Frugalware Security Announcements (FSAs)

Author: Miklos Vajna Vulnerable: 1.4.4-1nexon1 Unaffected: 1.4.6-1nexon1 Multiple vulnerabilities have been reported in Wireshark, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. A use-after-free error within the X.509if dissector can be exploited to cause a crash via specially crafted packets. An error in the DECT dissector can be exploited to cause a buffer overflow via specially crafted packets.

Author: Miklos Vajna Vulnerable: 3.3.9-1 Unaffected: 3.3.9.2-1nexon1 A security issue has been reported in phpMyAdmin, which can be exploited by malicious users to bypass certain security restrictions. The security issue is caused due to an error within the handling of bookmarked SQL queries, which can be exploited to e.g. trick other users into executing unintended bookmarked SQL queries. Successful exploitation requires that the bookmarks functionality is enabled and the configuration storage is set up and enabled.

Author: Miklos Vajna Vulnerable: 1.4.3-1 Unaffected: 1.4.4-1nexon1 Multiple vulnerabilities have been reported in Wireshark, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. An error when processing certain pcap-ng files can be exploited to free an uninitialised pointer. An error when handling certain packet lengths can be exploited to cause a crash via a specially crafted pcap-ng file. An error when processing Nokia DCT3 trace files can be exploited to cause a buffer overflow via a specially crafted file.

Author: Miklos Vajna Vulnerable: 3.0.4-1 Unaffected: 3.0.5-1nexon1 Multiple vulnerabilities have been reported in WordPress, which can be exploited by malicious users to conduct script insertion attacks and disclose potentially sensitive information and by malicious people to conduct cross-site scripting attacks. Input passed via the post title when performing a “Quick Edit” or “Bulk Edit” action and via the “post_status”, “comment_status”, and “ping_status” parameters is not properly sanitised before being used.

Author: Miklos Vajna Vulnerable: 3.0.5-1nexon1 Unaffected: 3.1.1-1nexon1 Two vulnerabilities have been reported in WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks and cause a DoS (Denial of Service). Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user’s browser session in context of an affected site. The “make_clickable()” function in wp-includes/formatting.

Author: Miklos Vajna Vulnerable: 6.x_1.13-1 Unaffected: 6.x_1.14-1haven1 A security issue has been reported in the Mollom module for Drupal, which may lead to exposure of sensitive information. The security issue is caused due to an error in the module which can lead to certain sensitive user data e.g. a user’s password in clear text being logged via calls to Drupal’s watchdog API. Successful exploitation requires that an attacker has “access site reports” permissions or has access to system syslog files.

Author: Miklos Vajna Vulnerable: 10.10-1 Unaffected: 11.01-1haven1 Two weaknesses and some vulnerabilities have been reported in Opera, which can be exploited by malicious people to bypass certain security restrictions, disclose potentially sensitive information, and compromise a user’s system. An integer truncation error when processing certain specially crafted HTML pages can be exploited by e.g. tricking a user into visiting a malicious website. The application allows users to perform certain actions via “opera:” URLs.

Author: Miklos Vajna Vulnerable: 5.x_1.9-1 Unaffected: 5.x_2.0-1haven1 A vulnerability has been reported in the Image module for Drupal, which can be exploited by malicious users to conduct script insertion attacks. Certain unspecified input is not properly sanitised before being displayed to the user. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user’s browser session in the context of an affected site when the malicious data is being viewed.

Author: Miklos Vajna Vulnerable: 6.x_1.0_alpha4-1 Unaffected: 6.x_1.1-1haven1 See FSA706. Bug Tracker URL: http://bugs.frugalware.org/task/4396 CVEs: No CVE references, see http://drupal.org/node/1005578

Author: Miklos Vajna Vulnerable: 6.x_2.11-1 Unaffected: 6.x_2.12-1haven1 Multiple vulnerabilities have been reported in the Views module for Drupal, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the URL is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user’s browser session in context of an affected site. Bug Tracker URL: http://bugs.