Web search

Custom Search

Tuesday, 10 November 2009

VMware Security Advisory: VMSA-2009-0015

VMware released security advisory VMSA-2009-0015 today, announcing patches that resolve two security issues with some versions of VMware Workstation, Player, ACE, Server, Fusion, ESXi and ESX products. For details, see:

http://lists.vmware.com/pipermail/security-announce/2009/000069.html


More information:

http://www.hkcert.org/english/salert/2009/home.html?s091020_vmware_dhcpjre_codeexec_vulns.html
http://www.hkcert.org/english/salert/2009/home.html?s091020_vmware_esx_codeexec_vulns.html

http://secunia.com/advisories/37055
http://secunia.com/advisories/37081

Posted by Lofan at 17:43 0 comments
Labels: ,

Apple Security Update 2009-006 for Mac OS X v10.6.2

Apple has released Security Update 2009-006 / Mac OS X v10.6.2. Due to multiple errors, an attacker could execute arbitrary code, cause an unexpected system termination, bypass security restrictions, obtain elevated privileges, cause an unexpected application termination, cause a Denial of Service, disclose sensitive information and conduct cross-site scripting, man-in-the-middle or HTTP response splitting attacks upon successful exploitation.

The entire list of updates is available here. These updates may be obtained from Apple's Software Download web site here.
Posted by Lofan at 16:54 0 comments
Labels: ,

VLC media player 1.0.x

When parsing a MP4, ASF or AVI file with an overly deep box structure, a stack overflow might occur. It would overwrite the return address and thus redirect the execution flow.It was affected from version 1.0.1 to 0.5.

So, upgrade to VLC media player 1.0.3 (it also support for Windows 7)

more information:
http://www.videolan.org/security/sa0901.html
Posted by Lofan at 16:29 0 comments
Labels:

IBM AIX PowerHA Cluster Management unauthorized access

IBM AIX could allow a remote attacker to gain unauthorized access, caused by an unspecified error in the PowerHA Cluster Management component related to the godm service. By sending a specially-crafted request to TCP port 6177, a remote attacker could exploit this vulnerability to make arbitrary changes to the AIX configuration.

More information:
  • IBM SECURITY ADVISORY: PowerHA Cluster Management port vulnerability.
  • BID-36931: IBM PowerHA Cluster Management Unauthorized Access Vulnerability
  • CVE-2009-3900: Unspecified vulnerability in the Cluster Management component in IBM PowerHA 5.4, 5.4.1, 5.5, and 6.1 on AIX allows remote attackers to modify the operating-system configuration via packets to the godm port (6177/tcp).
  • SA37267: IBM AIX PowerHA Cluster Management Data Manipulation
  • VUPEN/ADV-2009-3153: IBM AIX PowerHA Cluster Management Config Manipulation Vulnerability
Posted by Lofan at 14:53 0 comments
Labels: , ,

Firefox 3.5.5

Everything changed so rapid.
Firefox cames to 3.5.5
Posted by Lofan at 14:47 0 comments
Labels: ,

iphone worm


First iPhone worm discovered - ikee changes wallpaper to Rick Astley photo

Posted by Lofan at 14:19 0 comments
Labels: ,

Friday, 6 November 2009

Vulnerabilities in Adobe Shockwave Player

Multiple vulnerabilities have been identified in Adobe Shockwave Player, which could be exploited by remote attackers to compromise a vulnerable system.

  1. An invalid index when handling certain Shockwave content, which could be exploited to execute arbitrary code via a specially crafted web page.
  2. An invalid pointer when processing certain Shockwave content, which could be exploited to execute arbitrary code by tricking a user into visiting a specially crafted web page.
  3. An invalid pointer when handling certain Shockwave content, which could be exploited to execute arbitrary code by tricking a user into visiting a specially crafted web page.
  4. A memory corruption related to string processing, which could be exploited to execute arbitrary code by tricking a user into visiting a specially crafted web page.


Impact

  • Remote Code Execution
  • Denial of Service

Vulnerable System

  • Shockwave Player 11.5.1.601 and earlier versions

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Related Link

Source

Vulnerability Identifier

Posted by Lofan at 17:01 0 comments
Labels: ,

Blackberry Desktop Manager 5.0.1

There is a vulnerability for Blackberry Desktop Manager version 5.0 and earlier (on all platforms) allowed remote exploits

Solution:
Update to version 5.0.1

More information:

CVE-2009-0306

KB19701

Posted by Lofan at 09:06 0 comments
Labels: ,

Thursday, 29 October 2009

Firefox 3.5.4

every month got a minor release firefox 3.5.4
Posted by Lofan at 17:35 0 comments
Labels:

PhoneSnoop turns BlackBerry into remote bugging device


A free software program released Thursday turns everyday BlackBerry smartphones into remote bugging devices.



Dubbed PhoneSnoop by creator Sheran Gunasekera, the software sits quietly on a targeted BlackBerry and monitors the phone number of each incoming call. When it detects a number set up in the program's preferences section, it silently turns on the speakerphone, allowing an attacker to monitor all conversations within earshot of the device.

The software was developed by Legal Interception company SS8[2] and was rolled out to subscribers of the UAE Telecommunications operator, Etisalat as an update. Subscribers who had installed the software noticed increased power consumption on their handhelds and battery drainage that rendered handhelds usable for shorter periods of time than normal

Although programs such as FlexiSPY have long claimed to do much the same thing, Gunasekera said he believes PhoneSnoop is the first software to bring those capabilities to the BlackBerry free of charge.

More info:
http://chirashi.zensay.com/2009/10/remote-listening-for-the-blackberry/
Posted by Lofan at 09:20 0 comments
Labels:

Wednesday, 14 October 2009

MS October 2009 security issues

Parties of hotfix is the October 2009.

This month, MS published:

http://www.microsoft.com/technet/security/Bulletin/MS09-oct.mspx


Summary:

Microsoft has released 13 security bulletins listed below fixing a
number of vulnerabilities which affect various versions of Microsoft
products or components:

MS09-050 Vulnerabilities in SMBv2 Could Allow Remote Code Execution
MS09-051 Vulnerabilities in Windows Media Runtime Could Allow Remote Code
Execution
MS09-052 Vulnerability in Windows Media Player Could Allow Remote Code
Execution
MS09-053 Vulnerabilities in FTP Service for Internet Information Services
Could Allow Remote Code Execution
MS09-054 Cumulative Security Update for Internet Explorer
MS09-055 Cumulative Security Update of ActiveX Kill Bits
MS09-056 Vulnerabilities in Windows CryptoAPI Could Allow Spoofing
MS09-057 Vulnerability in Indexing Service Could Allow Remote Code
Execution
MS09-058 Vulnerabilities in Windows Kernel Could Allow Elevation of
Privilege
MS09-059 Vulnerability in Local Security Authority Subsystem Service Could
Allow Denial of Service
MS09-060 Vulnerabilities in Microsoft Active Template Library (ATL) ActiveX
Controls for Microsoft Office Could Allow Remote Code Execution
MS09-061 Vulnerabilities in the Microsoft .NET Common Language Runtime
Could Allow Remote Code Execution
MS09-062 Vulnerabilities in GDI+ Could Allow Remote Code Execution

To successfully exploit the vulnerabilities, a remote attacker could entice
a targeted user to open specially crafted media files, streaming content,
image files, web pages, .NET application or to load a specially crafted
ActiveX component. The attacker could also send specially crafted SMB
packet to an affected system or present a specially crafted certificate.

Microsoft October 2009 Black Tuesday Overview

More information about the vulnerabilities is available at:

More information about the vulnerabilities is available at:
http://www.microsoft.com/technet/security/Bulletin/MS09-050.mspx
http://www.microsoft.com/technet/security/Bulletin/MS09-051.mspx
http://www.microsoft.com/technet/security/Bulletin/MS09-052.mspx
http://www.microsoft.com/technet/security/Bulletin/MS09-053.mspx
http://www.microsoft.com/technet/security/Bulletin/MS09-054.mspx
http://www.microsoft.com/technet/security/Bulletin/MS09-055.mspx
http://www.microsoft.com/technet/security/Bulletin/MS09-056.mspx
http://www.microsoft.com/technet/security/Bulletin/MS09-057.mspx
http://www.microsoft.com/technet/security/Bulletin/MS09-058.mspx
http://www.microsoft.com/technet/security/Bulletin/MS09-059.mspx
http://www.microsoft.com/technet/security/Bulletin/MS09-060.mspx
http://www.microsoft.com/technet/security/Bulletin/MS09-061.mspx
http://www.microsoft.com/technet/security/Bulletin/MS09-062.mspx
http://www.us-cert.gov/cas/techalerts/TA09-286A.html
http://secunia.com/advisories/36938/http://secunia.com/advisories/36944/
http://secunia.com/advisories/36979/http://secunia.com/advisories/36997/
http://secunia.com/advisories/36999/http://secunia.com/advisories/37000/
http://secunia.com/advisories/37001/http://secunia.com/advisories/37002/
http://secunia.com/advisories/37005/http://secunia.com/advisories/37006/
http://secunia.com/advisories/37007/http://secunia.com/advisories/37008/
http://www.vupen.com/english/advisories/2009/2886
http://www.vupen.com/english/advisories/2009/2887
http://www.vupen.com/english/advisories/2009/2888
http://www.vupen.com/english/advisories/2009/2889
http://www.vupen.com/english/advisories/2009/2890
http://www.vupen.com/english/advisories/2009/2891
http://www.vupen.com/english/advisories/2009/2892

http://www.vupen.com/english/advisories/2009/2893
http://www.vupen.com/english/advisories/2009/2894
http://www.vupen.com/english/advisories/2009/2895
http://www.vupen.com/english/advisories/2009/2896
http://www.vupen.com/english/advisories/2009/2897
http://xforce.iss.net/xforce/xfdb/48293http://xforce.iss.net/xforce/xfdb/48294http://xforce.iss.net/xforce/xfdb/52780http://xforce.iss.net/xforce/xfdb/53511http://xforce.iss.net/xforce/xfdb/53514http://xforce.iss.net/xforce/xfdb/53525http://xforce.iss.net/xforce/xfdb/53526http://xforce.iss.net/xforce/xfdb/53527http://xforce.iss.net/xforce/xfdb/53528http://xforce.iss.net/xforce/xfdb/53529http://xforce.iss.net/xforce/xfdb/53530http://xforce.iss.net/xforce/xfdb/53532http://xforce.iss.net/xforce/xfdb/53535http://xforce.iss.net/xforce/xfdb/53538http://xforce.iss.net/xforce/xfdb/53539http://xforce.iss.net/xforce/xfdb/53540http://xforce.iss.net/xforce/xfdb/53542http://xforce.iss.net/xforce/xfdb/53545http://xforce.iss.net/xforce/xfdb/53546http://xforce.iss.net/xforce/xfdb/53547http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=828http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=829


http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0090
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0091
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0555
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0901
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1547http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2493http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2495http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2497http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2500http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2501http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2502http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2503http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2504http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2507http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2510http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2511http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2515http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2516http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2517http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2518http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2521
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2524
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2525
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2526
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2527
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2528
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2529
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2530
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2531
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2532
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3023
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3103
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3126
Posted by Lofan at 17:34 0 comments
Labels:

Adobe Reader and Acrobat - Black Tuesday continues

After updated to 9.1.3 yesterday, the story continues.

http://www.adobe.com/support/security/bulletins/apsb09-15.html
Posted by Lofan at 17:33 0 comments
Labels:

Tuesday, 13 October 2009

Adobe 9.1.3

Successful exploitation could allow a remote attacker to execute arbitrary
code on an affected system.

http://www.adobe.com/support/security/bulletins/apsb09-15.html
http://blogs.adobe.com/psirt/2009/10/adobe_reader_and_acrobat_issue_1.html
http://xforce.iss.net/xforce/xfdb/53691
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3459
Posted by Lofan at 12:21 0 comments
Labels:

Tuesday, 22 September 2009

MS September 2009 security issues

http://www.microsoft.com/technet/security/Bulletin/MS09-045.mspx
http://www.microsoft.com/technet/security/bulletin/MS09-046.mspx
http://www.microsoft.com/technet/security/bulletin/MS09-047.mspx
http://www.microsoft.com/technet/security/Bulletin/MS09-048.mspx
http://www.microsoft.com/technet/security/bulletin/MS09-049.mspx
http://www.microsoft.com/technet/security/advisory/975497.mspx

http://www.us-cert.gov/cas/techalerts/TA09-251A.html


http://xforce.iss.net/xforce/xfdb/51468
http://xforce.iss.net/xforce/xfdb/52102
http://xforce.iss.net/xforce/xfdb/52126
http://xforce.iss.net/xforce/xfdb/52127
http://xforce.iss.net/xforce/xfdb/52770
Posted by Lofan at 13:51 0 comments
Labels:

MS August 2009 security issues

http://www.microsoft.com/technet/security/Bulletin/MS09-036.mspx
http://www.microsoft.com/technet/security/Bulletin/MS09-037.mspx
http://www.microsoft.com/technet/security/Bulletin/MS09-038.mspx
http://www.microsoft.com/technet/security/Bulletin/MS09-039.mspx
http://www.microsoft.com/technet/security/Bulletin/MS09-040.mspx
http://www.microsoft.com/technet/security/Bulletin/MS09-041.mspx
http://www.microsoft.com/technet/security/Bulletin/MS09-042.mspx
http://www.microsoft.com/technet/security/Bulletin/MS09-043.mspx
http://www.microsoft.com/technet/security/Bulletin/MS09-044.mspx
http://www.us-cert.gov/cas/techalerts/TA09-223A.html
http://secunia.com/advisories/36127/
http://secunia.com/advisories/36187/
http://secunia.com/advisories/36206/
http://secunia.com/advisories/36213/
http://secunia.com/advisories/36214/
http://secunia.com/advisories/36220/
http://secunia.com/advisories/36222/
http://secunia.com/advisories/36229/
http://www.vupen.com/english/advisories/2009/2231
http://www.vupen.com/english/advisories/2009/2232
http://www.vupen.com/english/advisories/2009/2233
http://www.vupen.com/english/advisories/2009/2234
http://www.vupen.com/english/advisories/2009/2235
http://www.vupen.com/english/advisories/2009/2236
http://www.vupen.com/english/advisories/2009/2237
http://www.vupen.com/english/advisories/2009/2238
http://xforce.iss.net/xforce/xfdb/51451
http://xforce.iss.net/xforce/xfdb/51454
http://xforce.iss.net/xforce/xfdb/52087
http://xforce.iss.net/xforce/xfdb/52092
http://xforce.iss.net/xforce/xfdb/52095
http://xforce.iss.net/xforce/xfdb/52096
http://xforce.iss.net/xforce/xfdb/52105
http://xforce.iss.net/xforce/xfdb/52106
http://xforce.iss.net/xforce/xfdb/52109
http://xforce.iss.net/xforce/xfdb/52110
http://xforce.iss.net/xforce/xfdb/52113
http://xforce.iss.net/xforce/xfdb/52115
http://xforce.iss.net/xforce/xfdb/52116
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0015
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0020
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0562
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0901
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1133
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1136
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1534
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1536
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1544
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1545
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1546
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1922
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1923
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1924
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1929
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1930
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2493
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2494
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2496
Posted by Lofan at 13:50 0 comments
Labels:

Monday, 21 September 2009

Bing visual search

Bing recently provided visual search for new experience on searching.

It required the Silverlight, can be run on firefox or IE.

http://www.microsoft.com/silverlight/
Posted by Lofan at 15:45 0 comments
Subscribe to: Posts (Atom)

uchrin

technorati