| New User, Welcome! Login |
Next Page >>
contained
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin List: A list of HP Security Bulletins, updated periodically, is contained in HP Security Notice HPSN-2011-001: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c02964430
3C = 3COM
3P = 3rd Party Software
GN = HP General Software
HF = HP Hardware and Firmware
Microsoft whether the release of a fixed version has moved to March 9th
2010.
. 2009-12-21:
Microsoft replies that the ship date for the vulnerability MSRC 9368 in
MSO.dll is still February 9th 2010 (the spreadsheet contained a clerical
error).
. 2010-02-01:
Core requests MSRC the list of non vulnerable versions of Excel /
Office, and a statement for the "vendor information" section of the
In general, a standard system upgrade is sufficient to effect the
necessary changes.
Details follow:
It was discovered that Ghostscript contained a buffer underflow in its
CCITTFax decoding filter. If a user or automated system were tricked into
opening a crafted PDF file, an attacker could cause a denial of service or
execute arbitrary code with privileges of the user invoking the program.
(CVE-2007-6725)
Several vulnerabilities have been discovered in ffmpeg, a multimedia
player, server and encoder, which also provides a range of multimedia
libraries used in applications like MPlayer:
Various programming errors in container and codec implementations
may lead to denial of service or the execution of arbitrary code
if the user is tricked into opening a malformed media file or stream.
Affected and updated have been the implementations of the following
codecs and container formats:
2.5.0 to 2.5.6.SEC02 (community releases)
2.5.0 to 2.5.7.SR01 (subscription customers)
Earlier, unsupported versions may also be affected
Description:
Prior to JSP 2.0, Expression Language (EL) was not supported. To enable the use of EL in web applications based on earlier JSP specifications, some Spring MVC tags provide EL support independently of the Servlet/JSP container. The evaluation of EL is enabled by default. When used on containers that do support EL, the attributes can be evaluated for EL twice. Once by the container and once by the tag. This can lead to unexpected results that include disclosure of information. More details, including a complete list of the vulnerable tags and attributes, are available in a paper[1] written by the researchers that discovered this issue.
Example:
A request of the form:
http:///vulnerable.com/foo?message=${applicationScope}
RESOLUTION
HP has made patches available to resolve the vulnerabilities for NNM v7.53.
HP has made a new version of the ovalarmsrv program available to resolve the vulnerabilities for NNM v7.01 and NNM v7.51. The new ovalarmsrv is available as a file to be installed manually. The files are listed in the table below. Instructions for installing the files are contained in the readme_for_ovalarmsrv.txt file.
For NNM v7.01 and NNM v7.51 patches must be installed before the ovalarmsrv file is installed.
The ovalarmsrv files and the readme_for_ovalarmsrv.txt file are available from ftp://ss080044:ss080044@hprc.external.hp.com/
Information on CVSS is documented in HP Customer Notice: HPSN-2008-002.
RESOLUTION
HP has made a new version of the ovalarmsrv program available to resolve the vulnerabilities. The new ovalarmsrv is available as a file to be installed manually. There are separate ovalarmsrv files for each version of NNM. The files are listed in the table below. Instructions for installing the files are contained in the readme_for_ovalarmsrv.txt file.
For NNM v7.01 and NNM v7.51 patches must be installed before the ovalarmsrv file is installed. No patches are required for NNM v7.53.
The ovalarmsrv files and the readme_for_ovalarmsrv.txt file are available from ftp://ss080044:ss080044@hprc.external.hp.com/
RESOLUTION
HP has made patches available to resolve the vulnerabilities for NNM v7.53.
HP has made a new version of the ovtopmd program available to resolve the vulnerabilities for NNM v7.01 and NNM v7.51. The new ovtopmd is available as a file to be installed manually. The files are listed in the table below. Instructions for installing the files are contained in the readme_for_ovtopmd.txt file.
For NNM v7.01 and NNM v7.51 patches must be installed before the ovtopmd file is installed.
The ovtopmd files and the readme_for_ovtopmd.txt file are available from ftp://ss080046:ss080046@hprc.external.hp.com/
> a.k.a. c0d3r/c0d3rZ/corelanc0d3r on various forums
> ____________________________________________________
>
>
>
> This transmission is intended only for use by the intended recipient(s). If you are not an intended recipient you should not read, disclose, copy, circulate or in any other way use the information contained in this transmission. The information contained in this transmission may be confidential and/or privileged. If you have received this transmission in error, please notify the sender immediately and delete this transmission including any attachments.
________________________________________
Hotmail: Trusted email with powerful SPAM protection. Sign up now.
This transmission is intended only for use by the intended recipient(s). If you are not an intended recipient you should not read, disclose, copy, circulate or in any other way use the information contained in this transmission. The information contained in this transmission may be confidential and/or privileged. If you have received this transmission in error, please notify the sender immediately and delete this transmission including any attachments.
changed without the signer's knowledge.
III. Impact
An attacker can change the target of hyperlinks contained in
signed documents, hoping to induce trust to the linked sites,
or otherwise deceive the user.
III.1. Proof of Concept
> signature.=20
>=20
>=20
> As a solution the scope of the signature needs to be extended=20
>=20
> to cover all the relevant information contained in the whole=20
>=20
> document, thus also the meta data in core.xml.
>=20
>=20
> Include core.xml, and probably other files in the signature's=20
software utilizing a vulnerable version of Apple's Webkit. User
interaction is required to exploit this vulnerability in that the target
must visit a malicious page.
The specific flaw exists within the way that Apple's Webkit handles the
DOCUMENT_POSITION_DISCONNECTED attribute when a container is removed.
This attribute is responsible for ensuring that a node is disconnected
from it's container and is implementation specific regarding the order
of each node. If the disconnected element is removed from a particular
type of container, the next time the application attempts to reference
that container, the application will access memory that has been free
Spring Security 2.0.0 t0 2.0.5
Acegi Security 1.0.0 to 1.0.7
Description:
Spring Security does not consider URL path parameters when processing security constraints. By adding an URL path parameter to a request, an attacker may be able to bypass a security constraint. The root cause of this issue is a lack of clarity regarding the handling of path parameters in the Servlet Specification (see below). Some Servlet containers include path parameters in the value returned for getPathInfo() and some do not. Spring Security uses the value returned by getPathInfo() as part of the process of mapping requests to security constraints. The unexpected presence of path parameters can cause a constraint to be bypassed.
Users of Apache Tomcat (all current versions) are not affected by this vulnerability since Tomcat follows the guidance previously provided by the Servlet Expert group and strips path parameters from the value returned by getContextPath(), getServletPath() and getPathInfo().
Users of SpringSource tc Server (all versions) are not affected. tc Server uses Apache Tomcat and does not change the handling of path parameters.
LJ4250_LJ4350_firmware_20090323_features.pdf
c6c40c429a34dcf63f6ef8410f325426
299c19cfe8d1d54bc18e961154b85a7709de825c
Note: The preliminary firmware for HP LaserJet 4250 and 4350, 20090323 SPCL014, contained in the file lj4x50fw_08_014_0_interim.rfu is fully tested. It should be used instead of the preliminary version 20080819 SPCL015A recommended in rev.1 and rev.2 of this Security Bulletin.
PRODUCT SPECIFIC INFORMATION
None
HISTORY
sha1sum: bb50b3ad7934e3f9e24edc879b35e83b357343b2
http://kb.vmware.com/kb/1018404
ESXi 3.5
--------
ESXi 3.5 patch ESXe350-200912402-T-BG was first contained in
ESXe350-200912401-O-BG from December 2009.
The same patch, ESXe350-200912402-T-BG, is also contained in
ESXe350-201002401-O-SG from February 2010 ESXi 3.5 security update.
Potential Security Impact: Remote Denial of Service (DoS), unauthorized access
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY
Potential security vulnerabilities have been identified with HP-UX running Apache-based Web Server. The vulnerabilities could be exploited remotely to cause a Denial of Service (DoS) or unauthorized access. Apache-based Web Server is contained in the Apache Web Server Suite.
References: CVE-2009-3094, CVE-2009-3095, CVE-2010-0408, CVE-2010-0740, CVE-2010-0433, CVE-2010-0434
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
HP-UX B.11.23, B.11.31 running Apache-based Web Server versions before v2.2.8.09
RESOLUTION
HP is releasing the following Early Release Patch (ERP) kits publicly for use by any customer until updates are available in mainstream release patch kits.
The resolutions contained in the ERP kits are targeted for availability in the following mainstream kit:
HP Internet Express for Tru64 UNIX v 6.9
The ERP kits use dupatch to install and will not install over any Customer Specific Patches (CSPs) that have file intersections with the ERPs. Contact your service provider for assistance if the installation of the ERPs is blocked by any of your installed CSPs.
Potential Security Impact: Remote Denial of Service (DoS), cross-site scripting (XSS), unauthorized access
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY
Potential security vulnerabilities have been identified with HP-UX running Apache-based Web Server. The vulnerabilities could be exploited remotely to cause a Denial of Service (DoS), cross-site scripting (XSS) or unauthorized access. Apache-based Web Server is contained in the Apache Web Server Suite.
References: CVE-2006-3918, CVE-2007-4465, CVE-2007-6203, CVE-2008-0005, CVE-2008-0599, CVE-2008-2168, CVE-2008-2364, CVE-2008-2371, CVE-2008-2665, CVE-2008-2666, CVE-2008-2829, CVE-2008-2939, CVE-2008-3658, CVE-2008-3659, CVE-2008-3660, CVE-2008-5498, CVE-2008-5557, CVE-2008-5624, CVE-2008-5625, CVE-2008-5658.
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
HP-UX B.11.23, B.11.31 running Apache-based Web Server versions before v2.2.8.05
Potential Security Impact: Remote Denial of Service (DoS), unauthorized access
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY
Potential security vulnerabilities have been identified with HP-UX running Tomcat-based Servlet Engine. The vulnerabilities could be exploited remotely to cause a Denial of Service (DoS) or unauthorized access. Tomcat-based Servlet Engine is contained in the Apache Web Server Suite.
References: CVE-2008-5515, CVE-2009-0033, CVE-2009-0580, CVE-2009-0781, CVE-2009-0783.
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
HP-UX B.11.11, B.11.23 and B.11.31 running Tomcat-based Servlet Engine v5.5.27.02 or earlier
Potential Security Impact: Remote Denial of Service (DoS), execution of arbitrary code
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY
Potential security vulnerabilities have been identified with HP-UX running Apache-based Web Server or Tomcat-based Servelet Engine. The vulnerabilities could be exploited remotely to cause a Denial of Service (DoS), or execution of arbitrary code. Apache-based Web Server and Tomcat-based Servelet Engine are contained in the Apache Web Server Suite.
References: CVE-2007-4465, CVE-2008-0005, CVE-2008-0599, CVE-2008-2168, CVE-2008-2371, CVE-2008-2665, CVE-2008-2666, CVE-2008-2829, CVE-2008-3659, CVE-2008-3660, CVE-2008-5498, CVE-2008-5557, CVE-2008-5624, CVE-2008-5625, CVE-2008-5658.
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
HP-UX B.11.23 and B.11.31 running Apache-based Web Server v2.2.8.03 or v2.0.59.09 or earlier or Tomcat-based Servelet Engine v5.5.27.01 or earlier
Potential Security Impact: Remote Denial of Service (DoS), cross-site scripting (XSS), execution of arbitrary code, cross-site request forgery (CSRF)
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY
Potential security vulnerabilities have been identified with HP-UX running Apache-based Web Server or Tomcat-based Servelet Engine. The vulnerabilities could be exploited remotely to cause a Denial of Service (DoS), cross-site scripting (XSS), execution of arbitrary code, or cross-site request forgery (CSRF). Apache-based Web Server and Tomcat-based Servelet Engine are contained in the Apache Web Server Suite.
References: CVE-2007-6420, CVE-2008-1232, CVE-2008-1947, CVE-2008-2364, CVE-2008-2370, CVE-2008-2938, CVE-2008-2939, CVE-2008-3658
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
HP-UX B.11.23 and B.11.31 running Apache-based Web Server v2.2.8.01.01 or earlier or Tomcat-based Servelet Engine v5.5.27.01.01 or earlier
Potential Security Impact: Remote Denial of Service (DoS), cross-site scripting (XSS), execution of arbitrary code, cross-site request forgery (CSRF)
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY
Potential security vulnerabilities have been identified with HP-UX running Apache-based Web Server or Tomcat-based Servelet Engine. The vulnerabilities could be exploited remotely to cause a Denial of Service (DoS), cross-site scripting (XSS), execution of arbitrary code, or cross-site request forgery (CSRF). Apache-based Web Server and Tomcat-based Servelet Engine are contained in the Apache Web Server Suite.
References: CVE-2007-6420, CVE-2008-1232, CVE-2008-1947, CVE-2008-2364, CVE-2008-2370, CVE-2008-2938, CVE-2008-2939, CVE-2008-3658
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
HP-UX B.11.23 and B.11.31 running Apache-based Web Server v2.2.8.01.01 or v2.0.59.07.02 or earlier or Tomcat-based Servelet Engine v5.5.27.01 or earlier
LJ4250_LJ4350_firmware_20090323_features.pdf
c6c40c429a34dcf63f6ef8410f325426
299c19cfe8d1d54bc18e961154b85a7709de825c
Note: The preliminary firmware for HP LaserJet 4250 and 4350, 20090323 SPCL014, contained in the file lj4x50fw_08_014_0_interim.rfu is fully tested. It should be used instead of the preliminary version 20080819 SPCL015A recommended in rev.1 and rev.2 of this Security Bulletin.
PRODUCT SPECIFIC INFORMATION
None
HISTORY
RESOLUTION
HP is releasing the following Early Release Patch (ERP) kits publicly for use by any customer until updates are available in mainstream release patch kits.
The resolutions contained in the ERP kits are targeted for availability in the following mainstream kit:
HP Internet Express for Tru64 UNIX v 6.9
The ERP kits use dupatch to install and will not install over any Customer Specific Patches (CSPs) that have file intersections with the ERPs. Contact your service provider for assistance if the installation of the ERPs is blocked by any of your installed CSPs.
sha1sum: bb50b3ad7934e3f9e24edc879b35e83b357343b2
http://kb.vmware.com/kb/1018404
ESXi 3.5
--------
ESXi 3.5 patch ESXe350-200912402-T-BG was first contained in
ESXe350-200912401-O-BG from December 2009.
The same patch, ESXe350-200912402-T-BG, is also contained in
ESXe350-201002401-O-SG from February 2010 ESXi 3.5 security update.
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY
Potential security vulnerabilities have been identified with HP-UX running Tomcat-based Servlet Engine. The vulnerabilities
could be exploited remotely to increase privilege or arbitrarily modify files. Tomcat-based Servlet Engine is contained in
the Apache Web Server Suite.
References: CVE-2009-2693, CVE-2009-2902, CVE-2009-3548.
DIRECTORY and INDEX DIRECTORY options to possibly bypass privilege checks.
This update alters table creation behaviour by disallowing the use of the
MySQL data directory in DATA DIRECTORY and INDEX DIRECTORY options. This
issue only affected Ubuntu 8.10. (CVE-2008-4098)
It was discovered that MySQL contained a cross-site scripting vulnerability
in the command-line client when the --html option is enabled. An attacker
could place arbitrary web script or html in a database cell, which would
then get placed in the html document output by the command-line tool. This
issue only affected Ubuntu 6.06 LTS, 8.04 LTS, 8.10 and 9.04.
(CVE-2008-4456)
RESOLUTION
HP is releasing the following Early Release Patch (ERP) kits publicly for use by any customer until updates are available in mainstream release patch kits.
The resolutions contained in the ERP kits are targeted for availability in the following mainstream kit:
HP Tru64 UNIX v 5.1B-5
The ERP kits use dupatch to install and will not install over any Customer Specific Patches (CSPs) that have file intersections with the ERPs. Contact your service provider for assistance if the installation of the ERPs is blocked by any of your installed CSPs.
RESOLUTION
HP has made the following procedure available to resolve the vulnerability.
Note: The resolution is contained in the archive files listed below. Before an archive file is applied a patch may be required. The patch will insure that NNM is compatible with the software files in the archive. No patch is required for NNM v7.53.
1. Install the appropriate patch listed in the table below. The patches are available from http://itrc.hp.com
2. Download the appropriate archive file listed in the table below. The archive files are available here:
ftp://ss080024:ss080024@hprc.external.hp.com/
RESOLUTION
HP has provided HP Insight Diagnostics v7.9.1.2402 or subsequent to resolve this vulnerability.
HP Insight Diagnostics v7.9.1.2402 is contained in the HP SmartStart CD v7.91.
HP SmartStart CD v7.91 can be downloaded from
http://h20000.www2.hp.com/bizsupport/TechSupport/SoftwareDescription.jsp?swItem=MTX-a8f7363b3e0944789871f6a731
PRODUCT SPECIFIC INFORMATION
None
Next Page>>
|
|
|
