Frugalware Security Announcements (FSAs)

Author: James Buren Vulnerable: 3.4.9-1 Unaffected: 3.4.10.1-fermus1 A security issue and a vulnerability have been reported in phpmyadmin, which can be exploited by malicious people to manipulate certain data and bypass certain security restrictions. It was possible to conduct XSS using a crafted database name. Bug Tracker URL: https://bugs.frugalware.org/ticket/4659 CVEs: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1190

Author: James Buren Vulnerable: 10.0-1 Unaffected: 10.0.2-fermus1 A security issue and a vulnerability have been reported in thunderbird, which can be exploited by malicious people to manipulate certain data and bypass certain security restrictions. Integer overflow in libpng, as used in Google Chrome before 17.0.963.56, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an integer truncation. Bug Tracker URL: https://bugs.

Author: Miklos Vajna Vulnerable: 6.22-1 Unaffected: 6.24-1mores1 A security issue and a vulnerability have been reported in Drupal, which can be exploited by malicious people to manipulate certain data and bypass certain security restrictions. The security issue is caused due to the OpenID module not properly verifying the signature of Attribute Exchange (AX) information, which can be exploited to manipulate AX information. An error in the File module when using certain field access modules can be exploited to download private files which would otherwise be restricted.

Author: Miklos Vajna Vulnerable: 7.7-1 Unaffected: 7.12-1mores1 A security issue and a vulnerability have been reported in Drupal, which can be exploited by malicious people to manipulate certain data and bypass certain security restrictions. The security issue is caused due to the OpenID module not properly verifying the signature of Attribute Exchange (AX) information, which can be exploited to manipulate AX information. An error in the File module when using certain field access modules can be exploited to download private files which would otherwise be restricted.

Author: Miklos Vajna Vulnerable: 3.4.8-1mores1 Unaffected: 3.4.9-1mores1 Multiple cross-site scripting (XSS) vulnerabilities in libraries/display_export.lib.php in phpMyAdmin allow remote attackers to inject arbitrary web script or HTML via crafted URL parameters, related to the export panels in the (1) server, (2) database, and (3) table sections. Bug Tracker URL: https://bugs.frugalware.org/ticket/4643 CVEs: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4780

Author: Miklos Vajna Vulnerable: 1.6.3-1mores1 Unaffected: 1.6.5-1mores1 Multiple vulnerabilities have been reported in Wireshark, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a user’s system. NULL pointer dereference errors when reading certain packet information can be exploited to cause a crash. An error within the RLC dissector can be exploited to cause a buffer overflow via a specially crafted RLC packet capture file.

Author: Miklos Vajna Vulnerable: 3.2.1-1 Unaffected: 3.3.1-1mores1 Aditya Modha and Samir Shah discovered a vulnerability in WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the URL to e.g. wp-comments-post.php is not properly sanitised within the “wp_guess_url()” function in wp-includes/functions.php before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user’s browser session in context of an affected site.

Author: Miklos Vajna Vulnerable: 6.x_2.12-2 Unaffected: 6.x_2.14-1mores1 A vulnerability has been reported in the Views module for Drupal, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via certain filters or arguments on certain types of views is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Bug Tracker URL: https://bugs.frugalware.org/ticket/4632 CVEs: http://cve.

Author: Miklos Vajna Vulnerable: 3.4.7.1-1mores1 Unaffected: 3.4.8-1mores1 Using crafted database names, it was possible to produce XSS in the Database Synchronize and Database rename panels. Using an invalid and crafted SQL query, it was possible to produce XSS when editing a query on a table overview panel or when using the view creation dialog. Using a crafted column type, it was possible to produce XSS in the table search and create index dialogs.

Author: Miklos Vajna Vulnerable: 0.5.4-1mores1 Unaffected: 0.7-1mores1 Beside fixing bugs the developers added some security improvements which will protect the Roundcube users from XSS and clickjacking attacks. Bug Tracker URL: https://bugs.frugalware.org/ticket/4642 CVEs: No CVE, see http://sourceforge.net/news/?group_id=139281&id=305129.