Commonwealth Security and Risk Management staff has been tracking multiple vulnerabilities that may have significant impact for the Commonwealth Information Security community.
Summary:
1. Adobe Reader/Acrobat Multiple Vulnerabilities
2. Google Chrome Multiple Vulnerabilities
3. HP LaserJet P3015 Unspecified Security Bypass Vulnerability
4. IBM Java Multiple Vulnerabilties
5. IBM Rational License Key Server License Manager Log File Upload Vulnerability
6. IBM WebSphere Application Server Community Edition Tomcat Container Denial of Service
7. Microsoft January Security Bulletin
a. Vulnerability in Windows Kernel Could Allow Security Feature Bypass MS12-001 (2644615) – Important
b. Vulnerability in Windows Object Packager Could Allow Remote Code Execution MS12-002 (2603381) –Important
c. Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege MS12-003 (2646524) – Important
d. Vulnerabilities in Windows Media Could Allow Remote Code Execution MS12-004 (2636391) – Critical
e. Vulnerability in Microsoft Windows Could Allow Remote Code Execution MS12-005 (2584146) – Important
f. Vulnerability in SSL/TLS Could Allow Information Disclosure MS12-006 (2643584) – Important
g. Vulnerability in AntiXSS Library Could Allow Information Disclosure MS12-007 (2607664) – Important
8. Red Hat Multiple Vulnerabilities
9. SUSE Multiple Vulnerabilities
10. Wireshark Multiple Vulnerabilities
Vulnerability: Adobe Reader/Acrobat Multiple Vulnerabilities
Affected Software:
• Adobe Acrobat 9.x
• Adobe Acrobat 10.x
• Adobe Reader 9.x
• Adobe Reader 10.x
Explanation: Multiple vulnerabilities have been reported in Adobe Reader and Adobe Acrobat, which can be exploited by malicious people to compromise a user’s system.
Recommendation: Review the following advisories and have the software updated by your IT team or service provider as soon as possible after appropriate testing.
http://www.adobe.com/support/security/bulletins/apsb12-01.htm
https://secunia.com/advisories/45852
Vulnerability: Google Chrome Multiple Vulnerabilities
Affected Software:
• Google Chrome 16.x
Explanation: Multiple vulnerabilities have been reported in Google Chrome, which potentially can be exploited by malicious people to compromise a user’s system.
Recommendation: Review the following advisories and have the software updated by your IT team or service provider as soon as possible after appropriate testing.
http://googlechromereleases.blogspot.com/2012/01/stable-channel-update.html
https://secunia.com/advisories/47449
Vulnerability: HP LaserJet P3015 Unspecified Security Bypass Vulnerability
Affected Software:
• HP LaserJet P3015 Series
Explanation: A single vulnerability has been reported in HP LaserJet P3015, which can be exploited by malicious people to bypass certain security restrictions.
Recommendation: Review the following advisories and have the software updated by your IT team or service provider as soon as possible after appropriate testing.
http://h20565.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c03140700
https://secunia.com/advisories/47457
Vulnerability: IBM Java Multiple Vulnerabilities
Affected Software:
• IBM Java 1.4.x
• IBM Java 6.x
Explanation: IBM has acknowledged multiple vulnerabilities in IBM Java, which can be exploited by malicious peoples to disclose certain information, to disclose potentially sensitive information, to hijack a user’s session, to conduct DNS cache poisoning attacks, to manipulate certain data, to cause a Denial of Service condition, and to compromise a vulnerable system.
Recommendation: Review the following advisories and have the software updated by your IT team or service provider as soon as possible after appropriate testing.
http://www.ibm.com/developerworks/java/jdk/alerts/
https://secunia.com/advisories/47464
Vulnerability: IBM Rational License Key Server License Manager Log File Upload Vulnerability
Affected Software:
• IBM Rational License Key Server 8.x
Explanation: IBM has acknowledged a vulnerability in IBM Rational License Key Server, which can be exploited by malicious people to compromise a vulnerable system.
Recommendation: Review the following advisories and have the software updated by your IT team or service provider as soon as possible after appropriate testing.
http://www.ibm.com/support/docview.wss?uid=swg21577760
https://secunia.com/advisories/47522
Vulnerability: IBM WebSphere Application Server Community Edition Tomcat Container Denial of Service
Affected Software:
• IBM WebSphere Application Server Community Edition 1.x
• IBM WebSphere Application Server Community Edition 2.x
• IBM WebSphere Application Server Community Edition 3.x
Explanation: A single vulnerability has been reported in IBM WebSphere Application Server Community Edition, which can be exploited by malicious people to cause a Denial of Service condition.
Recommendation: Review the following advisories and have the software updated by your IT team or service provider as soon as possible after appropriate testing.
http://www.ibm.com/support/docview.wss?uid=swg21577274
http://www.ibm.com/support/docview.wss?uid=swg21575700
https://secunia.com/advisories/47473
Vulnerability: Vulnerability in Windows Kernel Could Allow Security Feature Bypass MS12-001 (2644615) – Important
Affected Software:
• Microsoft Windows 7
• Microsoft Windows Server 2003 Datacenter Edition
• Microsoft Windows Server 2003 Enterprise Edition
• Microsoft Windows Server 2003 Standard Edition
• Microsoft Windows Server 2003 Web Edition
• Microsoft Windows Server 2008
• Microsoft Windows Storage Server 2003
• Microsoft Windows Vista
• Microsoft Windows XP Professional
Explanation: A single vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to bypass certain security features.
Recommendation: Review the following advisories and have the software updated by your IT team or service provider as soon as possible after appropriate testing.
http://technet.microsoft.com/en-us/security/bulletin/ms12-001
https://secunia.com/advisories/47356
Vulnerability: Vulnerability in Windows Object Packager Could Allow Remote Code Execution MS12-002 (2603381) – Important
Affected Software:
• Microsoft Windows Server 2003 Datacenter Edition
• Microsoft Windows Server 2003 Enterprise Edition
• Microsoft Windows Server 2003 Standard Edition
• Microsoft Windows Server 2003 Web Edition
• Microsoft Windows Storage Server 2003
• Microsoft Windows XP Home Edition
• Microsoft Windows XP Professional
Explanation: A single vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user’s system.
Recommendation: Review the following advisories and have the software updated by your IT team or service provider as soon as possible after appropriate testing.
http://technet.microsoft.com/en-us/security/bulletin/ms12-002
https://secunia.com/advisories/45189
Vulnerability: Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege MS12-003 (2646524) – Important
Affected Software:
• Microsoft Windows Server 2003 Datacenter Edition
• Microsoft Windows Server 2003 Enterprise Edition
• Microsoft Windows Server 2003 Standard Edition
• Microsoft Windows Server 2003 Web Edition
• Microsoft Windows Server 2008
• Microsoft Windows Storage Server 2003
• Microsoft Windows Vista
• Microsoft Windows XP Home Edition
• Microsoft Windows XP Professional
Explanation: A single vulnerability has been reported in Microsoft Windows, which can be exploited by malicious, local users to gain escalated privileges.
Recommendation: Review the following advisories and have the software updated by your IT team or service provider as soon as possible after appropriate testing.
http://technet.microsoft.com/en-us/security/bulletin/ms12-003
https://secunia.com/advisories/47479
Vulnerability: Vulnerabilities in Windows Media Could Allow Remote Code Execution MS12-004 (2636391) – Critical
Affected Software:
• Microsoft Windows 7
• Microsoft Windows Server 2003 Datacenter Edition
• Microsoft Windows Server 2003 Enterprise Edition
• Microsoft Windows Server 2003 Standard Edition
• Microsoft Windows Server 2003 Web Edition
• Microsoft Windows Server 2008
• Microsoft Windows Storage Server 2003
• Microsoft Windows Vista
• Microsoft Windows XP Home Edition
• Microsoft Windows XP Professional
• Windows Media Center TV Pack for Windows Vista
Explanation: Two vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user’s system.
Recommendation: Review the following advisories and have the software updated by your IT team or service provider as soon as possible after appropriate testing.
http://technet.microsoft.com/en-us/security/bulletin/ms12-004
https://secunia.com/advisories/47485
Vulnerability: Vulnerability in Microsoft Windows Could Allow Remote Code Execution MS12-005 (2584146) – Important
Affected Software:
• Microsoft Windows 7
• Microsoft Windows Server 2003 Datacenter Edition
• Microsoft Windows Server 2003 Enterprise Edition
• Microsoft Windows Server 2003 Standard Edition
• Microsoft Windows Server 2003 Web Edition
• Microsoft Windows Server 2008
• Microsoft Windows Storage Server 2003
• Microsoft Windows Vista
• Microsoft Windows XP Home Edition
• Microsoft Windows XP Professional
Explanation: A single vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to disclose potentially sensitive information and hijack a user’s session.
Recommendation: Review the following advisories and have the software updated by your IT team or service provider as soon as possible after appropriate testing.
http://technet.microsoft.com/en-us/security/bulletin/ms12-005
https://secunia.com/advisories/47480
Vulnerability: Vulnerability in SSL/TLS Could Allow Information Disclosure MS12-006 (2643584) – Important
Affected Software:
• Microsoft Windows 7
• Microsoft Windows Server 2003 Datacenter Edition
• Microsoft Windows Server 2003 Enterprise Edition
• Microsoft Windows Server 2003 Standard Edition
• Microsoft Windows Server 2003 Web Edition
• Microsoft Windows Server 2008
• Microsoft Windows Storage Server 2003
• Microsoft Windows Vista
• Microsoft Windows XP Home Edition
• Microsoft Windows XP Professional
Explanation: A single vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to disclose potentially sensitive information and hijack a user’s session.
Recommendation: Review the following advisories and have the software updated by your IT team or service provider as soon as possible after appropriate testing.
http://technet.microsoft.com/en-us/security/bulletin/ms12-006
https://secunia.com/advisories/46168
Vulnerability: Vulnerability in AntiXSS Library Could Allow Information Disclosure MS12-007 (2607664) – Important
Affected Software:
• Microsoft AntiXSS Library 4.x
Explanation: A single vulnerability has been reported in Microsoft AntiXSS Library, which can be exploited by malicious people to bypass certain security restrictions.
Recommendation: Review the following advisories and have the software updated by your IT team or service provider as soon as possible after appropriate testing.
http://technet.microsoft.com/en-us/security/bulletin/ms12-007
https://secunia.com/advisories/47483
Vulnerability: Red Hat Multiple Vulnerabilities
Affected Software:
• Red Hat Enterprise Linux Extras v.4
• Red Hat Enterprise Linux Desktop 5
• Red Hat Enterprise Linux Desktop Supplementary (v.5 client)
• Red Hat Enterprise Linux Server 5
• Red Hat Enterprise Linux Supplementary (v.5 server)
• Red Hat Enterprise Linux Desktop Supplementary (v.6)
• Red Hat Enterprise Linux Server Supplementary (v.6)
• Red Hat Enterprise Linux Workstation Supplementary (v.6)
• Red Hat Enterprise MRG v2 for Red Hat Enterprise Linux (version 5)
• Libvirt 0.x
Explanation: Multiple vulnerabilities have been reported in the Red Hat software, which can be exploited by malicious people to disclose potentially sensitive information, to hijack a user’s session, to conduct DNS cache poisoning attacks, to manipulate certain data, to bypass certain security restrictions, to cause a Denial of Service condition, to gain escalated privileges and to compromise a vulnerable system.
A weakness has been reported in libvirt, which can be exploited by malicious people to bypass certain security restrictions.
Recommendation: Review the following advisories and have the software updated by your IT team or service provider as soon as possible after appropriate testing.
https://rhn.redhat.com/errata/RHSA-2012-0006.html
https://bugzilla.redhat.com/show_bug.cgi?id=760442
https://rhn.redhat.com/errata/RHSA-2012-0011.html
https://rhn.redhat.com/errata/RHSA-2012-0007.html
https://rhn.redhat.com/errata/RHSA-2012-0010.html
https://secunia.com/advisories/47476
https://secunia.com/advisories/47463
https://secunia.com/advisories/47510
https://secunia.com/advisories/47512
https://secunia.com/advisories/47511
Vulnerability: SUSE Multiple Vulnerabilities
Affected Software:
• openSUSE 11.3
• openSUSE 11.4
• SUSE Linux Enterprise Server (SLES) 9
• SUSE Linux Enterprise Server (SLES) 10
• SUSE Linux Enterprise Server (SLES) 11
Explanation: Multiple vulnerabilities have been reported in the SUSE software which can be exploited by malicious people to disclose potentially sensitive information, to cause a denial of service condition, to bypass certain security restrictions, to conduct spoofing attacks and to potentially compromise a vulnerable system.
Recommendation: Review the following advisories and have the software updated by your IT team or service provider as soon as possible after appropriate testing.
https://hermes.opensuse.org/messages/13154473
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00002.html
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00004.html
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00010.html
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00011.html
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00007.html
http://lists.opensuse.org/opensuse-updates/2012-01/msg00007.html
http://lists.opensuse.org/opensuse-updates/2012-01/msg00018.html
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00006.html
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00008.html
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00013.html
http://lists.opensuse.org/opensuse-updates/2012-01/msg00023.html
http://lists.opensuse.org/opensuse-updates/2012-01/msg00025.html
https://secunia.com/advisories/47423
https://secunia.com/advisories/47442
https://secunia.com/advisories/47441
https://secunia.com/advisories/47416
https://secunia.com/advisories/47409
https://secunia.com/advisories/47481
Vulnerability: Wireshark Multiple Vulnerabilities
Affected Software:
• Wireshare 1.x
Explanation: Multiple vulnerabilities have been reported in Wireshark, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a user’s system.
Recommendation: Review the following advisories and have the software updated by your IT team or service provider as soon as possible after appropriate testing.
http://www.wireshark.org/docs/relnotes/wireshark-1.6.5.html
http://www.wireshark.org/docs/relnotes/wireshark-1.4.11.html
http://www.wireshark.org/security/wnpa-sec-2012-01.html
http://www.wireshark.org/security/wnpa-sec-2012-02.html
http://www.wireshark.org/security/wnpa-sec-2012-03.html
https://secunia.com/advisories/47494