Опубликовано 3 марта, 200917 г Автор рекомендуется отключить в Firefox поддержку IDN с помощью "about:config" ---------------------------------------------------------------------- TITLE: Mozilla Firefox IDN Spoofing Security Issue SECUNIA ADVISORY ID: SA34096 VERIFY ADVISORY: http://secunia.com/advisories/34096/ DESCRIPTION: A security issue has been discovered in Mozilla Firefox, which can be exploited by a malicious people to conduct spoofing attacks. The problem is caused due to the handling of IDN (International Domain Name) support, which can be exploited to spoof a URL via e.g. a ".cn" domain containing certain international characters that resemble other commonly used characters (e.g. "/") in the sub-domain part. This is related to: SA14163 The security issue is confirmed in version 3.0.6. Other versions may also be affected. SOLUTION: Disable IDN support in "about:config". PROVIDED AND/OR DISCOVERED BY: Additional vector provided by Moxie Marlinspike. ORIGINAL ADVISORY: https://www.blackhat.com/presentations/bh-d...feating-SSL.pdf OTHER REFERENCES: SA14163: http://secunia.com/advisories/14163/ ----------------------------------------------------------------------
Опубликовано 4 марта, 200917 г Автор ---------------------------------------------------------------------- TITLE: Opera Multiple Vulnerabilities SECUNIA ADVISORY ID: SA34135 VERIFY ADVISORY: http://secunia.com/advisories/34135/ DESCRIPTION: Some vulnerabilities have been reported in Opera, where one has an unknown impact and others can be exploited by malicious people to conduct cross-site scripting attacks and compromise a user's system. 1) An unspecified error in the processing of JPEG images can be exploited to trigger a memory corruption. Successful exploitation allows execution of arbitrary code. 2) An error can be exploited to execute arbitrary script code in a different domain via unspecified plugins. 3) An unspecified error has a "moderately severe" impact. No further information is available. SOLUTION: Update to version 9.64. http://www.opera.com/browser/download/ PROVIDED AND/OR DISCOVERED BY: 1) The vendor credits Tavis Ormandy of the Google Security Team. 2) The vendor credits Adam Barth. 3) Reported by the vendor. ORIGINAL ADVISORY: http://www.opera.com/docs/changelogs/windows/964/ http://www.opera.com/support/search/view/926/ ----------------------------------------------------------------------
Опубликовано 6 марта, 200917 г Автор время обновить Firefox до 3.0.7 ---------------------------------------------------------------------- TITLE: Mozilla Firefox Multiple Vulnerabilities SECUNIA ADVISORY ID: SA34145 VERIFY ADVISORY: http://secunia.com/advisories/34145/ DESCRIPTION: Some vulnerabilities have been reported in Mozilla Firefox, which can be exploited by malicious people to conduct spoofing attacks, bypass certain security restrictions, disclose sensitive information, or compromise a user's system. 1) Multiple errors in the layout and JavaScript engines can be exploited to corrupt memory and potentially execute arbitrary code. 2) An error in the garbage collection process when handling a set of cloned XUL DOM elements linked as a parent and child can be exploited to access freed memory and execute arbitrary code. 3) An error can be exploited via the "nsIRDFService" interface and a cross-domain redirect to bypass the same-origin policy and read XML data from another domain. 4) An error in libpng when handling out-of-memory conditions can be exploited to potentially execute arbitrary code. For more information: SA33970 5) An error when handling invisible control characters included in the location bar can be exploited to spoof a trusted URL. The vulnerabilities are reported in versions prior to 3.0.7. SOLUTION: Update to version 3.0.7. PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1) Martijn Wargers, Jesse Ruderman, Josh Soref, Gary Kwong, and Timothee Groleau 2) an anonymous researcher, reported via ZDI 3) Georgi Guninski 5) Masahiro Yamada ORIGINAL ADVISORY: http://www.mozilla.org/security/announce/2...fsa2009-07.html http://www.mozilla.org/security/announce/2...fsa2009-08.html http://www.mozilla.org/security/announce/2...fsa2009-09.html http://www.mozilla.org/security/announce/2...fsa2009-10.html http://www.mozilla.org/security/announce/2...fsa2009-11.html OTHER REFERENCES: SA33970: http://secunia.com/advisories/33970/ ----------------------------------------------------------------------
Опубликовано 11 марта, 200917 г Автор а теперь время обновить Windows ---------------------------------------------------------------------- TITLE: Microsoft Windows SChannel Authentication Bypass SECUNIA ADVISORY ID: SA34215 VERIFY ADVISORY: http://secunia.com/advisories/34215/ DESCRIPTION: A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to bypass certain security mechanisms. The vulnerability is caused due to insufficient validation of certain TLS (Transport Layer Security) handshake messages by the SChannel (Secure Channel) authentication component during certificate-based authentication. This can be exploited to bypass authentication using the public component of a user▓s authentication credential. SOLUTION: Apply patches. Windows 2000 SP4: http://www.microsoft.com/downloads/details...46-72fe7385c07c Windows XP SP2: http://www.microsoft.com/downloads/details...0a-70d9c34488f3 Windows XP SP3: http://www.microsoft.com/downloads/details...0a-70d9c34488f3 Windows XP Professional x64 Edition (optionally with SP2): http://www.microsoft.com/downloads/details...21-8a2c1a229472 Windows Server 2003 SP1/SP2: http://www.microsoft.com/downloads/details...d8-8f00d91ad6a2 Windows Server 2003 x64 Edition (optionally with SP2): http://www.microsoft.com/downloads/details...d2-32b681faf908 Windows Server 2003 with SP1/SP2 for Itanium-based Systems: http://www.microsoft.com/downloads/details...a3-fb81d0bfd7b3 Windows Vista (optionally with SP1): http://www.microsoft.com/downloads/details...58-7fa63508102b Windows Vista x64 Edition (optionally with SP1): http://www.microsoft.com/downloads/details...09-5c8fa0339388 Windows Server 2008 for 32-bit Systems: http://www.microsoft.com/downloads/details...c5-8703f6532615 Windows Server 2008 for x64-based Systems: http://www.microsoft.com/downloads/details...6b-d3b3179aacc4 Windows Server 2008 for Itanium-based Systems: http://www.microsoft.com/downloads/details...32-d4aa7005a9f8 PROVIDED AND/OR DISCOVERED BY: The vendor credits: * Secretaria da Fazenda do Estado do Rio Grande do Sul * Cia de Processamento de Dados do Estado do Rio Grande do Sul ORIGINAL ADVISORY: MS09-007 (KB960225): http://www.microsoft.com/technet/security/...n/MS09-007.mspx ---------------------------------------------------------------------- TITLE: Microsoft Windows Multiple Kernel Vulnerabilities SECUNIA ADVISORY ID: SA34117 VERIFY ADVISORY: http://secunia.com/advisories/34117/ DESCRIPTION: Three vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to potentially compromise a user's system. 1) An input validation error when passing input from user-mode through the kernel component of GDI may potentially be exploited to run arbitrary code in kernel mode by e.g. tricking a user into viewing a specially crafted EMF or WMF image file hosted on a malicious website. 2) An error in the kernel when validating handles may be exploited by unprivileged users to run arbitrary code with escalated privileges. 3) An error in the kernel when handling certain invalid pointers may be exploited by unprivileged users to run arbitrary code with escalated privileges. SOLUTION: Apply patches. Windows 2000 SP4: http://www.microsoft.com/downloads/details...b7-06f15072a635 Windows XP SP2/SP3: http://www.microsoft.com/downloads/details...b5-703d3a7dc33b Windows XP Professional x64 Edition (optionally with SP2): http://www.microsoft.com/downloads/details...c3-2455d7cf21c8 Windows Server 2003 SP1/SP2: http://www.microsoft.com/downloads/details...31-507c2a406500 Windows Server 2003 x64 Edition (optionally with SP2): http://www.microsoft.com/downloads/details...59-3a07e13957be Windows Server 2003 with SP1/SP2 for Itanium-based Systems: http://www.microsoft.com/downloads/details...7a-e7a8156ede1c Windows Vista (optionally with SP1): http://www.microsoft.com/downloads/details...c0-50b901856ced Windows Vista x64 Edition (optionally with SP1): http://www.microsoft.com/downloads/details...7d-b7319282cf56 Windows Server 2008 for 32-bit Systems: http://www.microsoft.com/downloads/details...15-181c260cf8cf Windows Server 2008 for x64-based Systems: http://www.microsoft.com/downloads/details...83-61c122ff1382 Windows Server 2008 for Itanium-based Systems: http://www.microsoft.com/downloads/details...37-481d9876a5fe PROVIDED AND/OR DISCOVERED BY: 1) The vendor credits Helmut Buhler. 2) The vendor credits Thomas Garnier, SkyRecon. 3) Reported by the vendor. ORIGINAL ADVISORY: MS09-006 (KB958690): http://www.microsoft.com/technet/security/...n/MS09-006.mspx ---------------------------------------------------------------------- ---------------------------------------------------------------------- TITLE: Microsoft Windows DNS / WINS Multiple Spoofing Vulnerabilities SECUNIA ADVISORY ID: SA34217 VERIFY ADVISORY: http://secunia.com/advisories/34217/ DESCRIPTION: Some vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious people to poison a DNS cache and conduct spoofing attacks. 1) An error in the Windows DNS server may cause it to not properly reuse cached responses. This can be exploited via specially crafted DNS queries to poison the DNS cache and thus redirect network traffic. 2) An error in the Windows DNS server may cause it to not properly cache DNS responses. This may increase the predictability of subsequent transaction IDs and can be exploited to poison the DNS cache via specifically crafted queries sent to the DNS server. 3) The Windows DNS server does not properly validate who can register WPAD entries when dynamic update is used and ISATAP and WPAD are not already registered in DNS. This can be exploited to conduct MitM (Man-in-the-Middle) attacks by registering "WPAD" in the DNS database pointing to a desired IP address. 4) The Windows WINS server does not properly validate who can register WPAD or ISATAP entries. This can be exploited to conduct MitM (Man-in-the-Middle) attacks by registering WPAD or ISATP in the WINS database pointing to a desired IP address. Vulnerabilities #3 and #4 may be related to: SA27901 SOLUTION: Apply Patches. DNS server on Microsoft Windows 2000 Server SP4 (961063): http://www.microsoft.com/downloads/details...63-3adba6ac0116 WINS server on Microsoft Windows 2000 Server SP4 (961064): http://www.microsoft.com/downloads/details...15-c0b3b86b4462 DNS server on Windows Server 2003 SP1 and SP2 (961063): http://www.microsoft.com/downloads/details...23-9e07e2369878 WINS server on Windows Server 2003 SP1 and SP2 (961064): http://www.microsoft.com/downloads/details...fd-4a54833e6bf2 DNS server on Windows Server 2003 x64 Edition and SP2 (961063): http://www.microsoft.com/downloads/details...43-0459561d22d0 WINS server on Windows Server 2003 x64 Edition and SP2 (961064): http://www.microsoft.com/downloads/details...3f-33ce45c32428 DNS server on Windows Server 2003 with SP1 and SP2 for Itanium-based Systems (961063): http://www.microsoft.com/downloads/details...cc-5a415bec6c59 WINS server on Windows Server 2003 with SP1 and SP2 for Itanium-based Systems (961064): http://www.microsoft.com/downloads/details...1f-cdb87efa4dcf DNS server on Windows Server 2008 for 32-bit Systems (961063): http://www.microsoft.com/downloads/details...5c-3afb44895f08 DNS server on Windows Server 2008 for x64-based Systems (961063): http://www.microsoft.com/downloads/details...91-e85931ed610f PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: MS09-008 (KB962238, KB961063, KB961064): http://www.microsoft.com/technet/security/...n/MS09-008.mspx OTHER REFERENCES: SA27901: http://secunia.com/advisories/27901/ ----------------------------------------------------------------------
Опубликовано 12 марта, 200917 г Автор вот и вышел патч к Adobe Reader - нажмите "Check for Updates" в нем :smile3:
Для публикации сообщений создайте учётную запись или авторизуйтесь