Skip to main content

Search

Search Result:

RISK: High Risk

High Risk

Apple Mac OS X Multiple Vulnerabilities

Multiple vulnerabilities have been identified in Apple OS X. Which can be exploited by attacker to denial of service conditions, spoof IPSec servers, bypass access controls and compromise the target user's system.Some errors exist due to a bundled vulnerable version of Apache.Some errors exist due to a bundled vulnerable version of Bind.Some errors exist due to a bundled vulnerable version of ClamAV.A boundary error in the CoreGraphics component when handling JBIG2 encoded data within PDF files can be exploited to cause a buffer overflow.A boundary error in the ImageIO component when handling JBIG2 encoded data within PDF files can be exploited to cause a buffer overflow.An error in the IPSec component does not verify the DNS name of an IPSec Hybrid Auth server against the certificate and can be exploited to spoof the server.An error in the Kernel component when parsing IGMP packets can be exploited to cause a kernel panic.An error in the Mobile Device Management component when handling a password passed via command-line to mdmclient can be exploited to disclose the password of other users.Some errors exist due to a bundled vulnerable version of OpenSSL.Some errors exist due to a bundled vulnerable version of PHP.Some errors exist due to a bundled vulnerable version of PostgreSQL.A boundary error in the QuickTime component when handling 'idsc' atoms in QuickTime movie files can be exploited to cause a memory corruption.An error in the Screen Lock component can be exploited to bypass the screen lock when another user is logged in. Cross-Site_Scripting Denial_of_Service Remote_Code_Execution Security_Restriction_Bypass Sensitive_Information_Disclosure Spoofing Apple OS X 10.6.x Apple OS X 10.7.x Apple OS X 10.8.x Before installation of the software, please visit the software manufacturer web-site for more details.Apply the vendor patch available from the Software Update pane in System Preferences, or Apple's Software Downloads web site at: http://www.apple.com/support/downloads/ CVE-2012-0883 CVE-2012-2686 CVE-2012-2687 CVE-2012-3499 CVE-2012-3817 CVE-2012-4244 CVE-2012-4558 CVE-2012-5166 CVE-2012-5688 CVE-2013-0166 CVE-2013-0169 CVE-2013-1025 CVE-2013-1026 CVE-2013-1027 CVE-2013-1028 CVE-2013-1029 CVE-2013-1030 CVE-2013-1031 CVE-2013-1032 CVE-2013-1033 CVE-2013-1635 CVE-2013-1643 CVE-2013-1775 CVE-2013-1824 CVE-2013-1899 CVE-2013-1900 CVE-2013-1901 CVE-2013-2020 CVE-2013-2021 CVE-2013-2110 CVE-2013-2266 AppleSecuniaSecurityTracker http://support.apple.com/kb/HT5880http://secunia.com/advisories/54829/http://securitytracker.com/id/1029028
16 Sep 2013 1454 Views

RISK: High Risk

High Risk

Apple Mac OS X Multiple Vulnerabilities

Multiple vulnerabilities have been identified in Apple Mac OS X, which can be exploited to cause elevation of privilege, sensitive information disclosure, security bypass, data manipulation, cross site scripting and remote code excution. These issues are caused by the errors in the following components/functions: ApacheApplication FirewallATSBINDDigital certificatesCFNetworkCoreFoundationCoreMediaCoreProcessesCoreStorageFile SystemsIOGraphicsiChat ServerKernellibsecurityMailmanMediaKitOpen DirectoryPHPpostfixpythonQuickTimeSMB File ServerTomcatUser DocumentationWeb Serverlibpng Cross-Site_Scripting Elevation_of_Privilege Remote_Code_Execution Security_Restriction_Bypass Sensitive_Information_Disclosure Tampering Mac OS X v10.6.8 Mac OS X Server v10.6.8 OS X Lion v10.7 and v10.7.1 OS X Lion Server v10.7 and v10.7.1 Before installation of the software, please visit the software manufacturer web-site for more details. Update through "Software Update". CVE-2011-0419 CVE-2011-3192 CVE-2011-0185 CVE-2011-3437 CVE-2011-0229 CVE-2011-0230 CVE-2011-1910 CVE-2011-2464 CVE-2009-4022 CVE-2010-0097 CVE-2010-3613 CVE-2010-3614 CVE-2011-1910 CVE-2011-2464 CVE-2011-0231 CVE-2011-3246 CVE-2011-0259 CVE-2011-0187 CVE-2011-0224 CVE-2011-0260 CVE-2011-3212 CVE-2011-3213 CVE-2011-3214 CVE-2011-1755 CVE-2011-3215 CVE-2011-3216 CVE-2011-3227 CVE-2011-0707 CVE-2011-3217 CVE-2011-3435 CVE-2011-3436 CVE-2011-3226 CVE-2011-0226 CVE-2011-2690 CVE-2011-2691 CVE-2011-2692 CVE-2010-3436 CVE-2010-4645 CVE-2011-0420 CVE-2011-0421 CVE-2011-0708 CVE-2011-1092 CVE-2011-1153 CVE-2011-1466 CVE-2011-1467 CVE-2011-1468 CVE-2011-1469 CVE-2011-1470 CVE-2011-1471 CVE-2011-0411 CVE-2010-1634 CVE-2010-2089 CVE-2011-1521 CVE-2011-3228 CVE-2011-0249 CVE-2011-0250 CVE-2011-0251 CVE-2011-0252 CVE-2011-3218 CVE-2011-3219 CVE-2011-3220 CVE-2011-3221 CVE-2011-3222 CVE-2011-3223 CVE-2011-3225 CVE-2010-1157 CVE-2010-2227 CVE-2010-3718 CVE-2010-4172 CVE-2011-0013 CVE-2011-0534 CVE-2011-3224 CVE-2011-2690 CVE-2011-2691 CVE-2011-2692 Apple http://support.apple.com/kb/HT5002
13 Oct 2011 3306 Views

RISK: High Risk

High Risk

Mass Injection Attacks Targeting osCommerce Vulnerabilities

Multiple vulnerabilities have been identified in osCommerce application, which can be exploited by hackers to inject malicious content in vulnerable osCommerce websites. A large scale injection attack targeting osCommerce websites is reported. Injected "<iframe>" and "<script>" pointing to malicious links will infect computers via various exploits. This attack leverages several osCommerce vulnerabilities including osCommerce Remote Edit Site Info Vulnerability [disclosed 10 July 2011] osCommerce 2.3.1 (banner_manager.php) Remote File Upload Vulnerability [disclosed 14 May 2011] osCommerce Online Merchant v2.2 File Disclosure And Admin ByPass Vulnerability [disclosed 30 May 2010] Remote_Code_Execution osCommerce Online Merchant v2.xosCommerce Online Merchant v3.x For web administrators, Detection Under the following circumstances, your servers may have been injected / infected Search server logs for access from IPs: 178.217.163.33 , 178.217.165.111 , 178.217.165.71 ,178.217.163.214 and access with agent string: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.0.3705; .NET CLR 1.1.4322; Media Center PC 4.0) Search your site for the existence of <iframe> or <script> tags with links pointing to hxxp :// willysy . com / images / banners / hxxp :// exero . eu / catalog / jquery . js hxxp :// tiasissi . com . br / revendedores / jquery / hxxp :// adorabletots . co . uk / tmp / js . php This list may change as attacks alter their malware hosting. Please inform us if you find other suspicious scripts. Recovery Find and remove the infected backdoors Find and remove the injected iframes / scripts Prevention Secure you osCommerce installation. http://forums.oscommerce.com/topic/313323-how-to-secure-your-oscommerce-22-site/ Upgrade to the latest version http://www.oscommerce.com/solutions/downloads Use .htaccess and passwords for authentication to protect admin directories (/admin/) http://httpd.apache.org/docs/current/howto/htaccess.html#auth Change your website hosting account and osCommerce admin passwords For end-users, Maintain security patch and security software updated, turning on personal firewall, and staying cautious. Beware of security warnings from browsers or security software. Do not visit any unsolicited websites or disable Javascript in browsers. osCommerce Armorize http://blog.armorize.com/2011/07/willysycom-mass-injection-ongoing.htmlhttp://blog.armorize.com/2011/07/willysycom-mass-injection-has-hit-more.htmlhttp://blog.trendmicro.com/oscommerce-mass-compromise-leads-to-information-theft
2 Aug 2011 5958 Views