what you don't know can hurt you

Red Hat Security Advisory 2012-1542-01

Red Hat Security Advisory 2012-1542-01
Posted Dec 4, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1542-01 - Red Hat CloudForms is an on-premise hybrid cloud Infrastructure-as-a-Service product that lets you create and manage private and public clouds. Multiple input validation vulnerabilities were discovered in rubygem-activerecored. A remote attacker could possibly use these flaws to perform an SQL injection attack against an application using rubygem-activerecord. Multiple cross-site scripting flaws were found in rubygem-actionpack. A remote attacker could use these flaws to conduct XSS attacks against users of an application using rubygem-actionpack.

tags | advisory, remote, vulnerability, xss, sql injection
systems | linux, redhat
advisories | CVE-2012-1986, CVE-2012-1987, CVE-2012-1988, CVE-2012-2139, CVE-2012-2140, CVE-2012-2660, CVE-2012-2661, CVE-2012-2694, CVE-2012-2695, CVE-2012-3424, CVE-2012-3463, CVE-2012-3464, CVE-2012-3465, CVE-2012-3864, CVE-2012-3865, CVE-2012-3867
MD5 | e57ad96523b395ece603fe69fec783e1

Red Hat Security Advisory 2012-1542-01

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

=====================================================================
Red Hat Security Advisory

Synopsis: Moderate: CloudForms Commons 1.1 security update
Advisory ID: RHSA-2012:1542-01
Product: Red Hat CloudForms
Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-1542.html
Issue date: 2012-12-04
CVE Names: CVE-2012-1986 CVE-2012-1987 CVE-2012-1988
CVE-2012-2139 CVE-2012-2140 CVE-2012-2660
CVE-2012-2661 CVE-2012-2694 CVE-2012-2695
CVE-2012-3424 CVE-2012-3463 CVE-2012-3464
CVE-2012-3465 CVE-2012-3864 CVE-2012-3865
CVE-2012-3867
=====================================================================

1. Summary:

Updated CloudForms Commons packages that fix several security issues are
now available.

The Red Hat Security Response Team has rated this update as having moderate
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

2. Relevant releases/architectures:

Cloud Engine for RHEL 6 Server - noarch
System Engine for RHEL 6 Server - noarch

3. Description:

Red Hat CloudForms is an on-premise hybrid cloud
Infrastructure-as-a-Service (IaaS) product that lets you create and manage
private and public clouds.

Multiple input validation vulnerabilities were discovered in
rubygem-activerecored. A remote attacker could possibly use these flaws
to perform an SQL injection attack against an application using
rubygem-activerecord. (CVE-2012-2660, CVE-2012-2661, CVE-2012-2694,
CVE-2012-2695)

Multiple cross-site scripting (XSS) flaws were found in rubygem-actionpack.
A remote attacker could use these flaws to conduct XSS attacks against
users of an application using rubygem-actionpack. (CVE-2012-3463,
CVE-2012-3464, CVE-2012-3465)

A flaw was found in the HTTP digest authentication implementation in
rubygem-actionpack. A remote attacker could use this flaw to cause a
denial of service of an application using rubygem-actionpack and digest
authentication. (CVE-2012-3424)

An input validation flaw was found in rubygem-mail's Exim and Sendmail
delivery methods. A remote attacker could use this flaw to execute
arbitrary commands with the privileges of an application using
rubygem-mail. (CVE-2012-2140)

A directory traversal flaw was found in rubygem-mail's file delivery
method. A remote attacker could use this flaw to send a mail with a
specially crafted To: header and write to files with the privileges of
an application using rubygem-mail. (CVE-2012-2139)

Puppet was updated to version 2.6.17, which fixes multiple security
issues. These issues are not exposed by CloudForms. (CVE-2012-1986,
CVE-2012-1987, CVE-2012-1988, CVE-2012-3864, CVE-2012-3865, CVE-2012-3867)

Red Hat would like to thank Puppet Labs for reporting CVE-2012-1988,
CVE-2012-1986, CVE-2012-1987, CVE-2012-3864, CVE-2012-3865, and
CVE-2012-3867.

Users are advised to upgrade to these CloudForms Commons packages, which
resolve these issues.

4. Solution:

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258

5. Bugs fixed (http://bugzilla.redhat.com/):

810069 - CVE-2012-1986 puppet: Filebucket arbitrary file read
810070 - CVE-2012-1987 puppet: Filebucket denial of service
810071 - CVE-2012-1988 puppet: Filebucket arbitrary code execution
816352 - CVE-2012-2139 CVE-2012-2140 rubygem-mail: arbitrary command execution when using exim or sendmail from commandline, file system traversal flaw
827353 - CVE-2012-2660 rubygem-actionpack: Unsafe query generation
827363 - CVE-2012-2661 rubygem-activerecord: SQL injection when processing nested query paramaters
831573 - CVE-2012-2695 rubygem-activerecord: SQL injection when processing nested query paramaters (a different flaw than CVE-2012-2661)
831581 - CVE-2012-2694 rubygem-actionpack: Unsafe query generation (a different flaw than CVE-2012-2660)
839130 - CVE-2012-3864 puppet: authenticated clients allowed to read arbitrary files from the puppet master
839131 - CVE-2012-3865 puppet: authenticated clients allowed to delete arbitrary files on the puppet master
839158 - CVE-2012-3867 puppet: insufficient validation of agent names in CN of SSL certificate requests
843711 - CVE-2012-3424 rubygem-actionpack: DoS vulnerability in authenticate_or_request_with_http_digest
847196 - CVE-2012-3463 rubygem-actionpack: potential XSS vulnerability in select_tag prompt
847199 - CVE-2012-3464 rubygem-actionpack: potential XSS vulnerability
847200 - CVE-2012-3465 rubygem-actionpack: XSS Vulnerability in strip_tags

6. Package List:

Cloud Engine for RHEL 6 Server:

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/CloudForms/SRPMS/converge-ui-devel-1.0.4-1.el6cf.src.rpm
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/CloudForms/SRPMS/puppet-2.6.17-2.el6cf.src.rpm
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/CloudForms/SRPMS/rubygem-actionpack-3.0.10-10.el6cf.src.rpm
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/CloudForms/SRPMS/rubygem-activerecord-3.0.10-6.el6cf.src.rpm
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/CloudForms/SRPMS/rubygem-activesupport-3.0.10-4.el6cf.src.rpm
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/CloudForms/SRPMS/rubygem-chunky_png-1.2.0-3.el6cf.src.rpm
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/CloudForms/SRPMS/rubygem-compass-0.11.5-2.el6cf.src.rpm
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/CloudForms/SRPMS/rubygem-compass-960-plugin-0.10.4-2.el6cf.src.rpm
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/CloudForms/SRPMS/rubygem-delayed_job-2.1.4-2.el6cf.src.rpm
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/CloudForms/SRPMS/rubygem-ldap_fluff-0.1.3-1.el6_3.src.rpm
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/CloudForms/SRPMS/rubygem-mail-2.3.0-3.el6cf.src.rpm
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/CloudForms/SRPMS/rubygem-net-ldap-0.1.1-3.el6cf.src.rpm

noarch:
converge-ui-devel-1.0.4-1.el6cf.noarch.rpm
puppet-2.6.17-2.el6cf.noarch.rpm
puppet-server-2.6.17-2.el6cf.noarch.rpm
rubygem-actionpack-3.0.10-10.el6cf.noarch.rpm
rubygem-activerecord-3.0.10-6.el6cf.noarch.rpm
rubygem-activesupport-3.0.10-4.el6cf.noarch.rpm
rubygem-chunky_png-1.2.0-3.el6cf.noarch.rpm
rubygem-compass-0.11.5-2.el6cf.noarch.rpm
rubygem-compass-960-plugin-0.10.4-2.el6cf.noarch.rpm
rubygem-compass-960-plugin-doc-0.10.4-2.el6cf.noarch.rpm
rubygem-delayed_job-2.1.4-2.el6cf.noarch.rpm
rubygem-delayed_job-doc-2.1.4-2.el6cf.noarch.rpm
rubygem-ldap_fluff-0.1.3-1.el6_3.noarch.rpm
rubygem-mail-2.3.0-3.el6cf.noarch.rpm
rubygem-mail-doc-2.3.0-3.el6cf.noarch.rpm
rubygem-net-ldap-0.1.1-3.el6cf.noarch.rpm

System Engine for RHEL 6 Server:

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/CloudForms/SRPMS/converge-ui-devel-1.0.4-1.el6cf.src.rpm
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/CloudForms/SRPMS/puppet-2.6.17-2.el6cf.src.rpm
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/CloudForms/SRPMS/rubygem-actionpack-3.0.10-10.el6cf.src.rpm
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/CloudForms/SRPMS/rubygem-activerecord-3.0.10-6.el6cf.src.rpm
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/CloudForms/SRPMS/rubygem-activesupport-3.0.10-4.el6cf.src.rpm
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/CloudForms/SRPMS/rubygem-chunky_png-1.2.0-3.el6cf.src.rpm
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/CloudForms/SRPMS/rubygem-compass-0.11.5-2.el6cf.src.rpm
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/CloudForms/SRPMS/rubygem-compass-960-plugin-0.10.4-2.el6cf.src.rpm
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/CloudForms/SRPMS/rubygem-delayed_job-2.1.4-2.el6cf.src.rpm
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/CloudForms/SRPMS/rubygem-ldap_fluff-0.1.3-1.el6_3.src.rpm
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/CloudForms/SRPMS/rubygem-mail-2.3.0-3.el6cf.src.rpm
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/CloudForms/SRPMS/rubygem-net-ldap-0.1.1-3.el6cf.src.rpm

noarch:
converge-ui-devel-1.0.4-1.el6cf.noarch.rpm
puppet-2.6.17-2.el6cf.noarch.rpm
puppet-server-2.6.17-2.el6cf.noarch.rpm
rubygem-actionpack-3.0.10-10.el6cf.noarch.rpm
rubygem-activerecord-3.0.10-6.el6cf.noarch.rpm
rubygem-activesupport-3.0.10-4.el6cf.noarch.rpm
rubygem-chunky_png-1.2.0-3.el6cf.noarch.rpm
rubygem-compass-0.11.5-2.el6cf.noarch.rpm
rubygem-compass-960-plugin-0.10.4-2.el6cf.noarch.rpm
rubygem-compass-960-plugin-doc-0.10.4-2.el6cf.noarch.rpm
rubygem-delayed_job-2.1.4-2.el6cf.noarch.rpm
rubygem-delayed_job-doc-2.1.4-2.el6cf.noarch.rpm
rubygem-ldap_fluff-0.1.3-1.el6_3.noarch.rpm
rubygem-mail-2.3.0-3.el6cf.noarch.rpm
rubygem-mail-doc-2.3.0-3.el6cf.noarch.rpm
rubygem-net-ldap-0.1.1-3.el6cf.noarch.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package

7. References:

https://www.redhat.com/security/data/cve/CVE-2012-1986.html
https://www.redhat.com/security/data/cve/CVE-2012-1987.html
https://www.redhat.com/security/data/cve/CVE-2012-1988.html
https://www.redhat.com/security/data/cve/CVE-2012-2139.html
https://www.redhat.com/security/data/cve/CVE-2012-2140.html
https://www.redhat.com/security/data/cve/CVE-2012-2660.html
https://www.redhat.com/security/data/cve/CVE-2012-2661.html
https://www.redhat.com/security/data/cve/CVE-2012-2694.html
https://www.redhat.com/security/data/cve/CVE-2012-2695.html
https://www.redhat.com/security/data/cve/CVE-2012-3424.html
https://www.redhat.com/security/data/cve/CVE-2012-3463.html
https://www.redhat.com/security/data/cve/CVE-2012-3464.html
https://www.redhat.com/security/data/cve/CVE-2012-3465.html
https://www.redhat.com/security/data/cve/CVE-2012-3864.html
https://www.redhat.com/security/data/cve/CVE-2012-3865.html
https://www.redhat.com/security/data/cve/CVE-2012-3867.html
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2012 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFQvmNDXlSAg2UNWIIRAsT1AKC0njSJM+mT6sXBY2tY9K7a7wa2zwCfd6dz
7/ckq62GY//PjJhueUGO298=
=nIh2
-----END PGP SIGNATURE-----


--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce

Comments

RSS Feed Subscribe to this comment feed

No comments yet, be the first!

Login or Register to post a comment

File Archive:

February 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    1 Files
  • 2
    Feb 2nd
    2 Files
  • 3
    Feb 3rd
    17 Files
  • 4
    Feb 4th
    15 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    16 Files
  • 7
    Feb 7th
    19 Files
  • 8
    Feb 8th
    2 Files
  • 9
    Feb 9th
    2 Files
  • 10
    Feb 10th
    15 Files
  • 11
    Feb 11th
    20 Files
  • 12
    Feb 12th
    16 Files
  • 13
    Feb 13th
    19 Files
  • 14
    Feb 14th
    17 Files
  • 15
    Feb 15th
    4 Files
  • 16
    Feb 16th
    4 Files
  • 17
    Feb 17th
    34 Files
  • 18
    Feb 18th
    13 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close