securityadmin's blog

MySQL OpenSSL Server Certificate yaSSL Security Bypass Vulnerability

http://www.securityfocus.com/bid/37076/discuss

"MySQL is prone to a security-bypass vulnerability.

An attacker can exploit this issue to bypass certain security
restrictions and obtain sensitive information that may lead to further
attacks.

Versions prior to MySQL 5.1.41 are vulnerable."

It is recommended to update to the latest version of MySQL as soon as
possible.

ClamAV Prior to 0.95.2 Multiple Scanner Bypass Vulnerabilities

http://www.securityfocus.com/bid/35410/info

"ClamAV is prone to multiple vulnerabilities because it fails to
properly restrict certain files after scanning them.

A successful attack may allow malicious users to bypass security
restrictions placed on certain files. Exploits may aid in further attacks.

Versions prior to ClamAv 0.95.2 are vulnerable."

It is recommended to update ClamAv to the latest version.

Linux Kernel KVM 'KVM_MAX_MCE_BANKS' Memory Corruption Vulnerability

http://www.securityfocus.com/bid/37035/info

"
The Linux kernel is prone to a memory-corruption vulnerability that
affects the Kernel-based Virtual Machine (KVM).

Local attackers can exploit this issue to execute arbitrary code with
superuser privileges. Successful exploits will completely compromise
affected computers.

Versions prior to Linux kernel 2.6.32-rc7 are vulnerable. "

It is recommended to update the kernel on affected systems.

Linux Kernel KVM 'KVM_MAX_MCE_BANKS' Memory Corruption Vulnerability

http://www.securityfocus.com/bid/37035/info

"
The Linux kernel is prone to a memory-corruption vulnerability that
affects the Kernel-based Virtual Machine (KVM).

Local attackers can exploit this issue to execute arbitrary code with
superuser privileges. Successful exploits will completely compromise
affected computers.

Versions prior to Linux kernel 2.6.32-rc7 are vulnerable. "

It is recommended to update the kernel on affected systems.

Microsoft Excel Index Parsing Remote Code Execution Vulnerability

http://www.securityfocus.com/bid/36909/discuss

"Microsoft Excel is prone to a remote code-execution vulnerability.

Attackers can exploit this issue by enticing victims into opening a
specially crafted Excel ('.xls') file.

Successful exploits can allow attackers to execute arbitrary code with
the privileges of the user running the application. "

Microsoft Excel Index Parsing Remote Code Execution Vulnerability

http://www.securityfocus.com/bid/36909/discuss

"Microsoft Excel is prone to a remote code-execution vulnerability.

Attackers can exploit this issue by enticing victims into opening a
specially crafted Excel ('.xls') file.

Successful exploits can allow attackers to execute arbitrary code with
the privileges of the user running the application. "

WordPress < 2.8.6 Arbitrary File Upload Vulnerability

http://www.securityfocus.com/bid/37005/info

"WordPress is prone to a vulnerability that lets attackers upload
arbitrary files. The issue occurs because the application fails to
adequately sanitize user-supplied input.

An attacker can exploit this vulnerability to upload arbitrary code and
run it in the context of the webserver process. This may facilitate
unauthorized access or privilege escalation; other attacks are also
possible."

TLS Man in the Middle (MITM) attacks based on renegotiation - patches available for RHEL3,4,5

https://bugzilla.redhat.com/show_bug.cgi?id=533125

A recent paper on TLS renegotiation showed a method for injecting
information into the encrypted stream. This could lead to successful
Man in the Middle (MITM) attacks in an already encrypted stream.

The current mitigation patch that is officially supported by RedHat is
to totally disable encryption re-negotiation. This workaround has been
patched in OpenSSL 0.9.8l.

WordPress < 2.8.6 Arbitrary File Upload Vulnerability

http://www.securityfocus.com/bid/37005/info

"WordPress is prone to a vulnerability that lets attackers upload
arbitrary files. The issue occurs because the application fails to
adequately sanitize user-supplied input.

An attacker can exploit this vulnerability to upload arbitrary code and
run it in the context of the webserver process. This may facilitate
unauthorized access or privilege escalation; other attacks are also
possible."

TLS Man in the Middle (MITM) attacks based on renegotiation - patches available for RHEL3,4,5

https://bugzilla.redhat.com/show_bug.cgi?id=533125

A recent paper on TLS renegotiation showed a method for injecting
information into the encrypted stream. This could lead to successful
Man in the Middle (MITM) attacks in an already encrypted stream.

The current mitigation patch that is officially supported by RedHat is
to totally disable encryption re-negotiation. This workaround has been
patched in OpenSSL 0.9.8l.

Pages