About DOE Button Organization Button News Button Contact Us Button


Entire Site
CIAC
US Department of Energy Seal and Header Photo
Science and Technology Button Energy Sources Button Energy Efficiency Button The Environment Button Prices and Trends Button National Security Button Safety and Health Button
Office of the Cheif Information Officer
CIAC Home
About CIAC
Bulletins
Latest
High Risk
Revised
Bulletin Archive
Technical Bulletins
Search
C-Notes
Recent C-Notes
C-Notes Archive
Security Links
Advanced Search
Contact CIAC

You are the visitor to CIAC.

Quick Reference Header
ciac rss news feed


ciac logo

CIAC C-Notes

CIAC's C-Notes are collections of computer security articles and information that are of a less time critical nature than information contained in CIAC's Bulletins and Advisories. C-Notes will be listed here as we find and validate appropriate information.

Current CIAC C-Notes

C-Note-08-052: lighttpd Vulnerabilities (08/20/08)
Several local/remote vulnerabilities have been discovered in lighttpd, a fast webserver with minimal memory footprint.

To view this advisory visit:
http://www.debian.org/security/2008/dsa-1609

CIAC would like to thank Debian for this information.

C-Note-08-051: NetApp Data ONTAP Vulnerabilities (08/20/08)
NetApp Data ONTAP contains multiple vulnerabilities. The most severe of these vulnerabilities may allow an attacker to execute commands, view sensitive data, or cause a system to crash.

To view this advisory visit:
http://www.kb.cert.org/vuls/id/130923

CIAC would like to thank US-CERT for this information.

C-Note-08-050: Mozilla Products Vulnerabilities (08/20/08)
Mozilla Firefox contains a vulnerability that may allow an attacker to bypass security restrictions by opening specially crafted URIs using the Firefox command line interface.

To view this advisory visit:
http://www.mozilla.org/security/announce/2008/mfsa2008-35.html

http://www.kb.cert.org/vuls/id/130923

CIAC would like to thank Mozilla for this information.

C-Note-08-049: HP-UX Running System Administrator Manager (SAM) (08/20/08)
A potential security vulnerability has been identified in HP-UX running System Administrator Manager (SAM). This vulnerability may allow unintended remote access.

To view this advisory visit: Hewlett-Packard's Subscription Service for:
HPSBUX02286 SSRT071466 rev.1

CIAC would like to thank Hewlett-Packard for this information.

C-Note-08-048: Increased Threat for DNS Spoofing Vulnerability (08/20/08)
Microsoft has released Microsoft Security Bulletin MS08-037 on July 8, 2008, offering security updates to protect customers against Windows Domain Name System (DNS) spoofing attacks. Microsoft released this update in coordination with other DNS vendors who were also similarly impacted.

To view this advisory visit:
http://www.microsoft.com/technet/security/advisory/956187.mspx

CIAC would like to thank Microsoft for this information.

C-Note-08-047: WordPress Vulnerabilities (07/09/08)
Several remote vulnerabilities have beed discovered in WordPress, the weblog manager. WordPress allows remote attackers to redirect authenticated users to otehr websites and potentially obtain sensistive informaiton.

To view this advisory visit:
http://www.debian.org/security/2008/dsa-1601

CIAC would like to thank Debian for this information.

C-Note-08-046: Microsoft Windows Server Update Services (WSUS) Blocked from Deploying Security Updates (07/31/08)
Microsoft has revised Microsoft Security Advisory 954960 to update the example workaround steps for running the update to Windows Server Update Services 3.0 Service Pack 1 on Windows Server 2008 as an administrator. Microsoft is investigating public reports of a non-security issue that prevents the distribution of any updates deployed through Microsoft Windows Server Update Services 3.0 or Microsoft Windows Server Update Services 3.0 Service Pack 1 to client systems that have Microsoft Office 2003 installed in their environment. Microsoft is aware of reports from customers who are experiencing this issue.

To view this advisory visit:
http://www.microsoft.com/technet/security/advisory/954960.mspx

CIAC would like to thank Microsoft for this information.

C-Note-08-045: Rise in SQL Injection Attacks Exploiting Unverified User Data Input (06/27/08)
Microsoft is aware of a recent escalation in a class of atatcks targeting Web sites that use Microsoft ASP and ASP.NET technologies but do not follow best practices for secure Web application development. These SQL Injection attacks do not exploit a specific software vulnerability, but instead target Web sites that do not follow secure coding practices for accessing and manipulating data stored in a relational database.

To view this advisory visit:
http://www.microsoft.com/technet/security/advisory/954462.mspx

CIAC would like to thank Microsoft for this information.

C-Note-08-044: Tomcat 5.5 Vulnerability (06/19/08)
It was discovered that the Host Manager web application performed insufficient input sanitising, which could lead to cross-site scripting.

To view this advisory visit:
http://www.debian.org/security/2008/dsa-1593

CIAC would like to thank Debian for this information.

C-Note-08-043: Storage Management Appliance (SMA) Vulnerability (06/19/08)
Various potential security vulnerabilities have been identified in Microsoft software that is running on the Storage Management Appliance (SMA). Some of these vulnerabilities may be pertinent to the SMA.

To view this advisory visit: Visit Hewlett-Packard's Subscription Service for: HPSBST02344 SSRT080087 rev. 1.

CIAC would like to thank Hewlett-Packard for this information.

C-Note-08-042: System Center Configuration Manager 2007 Blocked from Deploying Security Updates (06/19/08)
Microsoft has completed the investigation into public reports of a non-security issue that affects environments with all supported versions of System Cneter Configuration Manager 2007 that deploy updates to Systems Management Services (SMS) 2003 clients. Microsoft has confirmed those reports and has released an update to correct this issue under Microsoft Knowledge Base Article 954474.

To view this advisory visit: http://www.microsoft.com/technet/security/advisory/954474.mspx

CIAC would like to thank Microsoft for this information.

C-Note-08-041: Cumulative Security Update of ActiveX Kill Bits (06/12/08)
A remote code execution vulnerability exists in the Speech Components sapi.dll. An attacker could exploit the vulnerability by constructing a specially crafted Web page.

To view this advisory visit: http://www.microsoft.com/technet/security/Bulletin/MS08-032.mspx

CIAC would like to thank Microsoft for this information.

C-Note-08-040: OpenSSL TLS Handshake Vulnerability (06/06/08)
A vulnerability exists in OpenSSL that may allow a remote attacker to cause a denial of service.

To view this advisory visit: http://www.kb.cert.org/vuls/id/520586

CIAC would like to thank US-CERT for this information.

C-Note-08-039: Red Hat Enterprise Linux 2.1 - 1-Year End of Life Notice (06/06/08)
Red Hat has released the 1-year notification of the End of Life plans for Red Hat Enterprise Linux 2.1.

To view this advisory visit: https://rhn.redhat.com/errata/RHSA-2008-0521.html

CIAC would like to thank Red Hat for this information.

C-Note-08-038: REVISED - Blended Threat from Apple Safari on Windows (07/08/08)
CIAC has revised C-NOTE-08-038 to reflect changes Microsoft has made in Security Advisory 953818 where they updated the Suggested Actions section.

To view this advisory visit: http://www.microsoft.com/technet.security/advisory/953818.mspx

CIAC would like to thank Microsoft for this information.

C-Note-08-037: Bind Security Vulnerabilities (05/22/08)
It was discovered that the Bind packages created the "rndc.key" file with insecure file permissions and a buffer overflow flaw was discovered in the "inet_network()" function, as implemented by lbbind. These vulnerabilities could cause a Denial of Service.

To view this advisory visit: https://rhn.redhat.com/errata/RHSA-2008-0300.html

CIAC would like to thank Red Hat for this information.

C-Note-08-036: GForge Vulnerabilities (05/15/08)
It was discovered that some scripts run by GForge, a collaborative development tool, open files in write mode in a potentially insecure manner. This may be exploited to overwrite arbitrary files on the local system.

To view this advisory visit: http://www.debian.org/security/2008/dsa-1577

CIAC would like to thank Debian for this information.

C-Note-08-035: Icedove Vulnerabilities (05/14/08)
Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird client.

To view this advisory visit: http://www.debian.org/security/2008/dsa-1574

CIAC would like to thank Debian for this information.

C-Note-08-034: PHP5 Vulnerabilities (05/14/08)
Several vulnerabilities have been discovered in PHP, a server-side, HTML-embedded scripting language.

To view this advisory visit: http://www.debian.org/security/2008/dsa-1572

CIAC would like to thank Debian for this information.

C-Note-08-033: Outlook Web Access Vulnerable (05/09/08)
Some versions of Outlook Web Access may use the no-cache instead of the no-store HTTP 1.1 directive. Sensitive information that is viewed during an Outlook Web Access session may be stored to disk.

To view this advisory visit: http://www.kb.cert.org/vuls/id/829876

CIAC would like to thank US-CERT for this information.

C-Note-08-032: Internet Explorer 7 DisableCachingOFSSLPages Vulnerability (05/09/08)
Setting the Internet Explorer 7 option DIsableCachingOfSSLPages may not prevent the caching of SSL-enabled web pages.

To view this advisory visit: http://www.kb.cert.org/vuls/id/468843

CIAC would like to thank US-CERT for this information.

C-Note-08-031: Kernel Security and Bug Fix (05/09/08)
Red Hat has put out RHSA-2008:0233-10 and RHSA-2008:0237-10 to fix various security issues and several bugs for Red Hat Enterprise Linux 5.

To view this advisories visit: https://rhn.redhat.com/errata/RHSA-2008-0233.html
https://rhn.redhat.com/errata/RHSA-2008-0237.html

CIAC would like to thank Red Hat for this information.

C-Note-08-030: Motorola Surfboard Vulnerability (05/01/08)
Motorola Suftboard cable modems may contain a cross-site request forgery vulnerability that allows an attacker to cause an affected modem to reboot or reload its configuration.

To view this advisory visit: http://www.kb.cert.org/vuls/id/643049

CIAC would like to thank US-CERT for this information.

C-Note-08-029: ldm Vulnerability (04/28/08)
Within the Linux Terninal Server Project, it is possible to connect to X on any LTSP client from any host on the network, making client windows and keystrokes visible to that host.

To view this advisory visit: http://www.debian.org/security/2008-dsa-1561

CIAC would like to thank Debian for this information.

C-Note-08-028: Kronolith Vulnerability (04/28/08)
The Kronolith, a calendar component for the Horde Framework, didn't properly sanitize URL input, leading to a cross-site scripting vulnerability in the add event screen.

To view this advisory visit: http://www.debian.org/security/2008-dsa-1560

CIAC would like to thank Debian for this information.

C-Note-08-027: CUPS Vulnerability (04/28/08)
CUPS contains an integer overflow that may allow a remote attacker to cause a vulnerable system to crash.

To view this advisory visit: http://www.kb.cert.org/vuls/id/218395

CIAC would like to thank US-CERT for this information.

C-Note-08-026: Perl Vulnerability (04/28/08)
It has been discovered that the Perl interpreter may encounter a buffer overflow condition when compiling certain regular expressions containing Unicode characters. This also happens if the offending characters are contained in a variable reference protected by the \Q...\E quoting construct.

To view this advisory visit: http://www.debian.org/security/2008-dsa-1556

CIAC would like to thank Debian for this information.

C-Note-08-025: phpMyAdmin Vulnerabilities (04/28/08)
Several remote vulnerabilities have been discovered in phpMyAdmin, an application to administrate MySQL over the WWW.

To view this advisory visit: http://www.debian.org/security/2008-dsa-1557

CIAC would like to thank Debian for this information.

C-Note-08-024: xpdf Vulnerabilities (04/25/08)
A vulnerability was discovered in xpdf, a set of tools for display and conversion of Portable Document Format (PDF) files. If a maliciuously crafted PDF file is opened, the vulnerability may allow the execution of arbitrary code with privileges of the user running xpdf.

To view this advisory visit: http://www.debian.org/security/2008-dsa-1548

CIAC would like to thank Debian for this information.

C-Note-08-023: Update to Improve Kernel Patch Protection (04/25/08)
An update is available for Kernel Patch Protection included with x64-based Windows operating systems. Kernel Patch Protection protects code and critical structures in the Windows Kernel from modification by unknown code or data.

To view this advisory visit: http://www.microsoft.com/technet/security/advisory/932596.mspx

CIAC would like to thank Microsoft for this information.

C-Note-08-022: Iceweasel Vulnerabilities (04/25/08)
It was discovered that crashes in the Javascript engine of Iceweasel, an unbranded version of the Firefox browser could potentially lead to the execution of arbitrary code.

To view this advisory visit: http://www.debian.org/security/2008/dsa-1555

CIAC would like to thank Debian for this information.

C-Note-08-021: ikiwiki Vulnerabilities (04/25/08)
It has been discovered that ikiwiki, a Wiki implementation, does not guard password and content chnages against cross-site request forgery (CSRF) attacks.

To view this advisory visit: http://www.debian.org/security/2008/dsa-1553

CIAC would like to thank Debian for this information.

C-Note-08-020: Firebird Vulnerabilities (04/10/08)
Multiple security problems have been discovered in the Firebird database, which may lead to the execution of arbitrary code or denial of service.

To view these advisories visit: http://www.debian.org/security/2008/dsa-1529

CIAC would like to thank Debian for this information.

C-Note-08-019: GNU Complier Collection (GCC) Vulnerability (04/04/08)
Some versions of gcc may silently discard certain checks for overflow. Applications compiled with these versions of gcc may be vulnerable to buffer overflows.

To view these advisories visit: http://www.kb.cert.org/vuls/id/162289

CIAC would like to thank US-CERT for this information.

C-Note-08-018: AirSpan Base Station Distribution Unit Vulnerability (03/28/08)
AirSpan Base Station Distribution Units may contain an undocumented telnet server that authenticates via a known password and is enabled by default.

To view these advisories visit: http://airspan4wimax.googlepages.com
http://www.kb.cert.ogr/vuls/id/446403

CIAC would like to thank AirSpan for this information.

C-Note-08-017: KC Wiki 'wiki.php' Vulnerabilities (03/06/08)
KC Wiki is prone to multiple remote file-include vulnerabilities because it fails to properly sanitise user-supplied input.

To view these advisories visit: http://www.securityfocus.com/bid/28074/discuss

CIAC would like to thank Security Focus for this information.

C-Note-08-016: Vocera Communications System Vulnerability (02/26/08)
The Vocera Communications System is prone to a security-bypass vulnerability in its PEAP implementation because the software fails to properly validate server certificates.

To view these advisories visit: http://www.securityfocus.com/bid/27935/discuss

CIAC would like to thank Security Focus for this information.

C-Note-08-015: XOOPS Vulnerabilities (02/26/08)
The XOOPS Tiny Event 'print' Option and the 'prayerlist' module are prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

To view these advisories visit: http://www.securityfocus.com/bid/27931/discuss
http://www.securityfocus.com/bid/27934/discuss

CIAC would like to thank Security Focus for this information.

C-Note-08-014: PHP-Nuke Parameter SQL Injection Vulnerabilities (02/26/08)
The Classifieds, NukeC, and Manuales modules for PHP-Nuke are prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

To view these advisories visit: http://www.securityfocus.com/bid/27930/discuss
http://www.securityfocus.com/bid/27937/discuss
http://www.securityfocus.com/bid/27933/discuss

CIAC would like to thank Security Focus for this information.

C-Note-08-013: Liferay Portal Vulnerabilities (02/08/08)
Liferay Portal fails to properly protect against Cross-Site request Forgery (CSRF). This may allow a remote attacker to be able to forge requests that Liferay Portal takes action upon.

To view these advisories visit: http://www.kb.cert.org/vuls/id/767825
http://www.kb.cert.org/vuls/id/217825
http://www.kb.cert.org/vuls/id/732449
http://www.kb.cert.org/vuls/id/888209
http://www.kb.cert.org/vuls/id/326065

CIAC would like to thank US-CERT for this information.

C-Note-08-012: Toshiba Surveillance Surveillix DVR 'MeIpCamX.DLL' ActiveX Control Buffer Overflow Vulnerabilities (01/28/08)
Surveillix DVR 'MeIpCamX.DLL' ActiveX control is prone to multiple buffer-overflow vulnerabilities because the application fails to perform adequate boundary checks on user-supplied data.

This advisory is visit: http://www.securityfocus.com/bid/27360/discuss

CIAC would like to thank Security Focus for this information.

C-Note-08-011: Default Passwords in the Cisco Application Velocity System (01/28/08)
Versions of the Cisco Application Velocity System (AVS) prior to software version AVS 5.1.0 do not prompt users to modify system account passwords during the initial configuration process. Because there is no requirement to change these credentials during the initial configuration process, an attacker may be able to leverage the accounts that have default credentials, some of which have root privileges, to take full administrative control of the AVS system.

This advisory is visit: http://www.cisco.com/en/US/products/products_security_advisory09186a0080939431.shtml

CIAC would like to thank Cisco for this information.

C-Note-08-010: Gforge Vulnerability (01/16/08)
It was discovered that Gforge, a collaborative development tool, did not properly sanitise some CGI parameters, allowing SQL injection in scripts related to RSS exports.

This advisory is visit: http://www.debian.org/security/2008/dsa-1459 http://www.debian.org/security/2008/dsa-1459">http://www.debian.org/security/2008/dsa-1459

CIAC would like to thank Debain for this information.

C-Note-08-009: Gateway CWebLaunchCtl ActiveX Control Buffer Overflow (01/10/08)
The Gateway CWebLaunchCtl ActiveX control contains a buffer overflow, which may allow a remote, authenticated attacker to execute arbitrary code on a vulnerable system.

This advisory is visit: http://www.kb.cert.org/vuls/id/735441

CIAC would like to thank US-CERT for this information.

C-Note-08-008: Wireshark Security Update (12/03/07)
Several remote vulnerabilities have been discovered in the Wireshark network traffic analyzer, which may lead to denial of service or execution of arbitrary code.

This advisory is posted at: http://www.debian.org/security/2007/dsa-1414

CIAC would like to thank Debian for this information.

C-Note-08-007: MySQL Security Update (12/03/07)
Several vulnerabilities have been found inthe MySQL database packages with implications ranging from unauthorized database modifications to remotely triggered server crashes.

This advisory is posted at: http://www.debian.org/security/2007/dsa-1413

CIAC would like to thank Debian for this information.

C-Note-08-006: Kernel Security Update (12/03/07)
There are several security issues in Linux Kernel that could causing a denial of service (DoS) attacks.

This advisory is posted at: https://rhn.redhat.com/errata/RHSA-2007-0993.html

CIAC would like to thank Red Hat for this information.

C-Note-08-005: Adobe ColdFusion Security Update (11/16/07)
An errir in ColdFusion MX7 and ColdFusion 8 applications could allow an attacker to hijack user sessions. This issue does not apply to customers using J2EE session management.

This advisory is posted at: http://www.adobe.com/support/security/bulletins/apsb07-19.html

CIAC would like to thank Adobe for this information.

C-Note-08-004: Apache Tomcat Update (10/26/07)
There are Several security vulnerabilities in Apache Tomcat.

This advisory is posted at: http://tomcat.apache.org/security-4.html

CIAC would like to thank Apache for this information.

C-Note-08-003: FLAC Security Update (10/23/07)
A security flaw was found in the way flac processed audio data. FLAC is a Free Lossless Audio Codec.

This advisory is posted at: https://rhn.redhat.com/errata/RHSA-2007-0975.html

CIAC would like to thank Red Hat for this information.

C-Note-08-002: Kernel Security Update (10/23/07)
There are numerous flaws in Linux Kernel packages which could cause a denial of service condition.

This advisory is posted at: https://rhn.redhat.com/errata/RHSA-2007-0940.html

CIAC would like to thank Red Hat for this information.

C-Note-08-001: Cisco Wireless Control System Conversion Utility Adds Default Password (10/11/07)
Customers who use the Cisco Works Wireless LAN Solution Engine (WLSE) may use a conversion utility to convert over to a Cisco Wireless Control System (WCS). This conversion utility creates and uses administrative accounts with default credentials. Because there is no requirement to change these credentials during the conversion process, an attacker may be able to leverage the accounts that have default credentials to take full administrative control of the WCS after the conversion has been completed.

This advisory is posted at: http://www.cisco.com/warp/public/707/cisco-sa-20071010-wcs.shtml

CIAC would like to thank Cisco for this information.

The White House www.USA.gov E-gov IQ FOIA
U.S. Department of Energy | 1000 Independence Ave., SW | Washington, DC 20585
1-800-dial-DOE | f/202-586-4403