<< Previous Next >>
August
http://www.cisco.com/warp/public/707/cisco-sr-20070808-mp.shtml
Revision 1.0
============
For Public Release 2007 August 08 1600 UTC (GMT)
Cisco Response
==============
This is the Cisco PSIRT response to an issue discovered and reported
=======
Summary
=======
Name: Permissively-ACLed cvpnd.exe allows interactive users to run
arbitrary binaries with Local System Privileges
Release Date: 16 August 2007
Reference: NGS00503
Discover: Dominic Beecher <dominic@ngssoftware.com>
Vendor: Cisco
Vendor Reference: cisco-sa-20070815-vpnclient
Systems Affected: All versions up to but not including 5.0.01.0600
15 July 2010 Mozilla fix ready.
18 July 2010 Google confirm that Chrome will be fixed by the fix to
NSS on linux, and any fix provided by Microsoft on
Windows. They will therefore not be adding a
work-around to the Chrome code.
4 August 2010 Microsoft confirm the issue will be fixed in a future
service pack, and that the issue is low enough risk
that they are not asking the information to be withheld.
10 August 2010 Patch sent to Nokia for Qt.
27 August 2010 At the time of writing the NSS (Firefox) and Qt
repositories both contain fixes for this issue that
Advisory ID: cisco-sa-20100827-bgp
Revision 1.0
For Public Release 2010 August 27 2200 UTC (GMT)
+---------------------------------------------------------------------
Summary
=======
The latest updates are available here
http://h18013.www1.hp.com/products/servers/management/agents/index.html
HISTORY
Version:0 (rev.0) - 01 August 2005 Initial release
Version:1 (rev.1) - 09 August 2005 Update Affected Versions
Version:2 (rev.2) - 21 September 2005 Resolution for second XSS available
Version:3 (rev.3) - 26 April 2007 Reformatted
Version:4 (rev.4) - 30 August 2010 New URL for updates, added CVSS scores
scrutiny of security auditors by the hundreds may not be an easy task.
Positively and unequivocally identifying a cleverly hidden backdoor may
be extremely difficult as well. But doing both things at DEFCON 0x13
could be a lot of fun!
If you liked to read about exploits of C. Auguste Dupin, the devious
Minister D. or even The n00b Prefect Monsieur G. [*] here's a chance to
role play all of them at DEFCON using your favorite coding and code
auditing techniques.
* Synchronizing e-Security
IMPORTANT DATES
Full Paper Submission Date: August 26, 2011
Extended Abstract (Work in Progress) Submission Date: July 31, 2011
Proposal for Workshops and Tutorials: May 31, 2011
Notification of Workshop and Tutorial Acceptance: June 05, 2011
Proposal for Industrial Presentation: April 30, 2011
Notification of Extended Abstract Acceptance/Rejection: August 15, 2011
-------------------------
- November 10, 2011: Initial release.
XI. DISCLOSURE TIMELINE
-------------------------
August 28, 2011: Vulnerability discovered by Jose Carlos de Arriba.
August 28, 2011: Vendor contacted by email.
August 29: Vendor response asking for details.
September 21, 2011: Security advisory sent to vendor.
November 10, 2011: Security Fix released by vendor.
November 10, 2011: Security advisory released.
} catch (IOException e) {
}
Timeline:
---------
August 6th, Vulnerability discovered
August 9th, Vendor contacted
August 10th, Vendor notified
December 1st, Patched version released
January 2nd, Advisory released
Status: Published
========
TimeLine
========
Discovered: 28 August 2011
Released: 28 August 2011
Approved: 28 August 2011
Reported: 5 September 2011
Fixed: 21 September 2011
Published: 5 January 2012
PR07-31: Unauthenticated SQL Injection, XSS and Username Enumeration on
DPSnet Case Progress
Vulnerabilities Found: 23 May 2007
Vendor Contacted: 10 July 2007, 31 August 2007, 17 September 2007, 12
December 2007
Note: the vendor stopped responding on 31 August 2007
Severity: Critical
PR08-19: XSS on Cisco IOS HTTP Server
Date found: 1st August 2008
Vendor contacted: 1st August 2008
Advisory publicly released: 14th January 2009
Severity: Medium
the authors in time.
Important Dates
Paper submission deadline: July 2, 2010
Paper acceptance or rejection: August 6, 2010
Final paper camera ready copy: August 13, 2010
Conference dates: October 28-29, 2010
Organization
* Submission deadline: February 15, 2010
* CFP and Website for each workshop by March 15-25
* Suggested workshop papers submission deadline: around July 2
* Suggested workshop papers notification: before August 10
* Workshop papers camera ready: August 25 (hard deadline)
======================================================================
Workshop Proposal Submission
the authors in time.
Important Dates
Paper submission deadline: July 2, 2010
Paper acceptance or rejection: August 6, 2010
Final paper camera ready copy: August 13, 2010
Conference dates: October 28-29, 2010
Organization
----------
The following dates are important if you want to participate in the CfP
Abstract submission: no later than 15 June 2009
Full paper submission: no later than 1st August 2009
Notification date: mid/end of August
Submission guideline:
---------------------
|----------+-------------------------------------------+------------|
|12.2XNB |Not Vulnerable | |
|----------+-------------------------------------------+------------|
|12.2XNC |12.2(33)XNC2 | |
|----------+-------------------------------------------+------------|
|12.2XND |12.2(33)XND1; available 25th August 2009 | |
|----------+-------------------------------------------+------------|
|12.2XO |Not Vulnerable | |
|----------+-------------------------------------------+------------|
|12.2XQ |Not Vulnerable | |
|----------+-------------------------------------------+------------|
PRODUCT SPECIFIC INFORMATION
None
HISTORY
Version:1 (rev.1) 06 August 2009 Initial release
Version:2 (rev.2) 24 August 2009 Added Internet Express and updated product versions
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
*/SyScan'10 HangZhou
/*date: 10 - 11 July 2010
*/SyScan'10 Taipei
/*date: 19 – 20 August 2010
*/SyScan'10 Ho Chi Minh City/*
date: 23 – 24 September 2010
but continues trying
22. January 2009 - Vulnerability reproduced, vendor investigates
other devices. Apologizes slow response.
17. June 2009 - Vendor has identified vulnerable devices,
patch due in July.
20. August 2009 - Patch available for download (only
WC7232/7242)
25. August 2009 - Advisory released
A Big Thank You to CERT-FI's Vulnerability Coordination for persistent
coordination effort.
9. *Report Timeline*
. 2009-07-28:
Core Security Technologies notifies the Pidgin team of the vulnerability
and schedules a preliminary publication date to August 18th.
. 2009-07-28:
Pidgin team requests technical details (in plaintext or encrypted).
. 2009-07-30:
*/SyScan'10 HangZhou
/*date: 10 - 11 July 2010
*/SyScan'10 Taipei
/*date: 19 – 20 August 2010
*/SyScan'10 Ho Chi Minh City/*
date: 23 – 24 September 2010
---
This issue has been assigned CVE number CVE-2009-3370.
Disclosure Timeline
-------------------
8th August 2009 - Initial Discovery and Vendor Notification 8th August 2009 - Vendor Response
27 October 2009 - Vendor Advisory Release
4 November 2009 - Context Information Security Advisory Release
Credits
-------
some evidence of feasibility or preliminary quantitative results.
Important Dates
Paper submission deadline: July 9, 2010 (Extended)
Paper acceptance or rejection: August 6, 2010
Final paper camera ready copy: August 13, 2010
Conference dates: October 28-29, 2010
Paper Submission
Eric Rescorla wrote on 08 August 2008 17:58:
> At Fri, 8 Aug 2008 17:31:15 +0100,
> Dave Korn wrote:
>>
>> Eric Rescorla wrote on 08 August 2008 16:06:
>>
>>> At Fri, 8 Aug 2008 11:50:59 +0100,
>>> Ben Laurie wrote:
>>>> However, since the CRLs will almost certainly not be checked, this
END AFFECTED VERSIONS
HISTORY
Version:1 (rev.1) - 16 July 2008 Initial release
Version:2 (rev.2) - 19 July 2008 Added BIND v9.2.0 depot information
Version:3 (rev.3) - 06 August 2008 Updated patch location, revised BIND v9.2.0 depot information, added BIND v8.1.2
Version:4 (rev.4) - 08 August 2008 Updated manual actions to include named.conf and firewall configuration setings
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
| Office of Vice President for Research
| Virginia Tech
|
| -----Original Message-----
| From: Team SHATTER [mailto:shatter@appsecinc.com]
| Sent: Monday, August 04, 2008 12:42 PM
| To: bugtraq@securityfocus.com; full-disclosure@lists.grok.org.uk
| Subject: Team SHATTER Security Advisory: SQL Injection in Oracle
Database (DBMS_DEFER_SYS.DELETE_TRAN)
|
| Team SHATTER Security Advisory
. 2008-07-08: Vendor communicates that the development team had recently
completed developing the fix; that although July was originally
indicated as a possible release window, the development team concluded
that extra testing would be necessary, preventing a July release; vendor
reports that if further issues are identified during the test process,
that may impact the tentative August release date.
. 2008-07-08: Core discusses the fact that passing from the Restricted
Sites zone or Internet zone to Intranet Zone or LMZ using a UNC path
should not be allowed if the same behavior is not allowed for the
non-UNC equivalent URI.
. 2008-08-08: Core requests updated information about the release date
PRODUCT SPECIFIC INFORMATION
None
HISTORY
Version:1 (rev.1) - 18 August 2008 Initial release
Version:2 (rev.2) - 18 August 2008 Correction to numbers in title
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
14th, 2008.
. 2008-07-08: Vendor asks Core to resend the report.
. 2008-07-14: Core sends (again) the advisory draft, and asks for
information about the vendor's plan for fixing the vulnerability.
. 2008-07-21: Core asks for updated information, and notifies the vendor
that the advisory's publication date has been rescheduled for August 4th.
. 2008-07-21: Vendor asks Core to resend the report.
. 2008-07-21: Core sends (for the third time) the advisory draft as a
compressed file.
. 2008-07-21: Vendor confirms reception of the reports and states that
the problem has been identified.
<<Previous Next>>
|
