Commonwealth Security and Risk Management staff have been tracking multiple vulnerabilities related to Adobe AIR, Apple Safari, and Symantec Backup Exec for Windows Servers. Our recommendations are included below as some of the vulnerabilities may have significant impact for the Commonwealth Information Security community.
Vulnerability Description: Adobe AIR Remote Vulnerabilities
Pertinent Details: Adobe has issued a security advisory to address a single vulnerability in Adobe AIR. This vulnerability can be exploited by a remote attacker if an Adobe AIR application loads data from a malicious source. A successful exploitation of this vulnerability may allow a remote attacker to execute JavaScript code with elevated privileges.
More information can be found at the following URLs:
http://www.adobe.com/support/security/bulletins/apsb08-23.html
http://www.us-cert.gov/current/index.html#adobe_releases_update_for_air
http://www.securityfocus.com/bid/32334
http://www.securityfocus.com/bid/31117
http://www.securityfocus.com/bid/32129
Recommended Action: Review the Adobe security advisory located at the following URL: http://www.adobe.com/support/security/bulletins/apsb08-23.html. Apply the appropriate software updates as part of the next scheduled patch cycle.
Vulnerability Description: Apple Safari Multiple Vulnerabilities
Pertinent Details: Apple has released Safari version 3.2 to address multiple vulnerabilities in both the Apple OS-X and Microsoft Windows operating environments. These vulnerabilities may allow a remote attacker to execute arbitrary code, cause a denial-of-service condition, or obtain sensitive information.
More information can be found at the following URLs:
http://support.apple.com/kb/HT3298
http://www.us-cert.gov/current/index.html#apple_releases_security_updates_for2
Recommended Action: Review the Apple Knowledge Base article located at the following URLs: http://support.apple.com/kb/HT3298. Apply the appropriate software updates as soon as possible after appropriate testing.
Vulnerability Description: Symantec Backup Exec for Windows Multiple Vulnerabilities
Pertinent Details: Symantec has released a security advisory to address multiple vulnerabilities in the authentication methods used to log onto a Backup Exec Remote Agent for Windows, Linux/Unix, Macintosh and Remote Media Agent for Linux Servers. Successful exploitation of any of these vulnerabilities may allow an unprivileged user to gain unauthorized access to the application. Once authenticated, the user could further leverage a potential buffer overflow in the data management protocol to create a denial of service condition or possibly further compromise the targeted system.
More information can be found at the following URLs:
http://support.veritas.com/docs/314380
http://support.veritas.com/docs/314497
http://support.veritas.com/docs/314512
http://support.veritas.com/docs/314515
http://securityresponse.symantec.com/avcenter/security/Content/2008.11.19.html
http://secunia.com/advisories/32810/
Recommended Action: Review the Symantec security advisory for the version of Symantec Backup Exec used in your environment. Apply the software update as part of the next scheduled patch cycle.
Backup Exec for Windows Servers version 12.5 build 2213:
http://support.veritas.com/docs/314380
Backup Exec for Windows Servers version 12.0 build 1364:
http://support.veritas.com/docs/314497
Backup Exec for Windows Servers version 11d build 7170:
http://support.veritas.com/docs/314512
Backup Exec for Windows Servers version 11d build 6235:
http://support.veritas.com/docs/314515