securityadmin's blog

Attack exploits just-patched Mac security bug - Java Runtime Environment (JRE)

http://www.theregister.co.uk/2009/12/04/mac_windows_java_attack/

A proof of concept (POC) has been released that targets unpatched
Macintosh systems.

"If you haven't installed the latest security update for Mac OS X, now
would be a good time."

This is related to the security alert sent out yesterday [NET #1379]:

Moderate: expat security update

http://rhn.redhat.com/errata/RHSA-2009-1625.html

"Updated expat packages that fix two security issues are now available for
Red Hat Enterprise Linux 3, 4, and 5."

"Two buffer over-read flaws were found in the way Expat handled malformed
UTF-8 sequences when processing XML files. A specially-crafted XML file
could cause applications using Expat to crash while parsing the file.
(CVE-2009-3560, CVE-2009-3720)"

Important: acpid security update

http://rhn.redhat.com/errata/RHSA-2009-1642.html

"An updated acpid package that fixes one security issue is now available
for Red Hat Enterprise Linux 5."

"Before applying this update, make sure that all previously-released
errata relevant to your system have been applied."

This flaw could lead to a local or compromised user to escalate privileges.

It is recommended to update this package.

Attack exploits just-patched Mac security bug - Java Runtime Environment (JRE)

http://www.theregister.co.uk/2009/12/04/mac_windows_java_attack/

A proof of concept (POC) has been released that targets unpatched
Macintosh systems.

"If you haven't installed the latest security update for Mac OS X, now
would be a good time."

This is related to the security alert sent out yesterday [NET #1379]:

Vulnerabilities in the Java Runtime Environment May Allow Privileges to be Escalated

http://sunsolve.sun.com/search/document.do?assetkey=1-66-270474-1

"Multiple buffer and integer overflow vulnerabilities in the Java
Runtime Environment with processing audio and image files may allow an
untrusted applet or Java Web Start application to escalate privileges.
For example, an untrusted applet may grant itself permissions to read
and write local files or execute local applications that are accessible
to the user running the untrusted applet."

Vulnerabilities in the Java Runtime Environment May Allow Privileges to be Escalated

http://sunsolve.sun.com/search/document.do?assetkey=1-66-270474-1

"Multiple buffer and integer overflow vulnerabilities in the Java
Runtime Environment with processing audio and image files may allow an
untrusted applet or Java Web Start application to escalate privileges.
For example, an untrusted applet may grant itself permissions to read
and write local files or execute local applications that are accessible
to the user running the untrusted applet."

BlackBerry Attachment Service PDF Distiller Multiple Remote Code Execution Vulnerabilities

http://www.securityfocus.com/bid/37167/info

"BlackBerry Attachment Service is prone to multiple remote
code-execution vulnerabilities when handling specially crafted PDF files.

Attackers can leverage these issues to corrupt memory and execute
arbitrary code in the context of the vulnerable service, possibly with
SYSTEM-level privileges. Successful exploits will compromise the server.
Failed attacks will likely result in denial-of-service conditions. "

Linux Kernel 'net/mac80211/' Multiple Remote Denial of Service Vulnerabilities

http://www.securityfocus.com/bid/37170/info

"The Linux Kernel is prone to multiple remote denial-of-service
vulnerabilities.

An attacker can exploit these issues to cause a kernel panic, denying
service to legitimate users."

It should be noted that this affects the mac80211 code in the kernel
which deals specifically with the 802.11 wireless lan standard.

Pages