Recent vulnerabilities

I received notification through my ISP newsletter that there is a vulnerability in Adobe Reader. I have Adobe Reader 9 on a machine running Vista Home Premium. Is there a fix, and if so, where do I go to get it?

I clicked send too soon. I also want to know if there is a vulnerability if Adobe Flash?
Thank you

Similar Messages

  • Recent vulnerabilities (fixed in 5.1.1) apply to iOS 4.x too ?

    Hi,
    Several vulnerabilities were recently published and got fixed in 5.1.1 as per http://support.apple.com/kb/HT5278
    What remains unclear is whether the 4.x branch (in particular the latest available release 4.3.5 for that matter) is also affected or can be considered safe.
    While it's advisable to upgrade anyway, there might be technical / process constraints which prevent from doing so in an enterprise environement and I'd like to be able to assess risk and scope.
    This information is nowhere to be found so I'd appreciate some clarification from Apple.
    thanks & regards,
    Yannick

    @KiltedTim > We're talking about iPhone (or iPad) in the Enterprise.
    It is not always possible to upgrade, at least not immediatly, due to logistics constraints or compatibility issues with business applications.
    Therefore risk assessment is made and might influence priority / management decision.
    That's why I want to know whether the 4.x train is affected.
    And yes, it could well be that 4.x is affected.
    The original advisory says "Prior versions may also be affected " at  http://archives.neohapsis.com/archives/bugtraq/2012-03/0095.html
    @disel vdub> I called and emailed Apple but either no further details or no answer.
    I guess there are representatives from Apple on discussions.apple.com, just trying.

  • How Secure Are We?

    Hello there, Arch users.
    I'm a fairly secure user of Windows and Android operating systems. I've also recently wanted to further expand and harden my privacy and security out of a need, as I live under not-so-favorable conditions.
    I've switched my desktop OS to Linux less than a couple of months ago. Started with Linux Mint Debian Edition (a Debian "rolling release"). Was a fine learning experience and I've got to administer my home Linux box in a secure manner until it broke (nothing related to security, just that proprietary drivers broke over an update.. too lazy to fix it)
    Now I intend to install Arch after testing Antergos and getting to use the Arch environment. I'm interested in reading good tips on how to secure is the system and how to further increase security in terms of remote exploitation specifically. Should I depend on Arch as a daily *secure* driver for everyday needs? I need to address that firstly as it's the uncontrollable part; unlike human-infrastructure type of attacks. I did read the Security wiki, but I also need more tips from experience as what can be installed or what should be avoided.
    Some guidance questions:
    1- As this is a rolling release OS, is it more or less secure than long-support release systems?
    2- What specific tips can we use to further secure our systems?
    I'm currently using Antergos, but I intend to switch to full Arch install in about 2 weeks (will have free time by then). I like the Arch environment (and forums) and I'm interested in ways to further secure it.
    Also, a good tip would be like: you need to install ufw and gufw and run
    # sudo gufw
    and turn ufw on.
    3- How long, on average, does it usually take to patch vulnerabilities found in Linux, from your experience? i.e. Is it usually faster or slower than other distros? An educated guesstimate would work, as I don't expect to find standardized info.
    4- AUR! I need someone to go on all day about anything related to security about AUR. Awesome ArchWiki doesn't have much on this.
    For example:
    - When a package I installed is updated from vendors/authors, does my package pull from the source vendor and immediately update (most importantly, Google Chrome), or does my system have to wait for the package maintainer to actually update his work for yaourt to pull from? i.e. Does the system update packages as soon as the vendor updates them, or as soon as the maintainer updates them?
    - When I pacman -Syu, does this include updating AUR? Here
    5- What VPN do you guys use?
    # mod edit: less inflammatory title
    Last edited by jasonwryan (2015-01-28 20:22:08)

    Mars wrote:1- As this is a rolling release OS, is it more or less secure than long-support release systems?
    Two totally different things; "LTS" distributions aim to provide support to a generally "fixed" set of packages (ie, same major kernel, same major toolchain etc), usually back-porting security fixes to those packages where required. Rolling release aims to provide the latest packages of everything -- this can lead to a lot more breakages than an "LTS" distro if not managed properly. LTS is generally more forgiving of "lazy" management.
    As far a security goes, it's difficult to compare. LTS releases generally get security patches back-ported, but sometimes they may not, especially towards the end of the LTS life cycle, or if implementing the fix would significantly change expected behaviour of the software. On a Rolling Release, you'll get the latest which includes any security fixes, but also includes any NEW security issues (probably not even discovered yet) introduced in recent versions.
    Mars wrote:2- What specific tips can we use to further secure our systems?
    This is the same regardless of your distribution. The standard list applies: minimize your attack surface (use a firewall, disable services you don't need), use good passwords, enforce MAC instead of DAC (eg, SELinux or AppArmour).
    Mars wrote:3- How long, on average, does it usually take to patch vulnerabilities found in Linux, from your experience? i.e. Is it usually faster or slower than other distros? An educated guesstimate would work, as I don't expect to find standardized info.
    You say "in Linux" then "other distros" -- are you wanting to compare Linux to other operating systems, or Arch to other distributions? If it's the later, then Arch is generally quite on the ball. Looking at recent vulnerabilities:
    http://allanmcrae.com/2015/01/who-you-gonna-call/
    http://allanmcrae.com/2014/09/shellshoc … rch-linux/
    Mars wrote:- When a package I installed is updated from vendors/authors, does my package pull from the source vendor and immediately update (most importantly, Google Chrome), or does my system have to wait for the package maintainer to actually update his work for yaourt to pull from? i.e. Does the system update packages as soon as the vendor updates them, or as soon as the maintainer updates them?
    makepkg will do whatever the PKGBUILD tells it to do. If the PKGBUILD is for a specific version of a package (as is generally the case) then that is what it will build. You are free to download the PKGBUILD from the AUR and modify it yourself if it is not the version you want/latest version. This is fairly straightforward generally, and there is lots of information in the wiki, on man pages and generally around the web.
    The exception to this is git packages, which often pull the latest git tree before building, which means you'll *really* have the latest version, probably not even a version that has been released by the upstream developer.
    Mars wrote:- When I pacman -Syu, does this include updating AUR? Here
    No, read up on the wiki the difference between the official repos, the community repo and the AUR.
    Mars wrote:5- What VPN do you guys use?
    OpenVPN to my own VPS.

  • Firefox plug-in: Java Deployment Toolkit

    JRE 6u17 (probably older versions as well) install for Firefox the plug-in as in stated in subject.
    What is this plug-in good for?
    What functionality will the user miss if he/she decides to deactivate/uninstall the java deployment toolkit?

    Contrary to what BIJ001 suggests, the Java Deployment Toolkit Plugin is installed in Java SE 6 Update 10 and above.
    More info for the Java Deployment Toolkit Plugin can be found at:
    http://java.sun.com/javase/6/6u10faq.jsp#DT
    http://java.sun.com/javase/6/docs/technotes/guides/jweb/deployment_advice.html
    Ever since Java 6 Update 10, an NPAPI plugin and an ActiveX control (npdeploytk.dll and deploytk.dll, respectively) have both been installed by default with the JRE.
    You should be able to find them under one or more of these folders (there are other locations you may find them on your drive):
    C:\Program Files\Java\jre6\bin (both)
    C:\Program Files\Java\jre6\bin\new_plugin (npdeploytk.dll only)
    C:\WINDOWS\system32 (deploytk.dll only)
    The this new functionality is the focus of attention for 2 recent vulnerabilities:
    http://seclists.org/fulldisclosure/2010/Apr/119
    http://www.reversemode.com/index.php?option=com_content&task=view&id=67&Itemid=1

  • User unable to edit document in protected mode until 'enable all features' is selected everytime.

    In light of the most recent vulnerabilities identified in version 10.1.1 and the instructions in -  http://www.adobe.com/support/security/advisories/apsa11-04.html
    to use protected mode, I have informed my customers how that should be performed. However, I have at least one user that is unable to edit their document until they select the ' enable all features' function. Even after they do that, and the specific file is listed in the in the security (enhanced) > priviledged locations list, the user is required to select 'enable all features' every time for this file.
    Can someone tell me a solution?

    >Where are you seeing the "enable all features function"?
    The notification bar at the top of the document

  • HT1277 i have an imac and my cable company has stopped my emails because they say i have comp virus.....   thought macs don't get them ***???

    I am told by my cable company that my email has a virus so they stopped my emails.   How do I do a virus scan on a mac thought they didn't get viruses?

    It is entirely possible for an iMac to acquire and host malware; to be infected with what's often called (sometimes technically incorrectly) "a virus".
    This can be due to malware that was explicitly installed and authorized by an administrative user, or can be due to vulnerabilities in existing OS X software.  Recent vulnerabilities that can affect OS X users include those encountered in Safari, in Oracle Java, or in Adobe Flash, among other components.
    One of the most common paths for infection are explicitly-requested downloads, and that have then been authenticated by an administrative user.  Basically, a user that's been convinced to download and install and use an administrative password to authenticate the malware installation.  These have been seen with "video players", for instance, where a user downloads and installs an updated player; claimed to be Adobe Flash Player or some other CODEC or player component.
    There are other malware attacks possible.  Trojan horses have been seen targetting OS X, for instance.
    Depending on the details of the actual infestation here (if there is any infestation here, of course), it is possible for an ISP to spot an infected computer through various available monitoring mechanisms. Your OS X client system could be sending out mail messages directly through protocols that are server-oriented protocols (a rogue SMTP spam engine has been installed on your OS X client, for instance), and that outbound SMTP traffic can be easy to spot at a firewall or network monitor.  It's also possible to spot malware in the attachments in outbound messages that are routed via the ISP's mail servers, as well; various ISPs will scan messages.
    The first step is to determine if your system has unauthoriized malware installed.  Ask your ISP for what evidence they have for this infestation; what evidence they believe they've found.  It's also possible that you'll need to purchase anti-malware tools, or (depending on the particular severity of any infestation found) reinitialization and restoration.
    It's also possible for another system on your local network to be infested.  Windows boxes, Linux and even printers can become infested these days.
    And it's possible that you've received an infected document from somewhere, and have been working on it on OS X; that your system is hosting the malware, but that it's not actually infected.  (OS X, Linux and Unix file services can all host Windows malware easily, for instance, but those systems generally can't be infected by that particular malware.)
    And the ISP could be incorrect in their particular report to you.
    You'll probably need some help determining if this is a real malware infection, and then cleaning up the problem; somebody with some more experience in interpreting what the ISP has found, and in determining whether that indicates a problem with your OS X system, and then (if so) how to resolve it.  That might be somebody at the Apple Genius bar, or a local Apple specialist.

  • Recent Microsoft vulnerabilities

    I recently read the following article http://news.zdnet.co.uk/internet/0,39020369,39208852,00.htm
    I would like to find out if there are any currently enabled signatures to capture this vulnerability yet or are they on there way:
     Microsoft Color Management Module, a component of Windows that handles colors.
    Microsoft Security Bulletin MS05-036
    http://go.microsoft.com/fwlink/?linkid=49316
     JView Profiler, part of Microsoft's Java Virtual Machine
    Microsoft Security Bulletin MS05-037
    http://go.microsoft.com/fwlink/?linkid=49999

    My apologies, I have just visited the Cisco Intrusion Prevention Alert Center and I was able to find the answer to my question there.
    13 July 2005: Breaking News
    Cisco PSIRT has released three (3) recent advisories.
    Additional details can be found here:
    http://www.cisco.com/en/US/products/products_security_advisories_listing.html
    Microsoft has released 3 security bulletins.
    Additional details can be found here:
    http://www.microsoft.com/technet/security/bulletin/ms05-jul.mspx
    Signature release S180 contains signatures related to MS05-037.
    We are currently investigating the remaining vulnerabilities for possible signatures.

  • Multiple Vulnerabilities in Apple Mac OS X

    Every few months, somebody (with a PC) emails me one of notices.
    I assume Apple does their security updates othen enough to take care of this. Or am I wrong?
    Who makes these notices?
    What should I do when I get one of these notices?
    Here's THe whole EMAIL:
    Multiple Vulnerabilities in Apple Mac OS X
    Multiple Vulnerabilities in Apple Mac OS X. The full text of the document is
    provided below.
    Joint Task Force - Global Network Operations
    U N C L A S S I F I E D
    Joint Task Force - Global Network Operations (JTF-GNO) Information Assurance
    Vulnerability Technical Advisory
    Title: Multiple Vulnerabilities in Apple Mac OS X
    References:
    Security Focus
    http://www.securityfocus.com/bid/22948
    STIG Finding Severity: Category I
    CVE:
    CVE-2005-2959
    CVE-2006-0225
    CVE-2006-0300
    CVE-2006-1516
    CVE-2006-1517
    CVE-2006-2753
    CVE-2006-3081
    CVE-2006-3469
    CVE-2006-4031
    CVE-2006-4226
    CVE-2006-4829
    CVE-2006-4924
    CVE-2006-5051
    CVE-2006-5052
    CVE-2006-5330
    CVE-2006-5679
    CVE-2006-5836
    CVE-2006-6061
    CVE-2006-6062
    CVE-2006-6097
    CVE-2006-6129
    CVE-2006-6130
    CVE-2006-6173
    CVE-2007-0229
    CVE-2007-0236
    CVE-2007-0267
    CVE-2007-0299
    CVE-2007-0318
    CVE-2007-0463
    CVE-2007-0467
    CVE-2007-0588
    CVE-2007-0719
    CVE-2007-0720
    CVE-2007-0721
    CVE-2007-0722
    CVE-2007-0723
    CVE-2007-0724
    CVE-2007-0728
    CVE-2007-0726
    CVE-2007-0730
    CVE-2007-0731
    CVE-2007-0733
    CVE-2007-1071
    Executive Summary:
    There are multiple vulnerabilities affecting Apple Mac Operating System
    (OS) X and various Apple applications running on Mac OS X. Mac OS X is a
    proprietary operating system developed and sold by Apple Computer, Inc.,
    that is included with all currently shipped Apple Macintosh computers.
    Mac OS X Server is architecturally identical to its desktop counterpart and
    usually runs on Apple's line of Macintosh server hardware. It includes
    workgroup management and administration software tools that provide
    simplified access to key network services, including a mail server, a
    directory server, and a domain name server. Apple Mac OS X is Apple's latest
    OS software architecture. These vulnerabilities exist due to unchecked
    buffers, error conditions, and incorrect security settings in the software.
    Successful exploitation of these vulnerabilities may allow a remote attacker
    to execute arbitrary code, access or modify arbitrary data, escalation of
    privileges or cause denial of service conditions.
    Technical Overview:
    There are thirty vulnerabilities affecting Apple Mac Operating System OS X
    and various Apple applications running on Mac OS X addressed in this latest
    release. An attacker could exploit these vulnerabilities by enticing a user
    to use a maliciously crafted website, image, program, or code; or by making
    use of known implementation flaws. Results of an attacker exploiting any of
    these vulnerabilities include the execution of arbitrary code, triggering a
    Denial of Service (DoS), or elevation of user privileges.
    The following specific vulnerabilities affecting Apple Mac OS X:
    ColorSync Profile Vulnerability - CVE-2007-0719 A stack buffer overflow
    exists in the handling of embedded ColorSync profiles. By enticing a user to
    open a maliciously-crafted image, an attacker can trigger the overflow,
    which may lead to an unexpected application termination or arbitrary code
    execution. This update performs additional validation of ColorSync profiles.
    Crash Reporter Vulnerability - CVE-2007-0467 Crash Reporter uses an
    admin-writable system directory to store logs of processes that have been
    unexpectedly terminated. A malicious process running as an admin can cause
    these logs to be written to arbitrary files as root, which could result in
    the execution of commands with elevated privileges. This update performs
    additional validation prior to writing to log files.
    CUPS Vulnerability - CVE-2007-0720
    A partially-negotiated SSL connection with the CUPS service may prevent
    other requests from being served until the connection is closed. Remote
    attackers may cause a denial of service during SSL negotiation This update
    implements timeouts during SSL negotiation.
    Disk Images-Helper Vulnerability - CVE-2007-0721 A memory corruption
    vulnerability exists in diskimages-helper. By enticing a user to open a
    maliciously-crafted compressed disk image, an attacker could trigger this
    issue which may lead to an unexpected application termination or arbitrary
    code execution. Mounting a maliciously-crafted disk image may lead to an
    unexpected application termination or arbitrary code execution. This update
    performs additional validation of disk images.
    AppleSingleEnding Disk Images Vulnerability - CVE-2007-0722 An integer
    overflow vulnerability exists in the handler for AppleSingleEncoding disk
    images. By enticing a local user to open a maliciously-crafted disk image,
    an attacker could trigger the overflow which may lead to an unexpected
    application termination or arbitrary code execution. Mounting a
    maliciously-crafted AppleSingleEncoding disk image may lead to an unexpected
    application termination or arbitrary code execution. This update performs
    additional validation of AppleSingleEncoding disk images.
    Multiple Malicious Disk Image Vulnerabilities - CVE-2006-6061,
    CVE-2006-6062, CVE-2006-5679, CVE-2007-0229, CVE-2007-0267,
    CVE-2007-0299
    Several vulnerabilities exist in the processing of maliciously-crafted disk
    images that may lead to an unexpected termination of system operations or
    arbitrary code execution. Since a disk image may be automatically mounted
    when visiting web sites, this allows a malicious web site to cause a denial
    of service. This update performs additional validation of downloaded disk
    images prior to mounting them.
    Directory Service (DS) Plug-In Vulnerability - CVE-2007-0723 An
    implementation flaw in DirectoryService allows an unprivileged LDAP user to
    change the local root password. The authentication mechanism in
    DirectoryService has been fixed in this release.
    Flash Player Vulnerability - CVE-2006-5330 Adobe Flash Player is updated to
    version 9.0.28.0 to fix a potential vulnerability that could allow HTTP
    request splitting attacks. This is accomplished by playing a
    maliciously-crafted Flash content on a vulnerable system. This issue is
    described as APSB06-18 on the Adobe web site at
    http://www.adobe.com/support/security/
    Multiple GNU Tar Vulnerabilities - CVE-2006-0300, CVE-2006-6097 One GNU TAR
    vulnerability involves a buffer overflow, which allows user-assisted
    attackers to cause a denial of service (application crash) and possibly
    execute arbitrary code via unspecified vectors involving PAX extended
    headers. The second GNU TAR vulnerability allows user-assisted attackers to
    overwrite arbitrary files via a tar file that contains a GNUTYPE_NAMES
    record with a symbolic link. This record is not properly handled by the
    extract_archive function in extract.c and
    extract_mangle function in mangle.c.
    HFS+ Filesystem Vulnerability - CVE-2007-0318
    An HFS+ filesystem in a mounted disk image can be constructed to trigger a
    kernel panic (denial of service) when attempting to remove a file from a
    mounted filesystem. This update performs additional validation of the
    HFS+ filesystem.
    IOKit HID Vulnerability - CVE-2007-0724 Insufficient controls in the IOKit
    HID interface allow any logged in user to capture console keystrokes,
    including passwords and other sensitive information of other users on a
    local system. This update limits HID device events to processes belonging to
    the current console user.
    ImageIO GIF Vulnerability - CVE-2007-1071 An integer overflow vulnerability
    exists in the process of handling GIF files. By enticing a user to open a
    maliciously-crafted image, an attacker can trigger the overflow which may
    lead to an unexpected application termination or arbitrary code execution.
    This issue does not affect systems prior to Mac OS X v10.4.
    ImageIO Raw Images Vulnerability - CVE-2007-0733 A memory corruption issue
    exists in the process of handling RAW images.
    By enticing a user to open a maliciously-crafted RAW image, an attacker can
    trigger the issue which may lead to an unexpected application termination or
    arbitrary code execution. This update performs additional validation of RAW
    images. This issue does not affect systems prior to Mac OS X v10.4.
    Kernel Vulnerability via fpathconf() System Call - CVE-2006-5836 Malicious
    local users may be able to cause a denial of service by using the
    fpathconf() system call on certain file types. The result of this action
    would be a kernel panic (denial of service). This update improves the
    handling for all kernel defined file types.
    Kernel Vulnerability via Universal Mach-O Binaries - CVE-2006-6129 An
    integer overflow vulnerability exists in the loading of maliciously-crafted
    Universal Mach-O binaries. This could allow a malicious local user to cause
    a kernel panic, an arbitrary code execution, or the elevation of system
    privileges. This update performs additional validation of Universal
    binaries.
    Kernel Vulnerability via sharedregion_make_privatenp() System Call -
    CVE-2006-6173
    The sharedregion_make_privatenp() system call allows a maliciously-crafted
    program to request a large allocation of kernel memory. This could allow a
    malicious local user to cause a system hang.
    This issue does not allow an integer overflow to occur, and it cannot lead
    to arbitrary code execution. This update incorporates additional validation
    of the arguments passed to sharedregion_make_privatenp().
    Multiple MySQL Server Vulnerabilities - CVE-2006-1516, CVE-2006-1517,
    CVE-2006-2753, CVE-2006-3081, CVE-2006-4031, CVE-2006-4226,
    CVE-2006-3469
    Multiple vulnerabilities exist in MySQL which could be exploited by
    attackers making use of known system flaws via specially crafted codes.
    In addition to being able to execute arbitrary code, the attacker could also
    exploit these vulnerabilities causing a denial of service or buffer
    over-read; obtaining sensitive information; and creating/accessing a
    database.
    Networking Vulnerability via AppleTalk Protocol Handler - CVE-2006-6130 A
    memory corruption issue exists in the AppleTalk protocol handler. This could
    allow a malicious local user to cause a kernel panic, or gain system
    privileges to execute arbitrary code. This update performs additional
    validation of the input data structures.
    Networking Vulnerability via AppleTalk Requests - CVE-2007-0236 A heap
    buffer overflow vulnerability exists in the AppleTalk protocol handler. By
    sending a maliciously-crafted request, a local user can trigger the overflow
    which may lead to a denial of service or arbitrary code execution. This
    update performs additional validation of the input data.
    OpenSSH Keys Vulnerability - CVE-2007-0726 A remote attacker can destroy
    established trust between SSH hosts by causing SSH Keys to be regenerated.
    SSH keys are created on a server when the first SSH connection is
    established. An attacker connecting to the server before SSH has finished
    creating the keys could force the keys then to be recreated. This could
    result in a denial of service against processes that rely on a trust
    relationship with the server.
    Systems that already have SSH enabled and have rebooted at least once are
    not vulnerable to this issue. This issue is addressed by improving the SSH
    key generation process. This issue is specific to the Apple implementation
    of OpenSSH.
    Multiple OpenSSH Vulnerabilities - CVE-2006-0225, CVE-2006-4924,
    CVE-2006-5051, CVE-2006-5052 Multiple vulnerabilities exist in OpenSSH, to
    include compilation and faulty authentication errors. An attacker could use
    these vulnerabilities in specially crafted codes/commands to cause the
    execution of arbitrary code, or a denial of service.
    USB Printing Vulnerability - CVE-2007-0728 Insecure file operations may
    occur during the initialization of a USB printer. An unprivileged attacker
    with system privileges may leverage this issue to create or overwrite
    arbitrary files on the system. This update improves the printer
    initialization process.
    QuickDraw PICT Image Processing Vulnerability - CVE-2007-0588 A heap buffer
    overflow vulnerability exists in QuickDraw's PICT image processing. By
    enticing a user to open a maliciously-crafted PICT image, an attacker can
    trigger the overflow which may lead to an unexpected application termination
    or arbitrary code execution. This update performs additional validation of
    PICT files.
    servermgrd Authentication Credentials Vulnerability - CVE-2007-0730 An issue
    in Server Manager's validation of authentication credentials could allow a
    remote attacker without valid credentials to alter the system configuration.
    This update addresses the issue by additional validation of authentication
    credentials.
    SMB File Server Vulnerability - CVE-2007-0731 A stack-based buffer overflow
    in the Apple-specific Samba module (SMB File Server) allows a user with
    write access to an SMB share to execute arbitrary code via a long ACLA file
    with an overly-long ACL. This could lead to a denial of service or arbitrary
    code execution. This update performs additional validation of ACLs. This
    issue does not affect systems prior to Mac OS X v10.4.
    Software Update Application Vulnerability - CVE-2007-0463 A format string
    vulnerability exists in the Software Update application.
    By enticing a user to download and open a maliciously-crafted Software
    Update Catalog file, an attacker can trigger the vulnerability which may
    lead to an unexpected application termination or arbitrary code execution.
    This update removes document bindings for Software Update Catalogs. This
    issue does not affect systems prior to Mac OS X v10.4.
    sudo Configuration Vulnerability - CVE-2005-2959 A user-modified sudo
    configuration could allow environment variables to be passed through to the
    program running as a privileged user. If sudo is configured to allow an
    otherwise unprivileged user to execute a given bash script with elevated
    privileges, the user may be able to execute arbitrary code with elevated
    privileges. Systems with the default sudo configuration are not vulnerable
    to this issue. This issue has been addressed by updating sudo to 1.6.8p12.
    Further information is available via the sudo web site at
    http://www.sudo.ws/sudo/current.html
    Blojsom WebLog Vulnerability - CVE-2006-4829 A cross-site scripting
    vulnerability exists in Blojsom. This allows remote attackers to inject
    JavaScript into blog content that will execute in the domain of the Blojsom
    server. This update performs additional validation of the user input. This
    issue does not affect systems prior to Mac OS X v10.4.
    Vulnerable Applications/Systems and Countermeasures:
    Vulnerable applications/systems with fixes available:
    Compliance is RECOMMENDED. Although this notice is a Technical Advisory,
    Systems Administrators should strongly consider implementing these updates.
    Apple Mac OS X 10.3.9
    Apple Mac OS X 10.4.0
    Apple Mac OS X 10.4.1
    Apple Mac OS X 10.4.2
    Apple Mac OS X 10.4.3
    Apple Mac OS X 10.4.4
    Apple Mac OS X 10.4.5
    Apple Mac OS X 10.4.6
    Apple Mac OS X 10.4.7
    Apple Mac OS X 10.4.8
    Apple Mac OS X Server 10.3.9
    Apple Mac OS X Server 10.4.0
    Apple Mac OS X Server 10.4.1
    Apple Mac OS X Server 10.4.2
    Apple Mac OS X Server 10.4.3
    Apple Mac OS X Server 10.4.4
    Apple Mac OS X Server 10.4.5
    Apple Mac OS X Server 10.4.6
    Apple Mac OS X Server 10.4.7
    Apple Mac OS X Server 10.4.8
    Temporary Mitigation Strategies
    None
    Vulnerable applications/systems with no patches available, vendor temporary
    recommended mitigations available:
    Permanent fixes are not available. Temporary mitigations have been provided
    to protect vulnerable systems until permanent patches are available.
    Administrators should consider using the temporary mitigations provided or
    develop local strategies to protect vulnerable systems from attack.
    None
    Vulnerable applications/systems with no patch or temporary recommended
    mitigations:
    There are no patches or temporary mitigations available. Administrators
    should consider developing strategies to protect vulnerable systems based on
    local mission requirements and operational impact. As patches or workarounds
    become available the status will be upgraded to "Fix available" or
    "Mitigation Available".
    None
    Unsupported Software:
    Mac OS X versions prior to 10.3.9

    Who's sending you these emails and why? It sounds like a Windows apologist with an inferiority complex trying to make OS X look bad. The facts are that there are no viruses or malware in the wild at this time actively compromising OS X users. Discovered flaws and vulnerabilities do not immediately translate into active malware on OS X like they do on Windows. Apple releases security updates on a regular basis. The recent OS X 10.4.9 update, for example, provided fixes for some 45 known security issues. OS X is by no means a perfect piece of code but you are infinitely safer on the internet using OS X than you are using any version of Windows, including the new Vista.
    As to who makes these notices there are security researchers and companies whose job it is to find and report security flaws in any operating system or application they choose to inspect. They provide a valuable service to companies like Apple and Microsoft in helping them close holes in their software.
    CVE stands for "Common Vulnerabilities and Exposures" and is a standardized way of cataloging security issues. CVE is supported by CERT (Computer Emergency Response Team) which in turn is supported by the Federal Government and the Department of Homeland Security.
    Here is the web site link...
    http://cve.mitre.org/about/
    The best response when you get one of these emails is to do nothing. Instead, keep your system current and up-to-date with all security updates and OS X updates released by Apple. And above all, don't worry.
    Dual 2.5GHz G5 Power Macintosh   Mac OS X (10.4.9)  

  • Apache vulnerabilities

    We've recently had some security consultants go through our environment and the report they've provided has advised that some high priority upgrades are required on our NetWare servers around the Apache versions.
    We are running NW65sp7, and the report advises upgrading Modjk to 1.2.27 or higher (due to Apache Tomcat Mod_JK.SO Arbitrary Code Execution Vulnerability), and also upgrading Apache from 2.2.3, citing a list of vulnerabilities (for example Apache APR and APR-util Multiple Integer Overflow Vulnerabilities and Apache 'Options' and 'AllowOverride' Directives Security Bypass Vulnerability) .
    So 2 queries, searching the Apache website around these vulnerabilities does not list NetWare as an affected NOS, so is is really something I need to worry about? (after helping them out on site I have my doubts as to how Novell savvy these people were)
    And secondly, assuming that it is something I need to worry about, will going to SP8 sort them out or should I upgrade Apache separately? (We are going to SP8 in the next couple of weeks anyway). I would have thought that if these were serious vulnerabilities the fix would have been bundled into an SP release or at least a Novell patch.
    Thanks
    Dean

    On 24/11/2009 03:26, ddnicholls wrote:
    > We've recently had some security consultants go through our environment
    > and the report they've provided has advised that some high priority
    > upgrades are required on our NetWare servers around the Apache
    > versions.
    I'm always wary of security scans of NetWare servers since things are
    often flagged based on version numbers rather than whether the
    vulnerability actually exists for that device in question. The devil is
    in the detail as they say.
    > We are running NW65sp7, and the report advises upgrading Modjk to
    > 1.2.27 or higher (due to 'Apache Tomcat Mod_JK.SO Arbitrary Code
    > Execution Vulnerability' (http://www.securityfocus.com/bid/22791)), and
    > also upgrading Apache from 2.2.3, citing a list of vulnerabilities (for
    > example 'Apache APR and APR-util Multiple Integer Overflow
    > Vulnerabilities' (http://www.securityfocus.com/bid/35949) and 'Apache
    > 'Options' and 'AllowOverride' Directives Security Bypass Vulnerability'
    > (http://www.securityfocus.com/bid/35115)) .
    NetWare 6.5 SP7 includes Apache 2.0.59 and mod_jk 1.2.21.
    > So 2 queries, searching the Apache website around these vulnerabilities
    > does not list NetWare as an affected NOS, so is is really something I
    > need to worry about? (after helping them out on site I have my doubts as
    > to how Novell savvy these people were)
    That's difficult to find out - NetWare is a different beast to Linux
    (for example) and how Apache is implemented is different.
    > And secondly, assuming that it is something I need to worry about, will
    > going to SP8 sort them out or should I upgrade Apache separately? (We
    > are going to SP8 in the next couple of weeks anyway). I would have
    > thought that if these were serious vulnerabilities the fix would have
    > been bundled into an SP release or at least a Novell patch.
    NetWare 6.5 SP8 includes Apache 2.0.63 and mod_jk 1.2.23.
    If you are only doing web serving from the server in question then you
    could manually install the latest version of Apache 2.2.x (currently
    2.2.14).
    However if the server handles iPrint, NetStorage, etc. then the relevant
    Apache modules are only for Apache 2.0.x and there are no plans to
    provide Apache 2.2.x compatible modules.
    It may well be that whilst Apache and mod_jk are not the latest versions
    they may not be vulnerable as the necessary fixes may be included - you
    see this SUSE Linux.
    What you can do is stop your web server giving out detailed information
    which is what these security scans use and help hackers identify
    targets. Within the httpd.conf set 'ServerSignature Off' and
    'ServerTokens ProductOnly'. See
    http://httpd.apache.org/docs/2.0/mod/core.html
    HTH.
    Simon
    Novell Knowledge Partner (NKP)
    Do you work with Novell technologies at a university, college or school?
    If so, your campus could benefit from joining the Novell Technology
    Transfer Partners (TTP) group. See www.novell.com/ttp for more details.

  • Unable to Update CS5 Vulnerabilities

    We recently (re-)installed Adobe CS5 Design Premium.  Yesterday, Kaspersky Internet Security 2012 (KIS) indicated we have several (security) vulnerabilities:
    Adobe Flash Player 10.1 r52
    * c:\program files...\Adobe\Adobe Flash Catalyst CS5\player\win\FlashPlayer.exe
    * ...\Adobe\Adobe Flash CS5\Players\Debug\FlashPlayerDebugger.exe
    * ...\Adobe\Adobe Flash CS5\Players\Release\FlashPlayer.exe)
    * ...\Adobe\Adobe Flash CS5\Players\FlashPlayer.exe
    Illustrator CS5
    * ...\Adobe\Adobe Flash Catalyst CS5\plugins\com.adobe.flexide.nativelibs_1.0.0.273393\libs\AILib.dll
    * ...\Adobe\Adobbe Fireworks CS5\AILib.dll
    * ...\Adobe\Adobe\AdobePatchFiles\66FBC7A2-A6A6-8468-C4FB97C923CD}\2b0ccbeb393cb7f2ab90af58 ...
    * ...\Adobe\Adobe Illustrator CS5\Support Files\Contents\Windows\Illustrator.exe
    * ...\Adobe\Adobe Flash CS5\AILib.dll
    Adobe InDesign CS5
    * ...\Adobe\Adobe\AdobePatchFiles\{719E1C04-9031-1014-8D2D-8FA57837B53E}\087f27f0c717811815 8a8eaed...
    * C:\Program Files ...\Common Files\Adobe\Shell\CS5\icons.dll
    Adobe Photoshop CS5
    * C:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe
    * ...\Adobe\Adobe Photoshop CS5\Photoshop.exe
    When we go to Adobe and attempt to update these files, we get an error message something like, "Please update to the latest version."
    How are we supposed to resolve this?  We cannot upgrade to CS6 at this time.
    Please advise ASAP.

    The attached jpg image shows the relevant section of yesterday's Kaspersky PURE detailed report.  You probably need to zoom in on it.  It appears much larger in Microsoft Paint.
    Kaspersky does not indicate where to find updates, only that the listed program's company has indicated vulnerabilities requiring patches or updates.
    If that site lists all updates for Adobe programs, I would have appreciated having that information when I first posted.

  • Oracle Security Vulnerabilities?

    Hi all,
    We're running many PHP 5.x applications in a distributed environment that use the OCI client to access Oracle 10g databases.
    Our server administration group is migrating to a new server and is refusing to install or support the OCI Instant client under Linux saying it's a security problem. Specifically, they say that the OCI Instant Client is exposed to buffer overflows and stack smashing. Their recommendation? Rewrite all our apps to use another database. Yeah, right.
    They provided me with two sources to explain the issues:
    http://www.dummies.com/WileyCDA/DummiesArticle/id-2900.html
    and
    Re: Problems with libclntsh.so.10.1 and PHP/Apache HTTPD
    Is this really a security problem? If so, what can be done to mitigate the risk?
    Thanks,
    John

    Hi all,
    I thought I’d jump in this thread with a few thoughts.
    Security flaws unfortunately affect software, both commercial and open source. I believe that what sets Oracle apart from many other vendors is the company’s commitment to security. Oracle Software Security Assurance (http://www.oracle.com/security/software-security-assurance.html) includes the most transparent vulnerability remediation policy in the industry. Furthermore, the Critical Patch Update (CPU) process (http://www.oracle.com/technology/deploy/security/alerts.htm) provides a predictable mechanism for the remediation of security vulnerabilities in Oracle software. By comparison, open source involves unpredictable releases of security fixes.
    Now, getting back to the discussion in this thread: as much as we try to prevent vulnerabilities during development, as is the case with all large software products, some make their way into released code. As vulnerabilities are discovered, Oracle fixes them in order of severity and release fixes for them through the Critical Patch Update.
    An attacker could attempt to exploit the unpatched vulnerabilities through OCI or other protocols providing access to the database (This is not specific to OCI). Oracle’s recommendation is therefore to remain current on the Critical Patch Update (the last one was issued on July 17, 2007). Keep in mind that the CPU is cumulative for the database, and applying the most recent CPU will bring you at current security patch level, and this will significantly contribute to improving your organization’s security posture.
    Do not hesitate to contact me if you have questions at [email protected]
    Sincerely
    Eric Maurice
    Manager – Oracle Software Security Assurance

  • Multiple Vulnerabilities in Research in Motion Blackberry - Desktop

     ALCON,
    I am receiving the following Retina Vulnerability, but I don't have any blackberry software installed on any of these systems. These systems have never touched a blackberry, they are all Windows Server 2003 SP2. Anyone else have this false positive appear and know how to resolve it. My report looks like garbage with this nonsense.
    any help is greatly appreciated.
    Description: Multiple vulnerabilities exists within the Blackberry Enterprise Server Router, Blackberry Handheld Browser, and the Blackberry Enterprise Server Attachment Service. These vulnerabilities may allow for an attacker to send specially crafted attachments or files in order to cause a denial of service, cause a heap overflow, or to execute arbitrary code. Please check to make sure your Blackberry Handheld is not vulnerable
    How To Fix: Upgrade to the latest version of the Blackberry product and apply the vendor supplied hotfix. In the case that the issue has no software fix yet, apply the vendor provided workaround.
    Related Links: 392920 (http://www.kb.cert.org/vuls/id/392920) 570768 (http://www.kb.cert.org/vuls/id/570768) 646976 (http://www.kb.cert.org/vuls/id/646976) 829400 (http://www.kb.cert.org/vuls/id/829400) Blackberry - KB-04755 (http://www.blackberry.com/knowledgecenterpublic/livelink.exe/fetch/2000/8021/7925/8142/?nodeid=11677...) Blackberry - KB-04756 (http://www.blackberry.com/knowledgecenterpublic/livelink.exe/fetch/2000/8021/728075/728850/728215/?n...) Blackberry - KB-04757 (http://www.blackberry.com/knowledgecenterpublic/livelink.exe/fetch/2000/8021/728075/728850/728215/?n...) Blackberry - KB-04758 (http://www.blackberry.com/knowledgecenterpublic/livelink.exe/fetch/2000/8021/728075/728850/728215/?n...)
    CVE: CVE-2005-2341 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2341) - Heap-based buffer overflow in Research in Motion (RIM) BlackBerry Attachment Service allows remote attackers to cause a denial of service. CVE-2005-2342 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2342) - Research in Motion (RIM) BlackBerry Router allows remote attackers to cause a denial of service. CVE-2005-2343 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2343) - Research in Motion (RIM) BlackBerry Handheld web browser for BlackBerry Handheld before 4.0.2 allows remote attackers to cause a denial of service. CVE-2005-2344 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2344) - The BlackBerry Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) 4.0 to version 4.0 Service Pack 2 allows attackers to cause a denial of service. CCE:
    IAV: 2006-T-0001 (https://www.jtfgno.mil/bulletins/dodcert2006/2006-t-0001.htm) - Multiple Vulnerabilities in Research In Motion (RIM) Blackberry - NAVCIRT: 2006-T-0001
    BugtraqID: 16098 (http://www.securityfocus.com/bid/16098) - Research In Motion Blackberry Enterprise Server is prone to denial of service attacks. 16099 (http://www.securityfocus.com/bid/16099) - Blackberry Handheld devices are prone to a denial of service attack. 16100 (http://www.securityfocus.com/bid/16100) - The Blackberry Enterprise Server Router component is prone to a denial of service vulnerability.

    Who's sending you these emails and why? It sounds like a Windows apologist with an inferiority complex trying to make OS X look bad. The facts are that there are no viruses or malware in the wild at this time actively compromising OS X users. Discovered flaws and vulnerabilities do not immediately translate into active malware on OS X like they do on Windows. Apple releases security updates on a regular basis. The recent OS X 10.4.9 update, for example, provided fixes for some 45 known security issues. OS X is by no means a perfect piece of code but you are infinitely safer on the internet using OS X than you are using any version of Windows, including the new Vista.
    As to who makes these notices there are security researchers and companies whose job it is to find and report security flaws in any operating system or application they choose to inspect. They provide a valuable service to companies like Apple and Microsoft in helping them close holes in their software.
    CVE stands for "Common Vulnerabilities and Exposures" and is a standardized way of cataloging security issues. CVE is supported by CERT (Computer Emergency Response Team) which in turn is supported by the Federal Government and the Department of Homeland Security.
    Here is the web site link...
    http://cve.mitre.org/about/
    The best response when you get one of these emails is to do nothing. Instead, keep your system current and up-to-date with all security updates and OS X updates released by Apple. And above all, don't worry.
    Dual 2.5GHz G5 Power Macintosh   Mac OS X (10.4.9)  

  • Vulnerabilities noted in Security Audit

    Hi all,
    I am running the following
    ASA 5510
    Cisco Adaptive Security Appliance Software Version 8.4(5)
    Device Manager Version 7.1(3)
    We were recently audited by an outside firm and was givena couple vulnerabilities they saw which were:
    1. Web Page with Auto-Complete Enabled - VPN
    2. Cross Site Frame Scripting (XFS) Attack Possible -VPN
    Would like to find out if I can disable Item 1 ( haven't been able to find so far)  and what software do I need if any for Item 2.
    Any and all help is greatly appreciated.
    I am fairly new to ASA's and have inherited the environment.
    Thanks in advance.
    Chuck

    Hi Linda,
    Did you see the event 560?
    Can you tell us the detailed information about this event? If the event is like the following figure shows, that means the user Administrator deleted the file setuperr.log.
    Regards,
    Lany Zhang

  • Cisco ASA IOS vulnerabilities

    Hi All ,
    Is there any document or a tool to know the vulnerabilities in the
    a specific asa version with a specific release?or any site can help
    to search on it with a specific version.my version is 8.2(2)17

    jkickli wrote:Ahmed, curious if you ever figured this out? I clicked on the links above but as you stated earlier, these only list the most recent advisories and do not specifically tell you all of the vulnerabilities are by version. Obviously they have this available for IOS versions but can't seem to find it for ASA/Pix. Did you ever find it?
    Cisco Security Advisories and Responses or
    Security Intelligence Operations

  • Security vulnerabilities in apache that comes with oracle database.

    Hi,
    We are having a QA database in Oracle enterprise version 9.2.0.4 on OS : OSF1.
    Recently our security team ran a test and found that the apache1.3 that comes as component of Oracle database is prone to security vulnerabilities. Also they suggested to remove the apache or upgrade to latest as remedy.
    When contacted to Oracle support, Oracle team replied apache upgrade should not be done instead latest apache seprately can be installed as reverse proxy. But when asked for steps/document there is no reply. Anyone faced this problem can provide any help/suggestion in this regard.
    I am attaching some of the threads identified by our Security Team for reference.
    1. Apache 1.3 HTTP Server Expect Header Cross-Site Scripting XXXX and YYYYYY ports 7782, 4889, 3339.
    2. Apache HTTP Server 413 Error HTTP Request Method Cross-Site Scripting Weakness
    3. Keep-Alive: timeout=15, max=100
    Connection: Keep-Alive
    Transfer-Encoding: chunked
    Content-Type: text/html; charset=iso-8859-1
    <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
    <HTML><HEAD>
    <TITLE>417 Expectation Failed</TITLE>
    </HEAD><BODY>
    <H1>Expectation Failed</H1>
    The expectation given in the Expect request-header
    field could not be met by this server.<P>
    The client sent<PRE>
    Expect: <script>alert(document.domain)</script>
    </PRE>
    but we only allow the 100-continue expectation.
    -CR

    I dont know how to find which components are using the apache. Help me if there is any way to find it. Only information i can say you is there is no other software installed that in that server other than oracle Database.

Maybe you are looking for