2010-0425 (Windows)
* low: Subrequest handling of request headers (mod_headers) CVE-2010-0434
* moderate: mod_proxy_ajp DoS CVE-2010-0408

It is recommended that Apache be updated to the latest code version.