Commonwealth Security Advisory – Dec 2nd, 2011

Commonwealth Security and Risk Management staff has been tracking multiple vulnerabilities that may have significant impact for the Commonwealth Information Security community.  

 

Summary:

  1. Adobe Flex Cross-Site Scripting Vulnerability
  2. HP Operations / Performance Agent Unauthorized Directory Access  Vulnerability
  3. HP-UX update for Tomcat Servlet Engine
  4. IBM AIX Multiple Vulnerabilities
  5. IBM Java Multiple Vulnerabilities
  6. BM WebSphere Application Server JSF Applications Request Handling Information Disclosure
  7. MAC RealPlayer Multiple Vulnerabilities
  8. Novell NetWare XNFS.NLM “xdrDecodeString()” Buffer Overflow Vulnerability
  9. Novell Open Enterprise Server iPrint Client “GetDriverSettings()” Buffer Overflow Vulnerability
  10. Oracle Solaris Multiple Vulnerabilities
  11. Red Hat Multiple Vulnerabilities
  12. SUSE Multiple Vulnerabilities
  13. VMware vCenter Update Manager Jetty Directory Traversal Vulnerability

 

 

Vulnerability:  Adobe Flex Cross-Site Scripting Vulnerability

 

Affected Software:

 

  • Adobe Flex 3.x
  • Adobe Flex 4.x

 

Explanation: A single vulnerability has been reported in Adobe Flex, which can be exploited by malicious people to conduct cross-site scripting attacks.

 

Recommendation: Review the following advisories and have the software updated by your IT team or service provider as soon as possible after appropriate testing.

 

http://www.adobe.com/support/security/bulletins/apsb11-25.html

http://kb2.adobe.com/cps/915/cpsid_91544.html

https://secunia.com/advisories/47053

 

 

Vulnerability:  HP Operations / Performance Agent Unauthorized Directory Access Vulnerability

 

Affected Software:

 

  • HP OpenView Performance Agent 4.x
  • HP Operations Agent 11.x
  • HP Performance Agent 5.x

 

Explanation: A single vulnerability has been reported in HP Performance Agent and HP Operations Agent, which can be exploited by malicious, local users to bypass certain security restrictions.

 

Recommendation: Review the following advisories and have the software updated by your IT team or service provider as soon as possible after appropriate testing.

 

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03091656

https://secunia.com/advisories/46971

 

 

Vulnerability:  HP-UX update for Tomcat Servlet Engine

 

Affected Software:

 

  • HP-UX 11.x

 

Explanation: HP has issued an update for Tomcat Servlet Engine in HP-UX. This fixes some weaknesses, a security issue, and multiple vulnerabilities, which can be exploited by malicious, local users to disclose sensitive information, bypass certain security restrictions, and cause a DoS (Denial of Service) and by malicious people to conduct cross-site scripting attacks, disclose potentially sensitive information, bypass certain security restrictions, and cause a DoS (Denial of Service).

 

Recommendation: Review the following advisories and have the software updated by your IT team or service provider as soon as possible after appropriate testing.

 

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03090723

https://secunia.com/advisories/46960

 

 

Vulnerability:  IBM AIX Multiple Vulnerabilities

 

Affected Software:

 

  • AIX 5.x
  • AIX 6.x
  • AIX 7.x

 

Explanation: IBM has acknowledged a multiple vulnerabilities in the AIX product, which can be exploited by malicious people to cause a Denial of Service  condition and to potentially compromise a vulnerable system.

 

Recommendation: Review the following advisories and have the software updated by your IT team or service provider as soon as possible after appropriate testing.

 

http://www.ibm.com/support/docview.wss?uid=isg1IV11106

http://www.ibm.com/support/docview.wss?uid=isg1IV11248

http://www.ibm.com/support/docview.wss?uid=isg1IV11377

http://www.ibm.com/support/docview.wss?uid=isg1IV11522

http://www.ibm.com/support/docview.wss?uid=isg1IV11533

http://aix.software.ibm.com/aix/efixes/security/perl_advisory2.asc

https://secunia.com/advisories/46536

https://secunia.com/advisories/46976

 

 

Vulnerability:  IBM Java Multiple Vulnerabilties

 

Affected Software:

 

  • IBM Java 5.0.x

 

Explanation: IBM has acknowledged multiple vulnerabilities in IBM Java, which can be exploited by malicious people to disclose certain information, to disclose potentially sensitive information, to cause a Denial of Service  condition, and to compromise a vulnerable system.

 

Recommendation: Review the following advisories and have the software updated by your IT team or service provider as soon as possible after appropriate testing.

 

http://www.ibm.com/developerworks/java/jdk/alerts/

https://secunia.com/advisories/46977

 

 

Vulnerability:  IBM WebSphere Application Server JSF Applications Request Handling Information Disclosure

 

Affected Software:

 

  • IBM WebSphere  Application Server 8.0.x

 

Explanation: A single vulnerability has been reported in IBM WebSphere Application Server, which can be exploited by malicious people to disclose potentially sensitive information.

 

Recommendation: Review the following advisories and have the software updated by your IT team or service provider as soon as possible after appropriate testing.

 

http://www.ibm.com/support/docview.wss?uid=swg27022958

https://secunia.com/advisories/46867

 

 

Vulnerability:  MAC RealPlayer Multiple Vulnerabilities

 

Affected Software:

 

  • Mac RealPlayer 12.x

 

Explanation: Multiple vulnerabilities have been reported in Mac RealPlayer, which can be exploited by malicious people to compromise a user’s system.

 

Recommendation: Review the following advisories and have the software updated by your IT team or service provider as soon as possible after appropriate testing.

 

http://service.real.com/realplayer/security/11182011_player/en/

https://secunia.com/advisories/46963

 

 

Vulnerability:  Novell NetWare XNFS.NLM “xdrDecodeString()” Buffer Overflow Vulnerability

 

Affected Software:

 

  • Novell Netware 6.x

 

Explanation: A single vulnerability has been reported in Novell NetWare, which can be exploited by malicious people to compromise a vulnerable system.

 

Recommendation: Review the following advisories and have the software updated by your IT team or service provider as soon as possible after appropriate testing.

 

http://download.novell.com/Download?buildid=Cfw1tDezgbw~

https://secunia.com/advisories/46898

 

 

Vulnerability:  Novell Open Enterprise Server iPrint Client “GetDriverSettings()” Buffer Overflow Vulnerability

 

Affected Software:

 

  • Novell Open Enterprise Server 2.x

 

Explanation: Novell has acknowledged a single vulnerability in Open Enterprise Server, which can be exploited by malicious people to compromise a user’s system.

 

Recommendation: Review the following advisories and have the software updated by your IT team or service provider as soon as possible after appropriate testing.

 

http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5117030.html

http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5117031.html

https://secunia.com/advisories/46936

 

 

Vulnerability:  Oracle Solaris Multiple Vulnerabilities

 

Affected Software:

 

  • Oracle Solaris 11 Express
  • Sun Solaris 10.x
  • Sun Solaris 8
  • Sun Solaris 9

 

Explanation: Oracle has acknowledged multiple vulnerabilities in the Solaris product, which can be exploited by malicious people to cause a Denial of Service condition and to compromise a vulnerable system.

 

Recommendation: Review the following advisories and have the software updated by your IT team or service provider as soon as possible after appropriate testing.

 

http://blogs.oracle.com/sunsecurity/entry/cve_2011_4313_denial_of

http://blogs.oracle.com/sunsecurity/entry/cve_2011_2896_buffer_overflow

https://secunia.com/advisories/46984

https://secunia.com/advisories/47000

 

 

Vulnerability: Red Hat Multiple Vulnerabilities

 

Affected Software:

 

  • Red Hat Desktop 4.x
  • Red Hat Enterprise Linux Extras v.4
  • Red Hat Enterprise Linux AS 4
  • Red Hat Enterprise Linux ES 4
  • Red Hat Enterprise Linux WS 4
  • Red Hat Enterprise Linux Desktop 5
  • Red Hat Enterprise Linux Desktop Supplementary (v.5 client)
  • Red Hat Enterprise Linux Desktop Workstation 5
  • Red Hat Enterprise Linux Server 5
  • Red Hat Enterprise Linux Supplementary (v.5 server)
  • Red Hat Enterprise Linux Desktop 6
  • Red Hat Enterprise Linux Desktop Supplementary (v.6)
  • Red Hat Enterprise Linux HPC Node 6
  • •Red Hat Enterprise Linux HPC Node Supplementary (v.6)
  • Red Hat Enterprise Linux Server 6
  • Red Hat Enterprise Linux Server Supplementary (v.6)
  • Red Hat Enterprise Linux Workstation 6
  • Red Hat Enterprise Linux Workstation Supplementary (v.6)

 

Explanation: Multiple vulnerabilities have been reported in the Red Hat software, which can be exploited by malicious people to disclose certain information, to disclose potentially sensitive information, to cause a Denial of Service condition, to gain escalated privileges and to compromise a vulnerable system.

 

Recommendation: Review the following advisories and have the software updated by your IT team or service provider as soon as possible after appropriate testing.

 

https://rhn.redhat.com/errata/RHSA-2011-1459.html

https://rhn.redhat.com/errata/RHSA-2011-1458.html

https://rhn.redhat.com/errata/RHSA-2011-1496.html

https://rhn.redhat.com/errata/RHSA-2011-1465.html

https://bugzilla.redhat.com/show_bug.cgi?id=742846

https://rhn.redhat.com/errata/RHSA-2011-1478.html

https://rhn.redhat.com/errata/RHSA-2011-1479.html

https://secunia.com/advisories/46906

https://secunia.com/advisories/46905

https://secunia.com/advisories/46972

https://secunia.com/advisories/46985

https://secunia.com/advisories/47008

 

 

Vulnerability: SUSE Multiple Vulnerabilities

 

Affected Software:

 

  • openSUSE 11.3
  • openSUSE 11.4
  • SUSE Linux Enterprise Server (SLES) 10
  • SUSE Linux Enterprise Server (SLES) 11

 

Explanation: Multiple vulnerabilities have been reported in the SUSE software which can be exploited by malicious people to conduct cross-site scripting attacks, to disclose potentially sensitive information, to bypass certain security restrictions, to gain escalated privileges, to conduct script insertion attacks, to conduct spoofing attacks,  to cause a Denial of Service  condition and to potentially compromise a vulnerable system.

 

Recommendation: Review the following advisories and have the software updated by your IT team or service provider as soon as possible after appropriate testing.

 

http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00020.html

https://hermes.opensuse.org/messages/12470848

http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00023.html

http://lists.opensuse.org/opensuse-updates/2011-11/msg00021.html

http://lists.opensuse.org/opensuse-updates/2011-11/msg00023.html

http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00021.html

http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00025.html

https://hermes.opensuse.org/messages/12586828

https://hermes.opensuse.org/messages/12587046

http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00031.html

http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00029.html

http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00030.html

http://lists.opensuse.org/opensuse-updates/2011-11/msg00025.html

http://lists.opensuse.org/opensuse-updates/2011-11/msg00026.html

https://hermes.opensuse.org/messages/12631003

https://hermes.opensuse.org/messages/12688652

https://hermes.opensuse.org/messages/12688644

https://secunia.com/advisories/46901

https://secunia.com/advisories/46916

https://secunia.com/advisories/46935

https://secunia.com/advisories/46939

https://secunia.com/advisories/46945

https://secunia.com/advisories/46917

https://secunia.com/advisories/46943

https://secunia.com/advisories/46938

https://secunia.com/advisories/46989

https://secunia.com/advisories/47033

https://secunia.com/advisories/47017

 

 

Vulnerability: VMware vCenter Update Manager Jetty Directory Traversal Vulnerability

 

Affected Software:

 

  • VMWare vCenter Update Manager 4.x

 

Explanation: A single vulnerability has been reported in the VMware vCenter Update Manager, which can be exploited by malicious people to disclose sensitive information.

 

Recommendation: Review the following advisories and have the software updated by your IT team or service provider as soon as possible after appropriate testing.

 

http://www.vmware.com/security/advisories/VMSA-2011-0014.html

https://secunia.com/advisories/46761