Commonwealth Security and Risk Management staff has been tracking multiple vulnerabilities that may have significant impact for the Commonwealth Information Security community.
Summary:
1. Apache Struts “ParameterInterceptor” Security Bypass Vulnerability
2. Asterisk SRTP Video Stream Negotiation Denial of Service Vulnerability
3. Cisco Digital Media Manager Administrative Resources Access Security Bypass Vulnerability
4. Cisco TelePresence System Default Root Account Security Issue
5. cURL SSL/TLS IV Selection Weakness and URL Sanitization Vulnerability
6. HP-UX Multiple Vulnerabilities
7. IBM DB2 Accessories Suite Outside In Technology Multiple Vulnerabilities
8. IBM Lotus Symphony Image Processing Integer Overflow Vulnerability
9. OpenSSL DTLS Denial of Service Vulnerability
10. Opera Filename Disclosure Weakness and Security Bypass Vulnerability
11. Oracle Solaris Multiple Vulnerabilities
12. Smokeping “displaymode” Cross-Site Scripting Vulnerability
13. Symantec pcAnywhere / IT Management Suite Code Execution and Insecure Permission
14. Red Hat Multiple Vulnerabilities
15. SUSE Multiple Vulnerabilities
16. Trend Micro DataArmor / DriveArmor Privilege Escalation Vulnerability
Vulnerability: Apache Struts “ParameterInterceptor” Security Bypass Vulnerability
Affected Software:
- Apache Struts 2.x
Explanation: A single vulnerability has been reported in Apache Struts, which can be exploited by malicious people to bypass certain security restrictions.
Recommendation: Review the following advisories and have the software updated by your IT team or service provider as soon as possible after appropriate testing.
http://struts.apache.org/2.x/docs/s2-009.html
https://secunia.com/advisories/47711
Vulnerability: Asterisk SRTP Video Stream Negotiation Denial of Service Vulnerability
Affected Software:
- Asterisk 1.x
- Asterisk 10.x
Explanation: A single vulnerability has been reported in Asterisk, which can be exploited by malicious people to cause a Denial of Service condition.
Recommendation: Review the following advisories and have the software updated by your IT team or service provider as soon as possible after appropriate testing.
http://downloads.asterisk.org/pub/security/AST-2012-001.html
https://secunia.com/advisories/47630
Vulnerability: Cisco Digital Media Manager Administrative Resources Access Security Bypass Vulnerability
Affected Software:
- Cisco Digital Media Manager 5.x
Explanation: A single vulnerability has been reported in Cisco Digital Media Manager, which can be exploited by malicious users to bypass certain security restrictions.
Recommendation: Review the following advisories and have the software updated by your IT team or service provider as soon as possible after appropriate testing.
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120118-dmm
https://secunia.com/advisories/47651
Vulnerability: Cisco TelePresence System Default Root Account Security Issue
Affected Software:
- Cisco TelePresence Systems (CTS)
Explanation: A security issue has been reported in Cisco TelePresence System, which can be exploited by malicious people to compromise a vulnerable system.
Recommendation: Review the following advisories and have the software updated by your IT team or service provider as soon as possible after appropriate testing.
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120118-te
https://secunia.com/advisories/47591
Vulnerability: cURL SSL/TLS IV Selection Weakness and URL Sanitization Vulnerability
Affected Software:
- cURL 7.x
Explanation: Multiple vulnerabilities have been reported in cURL, which can be exploited by malicious people to disclose potentially sensitive information, hijack a user’s session, and manipulate certain data.
Recommendation: Review the following advisories and have the software updated by your IT team or service provider as soon as possible after appropriate testing.
http://curl.haxx.se/docs/adv_20120124B.html
http://curl.haxx.se/docs/adv_20120124.html
https://secunia.com/advisories/47690
Vulnerability: HP-UX Multiple Vulnerabilities
Affected Software:
- HP-UX 11.x
Explanation: Multiple vulnerabilities have been reported in HP-UX, which can be exploited by malicious people to disclose certain information, to disclose potentially sensitive information, to hijack a user’s session, to conduct DNS cache poisoning attacks, to manipulate certain data, to cause a Denial of Service condition and to compromise a vulnerable system.
Recommendation: Review the following advisories and have the software updated by your IT team or service provider as soon as possible after appropriate testing.
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03122753
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03141193
https://secunia.com/advisories/47709
https://secunia.com/advisories/47673
Vulnerability: IBM DB2 Accessories Suite Outside In Technology Multiple Vulnerabilities
Affected Software:
- IBM DB2 Accessories Suite 9.x
Explanation: IBM has acknowledged multiple vulnerabilities in IBM DB2 Accessories Suite, which can be exploited by malicious people to compromise a vulnerable system.
Recommendation: Review the following advisories and have the software updated by your IT team or service provider as soon as possible after appropriate testing.
http://www.ibm.com/support/docview.wss?uid=swg21578978
https://secunia.com/advisories/47683
Vulnerability: IBM Lotus Symphony Image Processing Integer Overflow Vulnerability
Affected Software:
- IBM Lotus Symphony 3.x
Explanation: A single vulnerability has been reported in IBM Lotus Symphony, which can be exploited by malicious people to compromise a user’s system.
Recommendation: Review the following advisories and have the software updated by your IT team or service provider as soon as possible after appropriate testing.
http://www.ibm.com/support/docview.wss?uid=swg21578684
https://secunia.com/advisories/47245
Vulnerability: OpenSSL DTLS Denial of Service Vulnerability
Affected Software:
- OpenSSL 0.x
- OpenSSL 1.x
Explanation: A single vulnerability has been reported in OpenSSL, which can be exploited by malicious people to cause a Denial of Service condition.
Recommendation: Review the following advisories and have the software updated by your IT team or service provider as soon as possible after appropriate testing.
http://www.openssl.org/news/secadv_20120118.txt
https://secunia.com/advisories/47631
Vulnerability: Opera Filename Disclosure Weakness and Security Bypass Vulnerability
Affected Software:
- Opera 11.x
Explanation: Multiple vulnerabilities have been reported in Opera, which can be exploited by malicious people to disclose potentially sensitive information and to bypass certain security restrictions.
Recommendation: Review the following advisories and have the software updated by your IT team or service provider as soon as possible after appropriate testing.
http://www.opera.com/docs/changelogs/windows/1161/
http://www.opera.com/support/kb/view/1007/
http://www.opera.com/support/kb/view/1008/
https://secunia.com/advisories/47686
Vulnerability: Oracle Solaris Multiple Vulnerabilities
Affected Software:
- Oracle Solaris 11 Express
- Sun Solaris 10.x
Explanation: Multiple vulnerabilities have been reported in Oracle Solaris, which can be exploited by malicious people to cause a Denial of Service condition and to potentially compromise a vulnerable system.
Recommendation: Review the following advisories and have the software updated by your IT team or service provider as soon as possible after appropriate testing.
http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_libexif
http://blogs.oracle.com/sunsecurity/entry/cve_2011_3205_buffer_overflow
https://secunia.com/advisories/47623/
https://secunia.com/advisories/47629
Vulnerability: Smokeping “displaymode” Cross-Site Scripting Vulnerability
Affected Software:
- Smokeping 2.x
Explanation: A single vulnerability has been reported in Smokeping, which can be exploited by malicious people to conduct cross-site scripting attacks.
Recommendation: Review the following advisories and have the software updated by your IT team or service provider as soon as possible after appropriate testing.
http://oss.oetiker.ch/smokeping/pub/CHANGES
https://secunia.com/advisories/47678
Vulnerability: Symantec pcAnywhere / IT Management Suite Code Execution and Insecure Permission
Affected Software:
- Symantec Altiris IT Management Suite 7.x
- Symantec pcAnywhere 12.x
Explanation: Multiple vulnerabilities have been reported in Symantec pcAnywhere and IT Management Suite, which can be exploited by malicious people to perform certain actions with escalated privileged and to compromise a vulnerable system.
Recommendation: Review the following advisories and have the software updated by your IT team or service provider as soon as possible after appropriate testing.
https://secunia.com/advisories/47744
Vulnerability: Red Hat Multiple Vulnerabilities
Affected Software:
- Red Hat Enterprise Linux Extras v.4
- Red Hat Enterprise Linux Workstation 5
- Red Hat Enterprise Linux Server 5
- Red Hat Enterprise Linux Supplementary (v.5 client)
- Red Hat Enterprise Linux Supplementary (v.5 server)
- Red Hat Enterprise Linux Desktop 6
- Red Hat Enterprise Linux Desktop Supplementary (v.6)
- Red Hat Enterprise Linux HPC Node 6
- Red Hat Enterprise Linux HPC Node Supplementary (v.6)
- Red Hat Enterprise Linux Server 6
- Red Hat Enterprise Linux Server Supplementary (v.6)
- Red Hat Enterprise Linux Workstation 6
- Red Hat Enterprise Linux Workstation Supplementary (v.6)
- Red Hat Enterprise MGR v2 for Red Hat Enterprise Linux (version 6)
- Red Hat JBoss Enterprise Application Platform 4.3.x
Explanation: Multiple vulnerabilities have been reported in the Red Hat software, which can be exploited by malicious people to disclose potentially sensitive information, to bypass certain security restrictions, to hijack a user’s session, to conduct DNS cache poisoning attacks, to manipulate certain data, to cause a Denial of Service condition, to gain escalated privileges and to compromise a vulnerable system.
Recommendation: Review the following advisories and have the software updated by your IT team or service provider as soon as possible after appropriate testing.
https://rhn.redhat.com/errata/RHSA-2012-0062.html
https://rhn.redhat.com/errata/RHSA-2012-0059.html
https://rhn.redhat.com/errata/RHSA-2012-0060.html
http://rhn.redhat.com/errata/RHSA-2012-0058.html
https://rhn.redhat.com/errata/RHSA-2012-0050.html
http://rhn.redhat.com/errata/RHSA-2012-0052.html
http://rhn.redhat.com/errata/RHSA-2012-0061.html
https://rhn.redhat.com/errata/RHSA-2012-0041.html
https://rhn.redhat.com/errata/RHSA-2012-0034.html
https://rhn.redhat.com/errata/RHSA-2012-0033.html
https://secunia.com/advisories/47747
https://secunia.com/advisories/47748
https://secunia.com/advisories/47752
https://secunia.com/advisories/47749
https://secunia.com/advisories/47706
https://secunia.com/advisories/47708
https://secunia.com/advisories/47675
https://secunia.com/advisories/47633
https://secunia.com/advisories/47634
Vulnerability: SUSE Multiple Vulnerabilities
Affected Software:
- openSUSE 11.3
- openSUSE 11.4
- SUSE Linux Enterprise Server (SLES) 10
- SUSE Linux Enterprise Server (SLES) 11
Explanation: Multiple vulnerabilities have been reported in the SUSE software, which can be exploited by malicious people to disclose certain information, to disclose potentially sensitive information, to hijack a user’s session, to conduct DNS cache poisoning attacks, to conduct spoofing attacks, to manipulate certain data, to gain escalated privileges, to cause a Denial of Service condition and compromise a vulnerable system.
Recommendation: Review the following advisories and have the software updated by your IT team or service provider as soon as possible after appropriate testing.
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html
http://lists.opensuse.org/opensuse-updates/2012-01/msg00038.html
http://lists.opensuse.org/opensuse-updates/2012-01/msg00040.html
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00050.html
http://lists.opensuse.org/opensuse-updates/2012-01/msg00039.html
http://lists.opensuse.org/opensuse-updates/2012-01/msg00036.html
http://lists.opensuse.org/opensuse-updates/2012-01/msg00037.html
http://lists.opensuse.org/opensuse-updates/2012-01/msg00035.html
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00022.html
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00021.htm
https://secunia.com/advisories/47684
https://secunia.com/advisories/47635
https://secunia.com/advisories/47647
https://secunia.com/advisories/47655
https://secunia.com/advisories/47662
https://secunia.com/advisories/47672
https://secunia.com/advisories/47674
https://secunia.com/advisories/47645
Vulnerability: Trend Micro DataArmor / DriveArmor Privilege Escalation Vulnerability
Affected Software:
- Trend Micro DataArmor 3.x
- Trend Micro DriveArmor 3.x
Explanation: A single vulnerability has been reported in Trend Micro DataArmor and Trend Micro DriveArmor, which can be exploited by malicious, local users with physical access to gain escalated privileges.
Recommendation: Review the following advisories and have the software updated by your IT team or service provider as soon as possible after appropriate testing.
http://esupport.trendmicro.com/solution/en-us/1060043.aspx
https://secunia.com/advisories/47759