Re: Pro Chat Rooms v8.2.0 - Multiple Vulnerabilities
Date: 12 Aug 2014 A software update for the Text Chat Room Audio/Video Chat Room (v8.2.0) is now available to download in the Pro Chat Rooms customer area that addresses this security issue. We would like to express our thanks to Mike Manzotti @ Dionach Ltd who assisted us with this update.
NEW VMSA-2014-0008 VMware vSphere product updates to third party libraries
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - VMware Security Advisory Advisory ID: VMSA-2014-0008 Synopsis:VMware vSphere product updates to third party libraries Issue date: 2014-09-09 Updated on: 2014-09-09 (Initial Advisory) CVE numbers: --- Struts --- CVE-2014-0114 --- tc-server --- CVE-2013-4590, CVE-2013-4322, and CVE-2014-0050 --- glibc --- CVE-2013-0242 and CVE-2013-1914 --- JRE --- See references - 1. Summary VMware has updated vSphere third party libraries 2. Relevant releases VMware vCenter Server 5.5 prior to Update 2 VMware vCenter Update Manager 5.5 prior to Update 2 VMware ESXi 5.5 without patch ESXi550-201409101-SG 3. Problem Description a. vCenter Server Apache Struts Update The Apache Struts library is updated to address a security issue. This issue may lead to remote code execution after authentication. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2014-0114 to this issue. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware ProductRunning Replace with/ ProductVersiononApply Patch = ====== = vCenter Server 5.5 any 5.5 Update 2 vCenter Server 5.1 any Patch Pending vCenter Server 5.0 any Patch Pending b. vCenter Server tc-server 2.9.5 / Apache Tomcat 7.0.52 updates tc-server has been updated to version 2.9.5 to address multiple security issues. This version of tc-server includes Apache Tomcat 7.0.52. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifiers CVE-2013-4590, CVE-2013-4322, and CVE-2014-0050 to these issues. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware ProductRunningReplace with/ ProductVersionon Apply Patch = ======= vCenter Server 5.5 any5.5 Update 2 vCenter Server 5.1 anyPatch Pending vCenter Server 5.0 anyPatch Pending c. Update to ESXi glibc package glibc is updated to address multiple security issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifiers CVE-2013-0242 and CVE-2013-1914 to these issues. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware ProductRunning Replace with/ ProductVersionon Apply Patch = ====== = ESXi 5.5 any ESXi550-201409101-SG ESXi 5.1 any Patch Pending ESXi 5.0 any Patch Pending d. vCenter and Update Manager, Oracle JRE 1.7 Update 55 Oracle has documented the CVE identifiers that are addressed in JRE 1.7.0 update 55 in the Oracle Java SE Critical Patch Update Advisory of April 2014. The References section provides a link to this advisory. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware ProductRunning Replace with/ ProductVersionon Apply Patch = ====== = vCenter Server 5.5 any 5.5 Update 2 vCenter Server 5.1 any not applicable * vCenter Server 5.0 any not applicable * vCenter Update Manager 5.5 any 5.5 Update 2 vCenter Update Manager 5.1 any not applicable * vCenter Update Manager 5.0 any not applicable * * this product uses the Oracle JRE 1.6.0 family * 4. Solution Please review the patch/release notes for your product and version and verify the checksum of your downloaded file. vCenter Server and Update Manager 5.5u2 --- Downloads and Documentation: https://www.vmware.com/go/download-vsphere ESXi 5.5 Download: https://www.vmware.com/patchmgr/findPatch.portal 5. References
[security bulletin] HPSBMU03075 rev.1 - HP Network Node Manager I (NNMi) for Windows and Linux, Remote Execution of Arbitrary Code
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04378450 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04378450 Version: 1 HPSBMU03075 rev.1 - HP Network Node Manager I (NNMi) for Windows and Linux, Remote Execution of Arbitrary Code NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Date: 2014-09-09 Last Updated: 2014-09-09 Potential Security Impact: Remote execution of arbitrary code Source: Hewlett-Packard Company, HP Software Security Response Team VULNERABILITY SUMMARY A potential security vulnerability has been identified with HP Network Node Manager I (NNMi) on Windows and Linux. This vulnerability could be exploited remotely to allow arbitrary code execution. References: CVE-2014-2624 (ZDI-CAN-2264, SSRT101519) SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP Network Node Manager I (NNMi) v9.0X, v9.1X and v9.2X for Windows and Linux. BACKGROUND CVSS 2.0 Base Metrics === Reference Base Vector Base Score CVE-2014-2624(AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 === Information on CVSS is documented in HP Customer Notice: HPSN-2008-002 The Hewlett-Packard Company thanks d(-_-)b for working with TippingPoint.s Zero Day Initiative for reporting this vulnerability to security-al...@hp.com. RESOLUTION HP has made the following Knowledge document information available to resolve the vulnerability with HP NNMi. http://support.openview.hp.com/selfsolve/document/KM01138724 Customers can also contact HP Support to request a copy of this document. HISTORY Version:1 (rev.1) - 9 September 2014 Initial release Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-al...@hp.com. Report: To report a potential security vulnerability with any HP supported product, send Email to: security-al...@hp.com Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/ Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB. 3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX Copyright 2014 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided as is without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.13 (GNU/Linux) iEYEARECAAYFAlQPgn4ACgkQ4B86/C0qfVmELACg7s274gotY7HFltOk0z6SpxnE 39kAoLE2k6l+wIFOI7u1P0iQolGxq7TC =W6jA -END PGP SIGNATURE-
[slackware-security] seamonkey (SSA:2014-252-01)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [slackware-security] seamonkey (SSA:2014-252-01) New seamonkey packages are available for Slackware 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: +--+ patches/packages/seamonkey-2.29-i486-1_slack14.1.txz: Upgraded. This update contains security fixes and improvements. (* Security fix *) patches/packages/seamonkey-solibs-2.29-i486-1_slack14.1.txz: Upgraded. +--+ Where to find the new packages: +-+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the Get Slack section on http://slackware.com for additional mirror sites near you. Updated packages for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/seamonkey-2.29-i486-1_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/seamonkey-solibs-2.29-i486-1_slack14.0.txz Updated packages for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/seamonkey-2.29-x86_64-1_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/seamonkey-solibs-2.29-x86_64-1_slack14.0.txz Updated packages for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/seamonkey-2.29-i486-1_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/seamonkey-solibs-2.29-i486-1_slack14.1.txz Updated packages for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/seamonkey-2.29-x86_64-1_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/seamonkey-solibs-2.29-x86_64-1_slack14.1.txz Updated packages for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/seamonkey-solibs-2.29-i486-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/xap/seamonkey-2.29-i486-1.txz Updated packages for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/seamonkey-solibs-2.29-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/xap/seamonkey-2.29-x86_64-1.txz MD5 signatures: +-+ Slackware 14.0 packages: d95e4cf4325bfb36895104204606fc97 seamonkey-2.29-i486-1_slack14.0.txz 82049cdc974a88c2721f28a7f15e6659 seamonkey-solibs-2.29-i486-1_slack14.0.txz Slackware x86_64 14.0 packages: a9b01d9a186dd41e67a8d9bbfc095f74 seamonkey-2.29-x86_64-1_slack14.0.txz bd31669f671ca7d9e5b10fc895c34bab seamonkey-solibs-2.29-x86_64-1_slack14.0.txz Slackware 14.1 packages: eba0eb3f821a125809f191b5c714f577 seamonkey-2.29-i486-1_slack14.1.txz 0f7245b4218eb436801d4384e7086e88 seamonkey-solibs-2.29-i486-1_slack14.1.txz Slackware x86_64 14.1 packages: bbc8565d4199bf8b463f7ce5cdd36355 seamonkey-2.29-x86_64-1_slack14.1.txz 536de631405f5beeb635a91c680c556a seamonkey-solibs-2.29-x86_64-1_slack14.1.txz Slackware -current packages: ebdedf155f6f15d5bc42580de1044512 l/seamonkey-solibs-2.29-i486-1.txz bd20b1602f2620ff75961fb36bdea8f0 xap/seamonkey-2.29-i486-1.txz Slackware x86_64 -current packages: 8b8892fa6294bbb76505fd55f74868c1 l/seamonkey-solibs-2.29-x86_64-1.txz 783c89c6d45a08a7d472f1a2a8510dfc xap/seamonkey-2.29-x86_64-1.txz Installation instructions: ++ Upgrade the packages as root: # upgradepkg seamonkey-2.29-i486-1_slack14.1.txz seamonkey-solibs-2.29-i486-1_slack14.1.txz +-+ Slackware Linux Security Team http://slackware.com/gpg-key secur...@slackware.com ++ | To leave the slackware-security mailing list: | ++ | Send an email to majord...@slackware.com with this text in the body of | | the email message: | || | unsubscribe slackware-security | || | You will get a confirmation message back containing instructions to| | complete the process. Please do not reply to this email address. | ++ -BEGIN PGP SIGNATURE- Version: GnuPG v1 iEYEARECAAYFAlQPT+sACgkQakRjwEAQIjO0QgCfUwuL7lG4i75tJnuEIPl5zaxz RA8An0mieJ/6Hv6Vqhj42n6cQrSza8xr =/rlL -END PGP SIGNATURE-
[SECURITY] CVE-2013-4444 Remote Code Execution in Apache Tomcat
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 CVE-2013- Remote Code Execution Severity: Important Vendor: The Apache Software Foundation Versions Affected: - - Apache Tomcat 7.0.0 to 7.0.39 Description: In very limited circumstances, it was possible for an attacker to upload a malicious JSP to a Tomcat server and then trigger the execution of that JSP. While Remote Code Execution would normally be viewed as a critical vulnerability, the circumstances under which this is possible are, in the view of the Tomcat security team, sufficiently limited that this vulnerability is viewed as important. For this attack to succeed all of the following requirements must be met: a) Using Oracle Java 1.7.0 update 25 or earlier (or any other Java implementation where java.io.File is vulnerable to null byte injection). b) A web application must be deployed to a vulnerable version of Tomcat (see previous section). c) The web application must use the Servlet 3.0 File Upload feature. d) A file location within a deployed web application must be writeable by the user the Tomcat process is running as. The Tomcat security documentation recommends against this. e) A custom listener for JMX connections (e.g. the JmxRemoteListener that is not enabled by default) must be configured and be able to load classes from Tomcat's common class loader (i.e. the custom JMX listener must be placed in Tomcat's lib directory) f) The custom JMX listener must be bound to an address other than localhost for a remote attack (it is bound to localhost by default). If the custom JMX listener is bound to localhost, a local attack will still be possible. Note that requirements b) and c) may be replaced with the following requirement: g) A web application is deployed that uses Apache Commons File Upload 1.2.1 or earlier. In this case a similar vulnerability may exist on any Servlet container, not just Apache Tomcat. Mitigation: This vulnerability may be mitigated by using any one of the following mitigations: - - Upgrade to Oracle Java 1.7.0 update 40 or later (or any other Java implementation where java.io.File is not vulnerable to null byte injection). - - Use OS file permissions to prevent the process Tomcat is running as from writing to any location within a deployed application. - - Disable any custom JMX listeners - - Upgrade to Apache Tomcat 7.0.40 or later Credit: This issue was identified by Pierre Ernst of the VMware Security Engineering, Communications Response group (vSECR) and reported to the Tomcat security team via the Pivotal security team. References: [1] http://tomcat.apache.org/security-7.html -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.22 (Darwin) Comment: GPGTools - http://gpgtools.org iQIcBAEBAgAGBQJUEFl4AAoJEBDAHFovYFnnR3cQAL034ZrbUeBcJ4zotNp5+ea2 llNatC3MUlg/vZ2qG8Qo4xxbdS4F53cpu90fFhKm+dFzIiRhZeHROYDv6Lu1biSu Nvq0YXV6KVJ9Js4G6HFilhy3vownvn/hMAjzmPojSYjWO5slXNfFvAlwyRrGt0Cp t5rUh4QNavhgO4m0HXJJLg+PNlSKsnGdra+0gWmq8YKtKotgu24SbPq/p3HP7TuJ nnMjx4A6r2LcoghL/nFAPp2ZwgBCtm67osObJ1uMxYhZ2I/3MztFYpSKvfVONuUK rL265wmrKLvvDdozd/Aw2d2poXdSO/oWeuhKbbzYOxpUT6iRzf+BkPUR99e6Rqso lOfLoAYuzYfK4rW/ooxVNKnHMhs+0BVfNZoclKCDSvz+a9dIVS5XD6KcyJQ3uv12 ujyTGaGhLuS/ciAVS372Dx8H0/mfd5nZCkYL6NDyzSWSmb5eG4XxqrLi77yByvAT ulSAyg1UWk8sRgQ4AY3belH3jDiN1rHSWJAaB+WVwszQdCe4iXgDyB1u4ES22oAN Ymrg5l7tLQ8/9LyMvlQ0tE4f+OYE6kki6e4JMc2cMqPL/rcjiUnLWZ7YUyx92RM1 LRt9QhMd1h3Uwle7a7LxqJCGf/rIPwRmrjTYYWt43np1Adx7y2RuZOTDjEY98sN3 oCLjuSCalVcBX9hGaJ7n =98BB -END PGP SIGNATURE-
[SECURITY] [DSA 3020-1] acpi-support security update
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - - Debian Security Advisory DSA-3020-1 secur...@debian.org http://www.debian.org/security/ Raphael Geissert September 10, 2014 http://www.debian.org/security/faq - - Package: acpi-support CVE ID : CVE-2014-0484 During a review for EDF, Raphael Geissert discovered that the acpi-support package did not properly handle data obtained from a user's environment. This could lead to program malfunction or allow a local user to escalate privileges to the root user due to a programming error. For the stable distribution (wheezy), this problem has been fixed in version 0.140-5+deb7u3. For the testing distribution (jessie), and the unstable distribution (sid) this problem will be fixed soon. We recommend that you upgrade your acpi-support packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-annou...@lists.debian.org -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.22 (GNU/Linux) iEYEARECAAYFAlQQZWQACgkQYy49rUbZzlpFkACfWupzb7EZeBuRcz1yutluO0B2 fnsAn0m5qFnWFf4cD/GcDZWAuLN5bas7 =RTmD -END PGP SIGNATURE-