Опубликовано 9 июля, 200818 г Автор очередное обновление от Microsoft - еще одна серьезная уязвимость ---------------------------------------------------------------------- TITLE: Microsoft Windows DNS Spoofing Vulnerabilities SECUNIA ADVISORY ID: SA30925 VERIFY ADVISORY: http://secunia.com/advisories/30925/ CRITICAL: Moderately critical IMPACT: Spoofing WHERE: From remote OPERATING SYSTEM: Microsoft Windows 2000 Advanced Server http://secunia.com/product/21/ Microsoft Windows 2000 Datacenter Server http://secunia.com/product/1177/ Microsoft Windows 2000 Professional http://secunia.com/product/1/ Microsoft Windows 2000 Server http://secunia.com/product/20/ Microsoft Windows XP Home Edition http://secunia.com/product/16/ Microsoft Windows XP Professional http://secunia.com/product/22/ Microsoft Windows Server 2003 Datacenter Edition http://secunia.com/product/1175/ Microsoft Windows Server 2003 Enterprise Edition http://secunia.com/product/1174/ Microsoft Windows Server 2003 Standard Edition http://secunia.com/product/1173/ Microsoft Windows Server 2003 Web Edition http://secunia.com/product/1176/ Microsoft Windows Server 2008 http://secunia.com/product/18255/ DESCRIPTION: Two vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious people to poison the DNS cache. 1) An error in the Windows DNS client and Windows DNS server due to insufficient socket entropy when performing DNS queries can be exploited to poison the DNS cache. 2) An error in the Windows DNS server may cause it to accept records from responses outside of the remote server's authority. This can be exploited via specially crafted responses to DNS requests to poison the DNS cache. SOLUTION: Apply patches. -- DNS Client -- Windows 2000 SP4: http://www.microsoft.com/downloads/details...21-c70cd07cdd22 Windows XP SP2/SP3: http://www.microsoft.com/downloads/details...a8-b38907467cdf Windows XP Professional x64 Edition (optionally with SP2): http://www.microsoft.com/downloads/details...1b-4ca89002907b Windows Server 2003 SP1/SP2: http://www.microsoft.com/downloads/details...ad-fcaf05d7dab9 Windows Server 2003 x64 Edition (optionally with SP2): http://www.microsoft.com/downloads/details...6d-3131474ffe1f Windows Server 2003 SP1/SP2 for Itanium-based systems: http://www.microsoft.com/downloads/details...2d-a1980b66ae3e -- DNS Server -- Windows 2000 Server SP4: http://www.microsoft.com/downloads/details...d0-485d2d41335b Windows Server 2003 SP1/SP2: http://www.microsoft.com/downloads/details...b3-9cd88f468a42 Windows Server 2003 x64 Edition (optionally with SP2): http://www.microsoft.com/downloads/details...21-1acd1c43b162 Windows Server 2003 SP1/SP2 for Itanium-based systems: http://www.microsoft.com/downloads/details...f1-fec7408886bb Windows Server 2008 for 32-bit Systems: http://www.microsoft.com/downloads/details...13-c4fcae276c7b Windows Server 2008 for x64-based Systems: http://www.microsoft.com/downloads/details...0a-f5902d37bfd0 PROVIDED AND/OR DISCOVERED BY: 1) The vendor credits Dan Kaminsky, IOActive. 2) Reported by the vendor. ORIGINAL ADVISORY: MS08-037 (KB953230): http://www.microsoft.com/technet/security/...n/MS08-037.mspx
Опубликовано 9 июля, 200818 г Автор да, и кстати забыл отпостить про обновление Acrobat Reader. Рекомендую обновиться ;-) ---------------------------------------------------------------------- TITLE: Adobe Reader/Acrobat JavaScript Method Handling Vulnerability SECUNIA ADVISORY ID: SA30832 VERIFY ADVISORY: http://secunia.com/advisories/30832/ CRITICAL: Highly critical IMPACT: DoS, System access WHERE: From remote SOFTWARE: Adobe Acrobat 8 Professional http://secunia.com/product/13785/ Adobe Acrobat 8.x http://secunia.com/product/12256/ Adobe Acrobat 7.x http://secunia.com/product/4594/ Adobe Acrobat 7 Professional http://secunia.com/product/13786/ Adobe Acrobat 3D http://secunia.com/product/13149/ Adobe Reader 7.x http://secunia.com/product/4546/ Adobe Reader 8.x http://secunia.com/product/12829/ DESCRIPTION: A vulnerability has been reported in Adobe Reader/Acrobat, which potentially can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an error in the implementation of an unspecified JavaScript method and can be exploited to cause a crash or potentially execute arbitrary code via a specially crafted PDF file. NOTE: The vulnerability is reportedly being exploited in the wild. The vulnerability is reported in the following products and versions: * Adobe Reader versions 8.0 through 8.1.2 * Adobe Reader versions 7.0.9 and earlier * Adobe Acrobat Professional, 3D and Standard versions 8.0 through 8.1.2 * Adobe Acrobat Professional, 3D and Standard versions 7.0.9 and earlier SOLUTION: Adobe Reader 8 for Windows: Update to Adobe Reader 8.1.2 Security Update 1. http://www.adobe.com/support/downloads/detail.jsp?ftpID=3967 Adobe Reader 8 for Macintosh: Update to Adobe Reader 8.1.2 Security Update 1. http://www.adobe.com/support/downloads/detail.jsp?ftpID=3966 Acrobat 8 for Windows: Update to Acrobat 8.1.2 Security Update 1. http://www.adobe.com/support/downloads/detail.jsp?ftpID=3976 Acrobat 8 for Macintosh: Update to Acrobat 8.1.2 Security Update 1. http://www.adobe.com/support/downloads/detail.jsp?ftpID=3977 Acrobat 3D Version 8 for Windows: Update to Acrobat 3D Version 8.1.2 Security Update 1. http://www.adobe.com/support/downloads/detail.jsp?ftpID=3975 Adobe Reader 7.0 through 7.0.9: Upgrade to Adobe Reader 7.1.0. http://www.adobe.com/go/getreader Acrobat 7 for Windows: Update to Acrobat 7.1.0. http://www.adobe.com/support/downloads/pro...latform=Windows Acrobat 7 for Macintosh: Update to Acrobat 7.1.0. http://www.adobe.com/support/downloads/pro...tform=Macintosh PROVIDED AND/OR DISCOVERED BY: The vendor credits the Information Security Team of the Johns Hopkins University Applied Physics Laboratory. ORIGINAL ADVISORY: Adobe APSB08-15: http://www.adobe.com/support/security/bull.../apsb08-15.html ----------------------------------------------------------------------
Опубликовано 30 июля, 200817 г Автор с некоторым запозданием напоминаю - надо снова обновить Firefox до версии 2.0.16 ---------------------------------------------------------------------- TITLE: Mozilla Firefox 2 URI Launching Vulnerability SECUNIA ADVISORY ID: SA31120 VERIFY ADVISORY: http://secunia.com/advisories/31120/ CRITICAL: Less critical IMPACT: Security Bypass, Exposure of sensitive information WHERE: From remote SOFTWARE: Mozilla Firefox 2.0.x http://secunia.com/product/12434/ DESCRIPTION: A vulnerability has been reported in Firefox 2, which can be exploited by malicious people to bypass certain security restrictions and disclose sensitive information. The problem is that it is possible to open multiple tabs via pipe symbols within the URI and can e.g. be exploited to launch "chrome:" URIs via the command-line. This can also be exploited to read files from a user's system using the "file:" URI but requires that an attacker is able to place a malicious file in a guessable location on a user's system (e.g. in combination with another security issue). Successful exploitation requires that the URI is passed to Firefox from e.g. another browser and that Firefox is not running. The vulnerability is reported in versions prior to 2.0.0.16. SOLUTION: Update to version 2.0.0.16. http://www.mozilla.com/en-US/firefox/all-older.html PROVIDED AND/OR DISCOVERED BY: The vendor credits Billy Rios. ORIGINAL ADVISORY: MFSA 2008-35: http://www.mozilla.org/security/announce/2...fsa2008-35.html
Опубликовано 14 августа, 200817 г Автор пришло время обновить Internet Explorer (да и Windows в-целом) - вышло очередное обновление Windows (см. анализ на SANS - _ttp://isc.sans.org/diary.html?n&storyid=4876). _ttp://secunia.com/advisories/31375/ ---------------------------------------------------------------------- TITLE: Internet Explorer Multiple Vulnerabilities SECUNIA ADVISORY ID: SA31375 VERIFY ADVISORY: http://secunia.com/advisories/31375/ CRITICAL: Highly critical IMPACT: System access WHERE: From remote SOFTWARE: Microsoft Internet Explorer 5.01 http://secunia.com/product/9/ Microsoft Internet Explorer 6.x http://secunia.com/product/11/ Microsoft Internet Explorer 7.x http://secunia.com/product/12366/ DESCRIPTION: Multiple vulnerabilities have been reported in Internet Explorer, which can be exploited by malicious people to compromise a user's system. 1) An unspecified error may result in uninitialised memory being accessed in certain situations. 2) Another unspecified error may result in uninitialised memory being accessed in certain situations. 3) An error exists in the way Internet Explorer may access an object that has not been correctly initialised or has been deleted. This can be exploited to corrupt memory. 4) Two other unspecified errors may result in uninitialised memory being accessed in certain situations. 5) An error in the way arguments are validated in print preview handling can be exploited to corrupt memory. Successful exploitation of the vulnerabilities may allow execution of arbitrary code. SOLUTION: Apply patches. -- Windows 2000 SP4 -- Internet Explorer 5.01 SP4: http://www.microsoft.com/downloads/details...9D-DB0EE067D65B Internet Explorer 6 SP1: http://www.microsoft.com/downloads/details...A4-63A814954796 -- Internet Explorer 6 -- Windows XP SP2: http://www.microsoft.com/downloads/details...8D-4FCE44CC0BC2 Windows XP SP3: http://www.microsoft.com/downloads/details...8D-4FCE44CC0BC2 Windows XP Professional x64 Edition (optionally with SP2): http://www.microsoft.com/downloads/details...EF-34E7337FF604 Windows Server 2003 SP1/SP2: http://www.microsoft.com/downloads/details...A0-CE38EFE13524 Windows Server 2003 x64 Edition (optionally with SP2): http://www.microsoft.com/downloads/details...4E-7D4DDA5E0A90 Windows Server 2003 with SP1/SP2 for Itanium-based Systems: http://www.microsoft.com/downloads/details...BC-BB55EB0045FE -- Internet Explorer 7 -- Windows XP SP2/SP3: http://www.microsoft.com/downloads/details...A3-2D3C6A953752 Windows XP Professional x64 Edition (optionally with SP2): http://www.microsoft.com/downloads/details...18-AB0517C5E7CF Windows Server 2003 SP1/SP2: http://www.microsoft.com/downloads/details...7C-053DD59A65BF Windows Server 2003 x64 Edition (optionally with SP2): http://www.microsoft.com/downloads/details...D0-7D3CD71C1987 Windows Server 2003 with SP1/SP2 for Itanium-based Systems: http://www.microsoft.com/downloads/details...BD-1E3976C82ACF Windows Vista (optionally with SP1): http://www.microsoft.com/downloads/details...44-E4CB104C4CAD Windows Vista x64 Edition (optionally with SP1): http://www.microsoft.com/downloads/details...D6-80F991266428 Windows Server 2008 for 32-bit Systems: http://www.microsoft.com/downloads/details...CF-86D86C56B0F8 Windows Server 2008 for x64-based Systems: http://www.microsoft.com/downloads/details...67-A0EAE8D5EE5D Windows Server 2008 for Itanium-based Systems: http://www.microsoft.com/downloads/details...95-E9D7A5B3D3F7 PROVIDED AND/OR DISCOVERED BY: 1) The vendor credits Yamata Li, Palo Alto Networks. 2) Reported by the vendor. 3) The vendor credits Tavis Ormandy, Google Security Team. 4) The vendor credits Sam Thomas via ZDI along with TippingPoint and ZDI. 5) Reported by the vendor. ORIGINAL ADVISORY: MS08-045 (KB953838): http://www.microsoft.com/technet/security/...n/MS08-045.mspx ----------------------------------------------------------------------
Опубликовано 22 августа, 200817 г Автор а теперь то же самое для пользователей Opera ---------------------------------------------------------------------- TITLE: Opera Multiple Vulnerabilities SECUNIA ADVISORY ID: SA31549 VERIFY ADVISORY: http://secunia.com/advisories/31549/ CRITICAL: Highly critical IMPACT: Security Bypass, Spoofing, Exposure of sensitive information, DoS, System access WHERE: From remote SOFTWARE: Opera 5.x http://secunia.com/product/82/ Opera 6.x http://secunia.com/product/81/ Opera 7.x http://secunia.com/product/761/ Opera 8.x http://secunia.com/product/4932/ Opera 9.x http://secunia.com/product/10615/ DESCRIPTION: Some vulnerabilities have been reported in Opera, which can be exploited by malicious people to conduct spoofing and cross-site scripting attacks, bypass certain security restrictions, disclose potentially sensitive information, or potentially compromise a user's system. 1) An unspecified error exists when Opera is executed as a protocol handler. This can be exploited to cause a crash and potentially execute arbitrary code. NOTE: Reportedly, the vulnerability only affects Opera for Windows. 2) The problem is that a web page can change the address of frames from other sites opened inside a pop-up window. This can be exploited to load malicious content into a frame of a trusted website. 3) An unspecified error can be exploited to conduct cross-site scripting attacks. No further information is currently available. 4) An error exists in the processing of custom shortcut and menu commands. This can be exploited to execute applications with potentially dangerous parameters, created from uninitialized memory. Successful exploitation may allow execution of arbitrary code, but requires that a user is tricked into modifying shortcuts or menu files. 5) An error exists while reporting websites as secure for browsing. This can be exploited to determine the reporting of an insecure website as secure by including a frame with content from a secure website. 6) An error exists when checking if a web page links to a local file. This can be exploited to link to local feed source files and potentially determine if a file is present on the local system. 7) An error exists when processing news feed subscription requests. This can be exploited to change the address field to the address of the malicious web page and mislead a user. The vulnerabilities are reported in versions prior to 9.52. SOLUTION: Update to version 9.52. http://www.opera.com/download/ PROVIDED AND/OR DISCOVERED BY: The vendor credits: 3) Chris Weber of Casaba Security 4) Michael A. Puls II 5) Lars Kleinschmidt ORIGINAL ADVISORY: http://www.opera.com/docs/changelogs/windows/952/ http://www.opera.com/support/search/view/892/ http://www.opera.com/support/search/view/893/ http://www.opera.com/support/search/view/894/ http://www.opera.com/support/search/view/895/ http://www.opera.com/support/search/view/896/ http://www.opera.com/support/search/view/897/ ----------------------------------------------------------------------
Для публикации сообщений создайте учётную запись или авторизуйтесь