IBM DB2 and Kerio MailServer DoS

Posted on February 19, 2008 by Nathan Grandbois

Some vulnerabilities have been reported in IBM/DB2. While one of the vulnerabilities is unspecified, the other is a result of an unspecified error during a CONNECT/ATTACH process, that can cause a denial of service. Administrators of DB2 systems should apply Fixpak 4a.
Kerio MailServer 6.x (prior to 6.5) contains multiple vulnerabilities. These vulnerabilities could cause a buffer overflow, leading to system compromise, or a denial of service. Kerio has made a newer version available at http://www.kerio.com/kms_download.html

Mozilla Vulnerabilities

Posted on February 18, 2008 by Nathan Grandbois

Mozilla Firefox, Thunderbird, and SeaMonkey contain multiple vulnerabilities. These vulnerabilities could allow attackers to execute code remotely, cause a DoS, access sensitive information, and in general control your browsing. The vulnerabilities are in version 2.0.0.11 and prior. Thunderbird 2.0.0.9 and SeaMonkey 1.1.7 are vulnerable to many of the same issues. Mozilla has made upgrade available.

IBM Domino Web Exploit

Posted on February 14, 2008 by Adam Hostetler

An exploit has been released to the public for a recent Domino Web Access vulnerability. If you haven’t updated Domino yet, it’d be a good time to do it. The original notification for this vulnerability was released in December. It can be found at http://www-1.ibm.com/support/docview.wss?uid=swg21279071

Microsoft Windows Updates

Posted on February 13, 2008 by Adam Hostetler

Microsoft has released their updates for the February patch cycle. There are quite a few updates that should be tested and applied ASAP. One of these is MS08-010, IE security update, for which there is already an exploit circulating in the wild. There are also several other critical updates that need to be applied.

A reminder, as another popular holiday is coming up. Watch for “Valentines Cards” in your emails, especially if you don’t know who they’re from. Even if you do know who they’re from, use caution, and don’t run any untrusted executables or visit untrusted sites.

ClamAV Vulnerabilities

Posted on February 12, 2008 by wstoner

Versions of ClamAV earlier than 0.92.1 contain vulnerabilities that can allow attackers to perform denial of service conditions or potentially compromise an affected system. We advise that you update any installations of this software.

OS X Update

Posted on February 12, 2008 by wstoner

Apple has released an update to OS X 10.5. The update addresses a broad spectrum of issues which could allow for a range of compromises ranging from Denial of Service to illicit remote access to the execution of arbitrary code. Some of the specifically identified vulnerabilities include problems with URL handling in Mail and the Safari browser, a buffer overflow in Samba and unspecified problems in NFS. For full details please see Apple’s original advisory at:http://docs.info.apple.com/article.html?artnum=307430

Linux Local Kernel Exploit

Posted on February 11, 2008 by Adam Hostetler

Two proof of concept kernel exploits have been released into the wild that exploit a newly discovered vulnerability. Kernel versions 2.6.17 to 2.6.24.1 are affected. The vulnerability is found within the vmsplice function call. This exploit effectively gives local root access on a wide range of Linux distributions.
Kernel version 2.6.24.2 fixes the issue. It’s recommended to disable all shell access until your kernel is updated, either by building from sources, or waiting for your Linux distribution to release an update.

Apache Tomcat; Firefox, Thunderbird Info Leak

Posted on February 11, 2008 by Nathan Grandbois

Some vulnerabilities in Apache Tomcat have been discovered. These vulnerabilities could allow for the manipulation of an SSL session or the disclosure of session ID’s. Administrators running Tomcat should update to version 5.5.26 or 6.0.16.
Multiple vulnerabilities in Firefox, Thunderbird, and Seamonkey have been reported. These vulnerabilities could result in memory corruption, information exposure, directory traversal, and potentially other issues. A proof of concept exists for Firefox 2.0.0.12. Users should update their Mozilla software to the latest version, and keep an eye out for any additional updates to this issue.

Adobe Reader, Acrobat Vulnerabilities

Posted on February 8, 2008 by Adam Hostetler

Vulnerabilities have been reported within Adobe Reader and Acrobat. Some of the vulnerabilities could allow an attacker to compromise the user’s system. Other vulnerabilities have an unknown risk. Adobe is currently working on an update. It is recommended that all users of Adobe Reader to upgrade to version 8.1.2.

Symantec Backup Exec Vulnerability

Posted on February 7, 2008 by wstoner

Backup Exec System Recovery Manager version 7.0 and 7.0.1 have been found to be vulnerable to a flaw that allows attackers to upload files without authentication. This can lead to the execution of arbitrary code. The attack vector is a specially crafted HTTP post. Symantec has released an advisory and update at: http://www.symantec.com/avcenter/security/Content/2008.02.04.html

MSI :: State of Security

Insight from the Information Security Experts