security-alert | 23 Apr 18:32 2014
Picon

[security bulletin] HPSBMU02997 rev.2 - HP Smart Update Manager (SUM) running OpenSSL, Remote Disclosure of Information


Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04239375

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04239375
Version: 2

HPSBMU02997 rev.2 - HP Smart Update Manager (SUM) running OpenSSL, Remote
Disclosure of Information

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release Date: 2014-04-13
Last Updated: 2014-04-23

Potential Security Impact: Remote disclosure of information

Source: Hewlett-Packard Company, HP Software Security Response Team

VULNERABILITY SUMMARY
A potential security vulnerability has been identified with HP Smart Update
Manager (SUM) running OpenSSL.This is the OpenSSL vulnerability known as
"Heartbleed" which could be exploited remotely resulting in disclosure of
information.

References: CVE-2014-0160, SSRT101503
(Continue reading)

security-alert | 23 Apr 17:45 2014
Picon

[security bulletin] HPSBMU02995 rev.5 - HP Software HP Service Manager, Asset Manager, UCMDB Browser, UCMDB Configuration Manager, Executive Scorecard, Server Automation, Diagnostics, LoadRunner, and Performance Center, running OpenSSL, Remote Disclosure of Information


Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04236102

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04236102
Version: 5

HPSBMU02995 rev.5 - HP Software HP Service Manager, Asset Manager, UCMDB
Browser, UCMDB Configuration Manager, Executive Scorecard, Server Automation,
Diagnostics, LoadRunner, and Performance Center, running OpenSSL, Remote
Disclosure of Information

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release Date: 2014-04-11
Last Updated: 2014-04-23

Potential Security Impact: Remote disclosure of information

Source: Hewlett-Packard Company, HP Software Security Response Team

VULNERABILITY SUMMARY
The Heartbleed vulnerability was detected in specific OpenSSL versions.
OpenSSL is a 3rd party product that is embedded with some of HP Software
products. This bulletin objective is to notify HP Software customers about
products affected by the Heartbleed vulnerability.
(Continue reading)

Vulnerability Lab | 23 Apr 12:59 2014

AirPhoto WebDisk v4.1.0 iOS - Code Execution Vulnerability

Document Title:
===============
AirPhoto WebDisk v4.1.0 iOS - Code Execution Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1258

Release Date:
=============
2014-04-22

Vulnerability Laboratory ID (VL-ID):
====================================
1258

Common Vulnerability Scoring System:
====================================
8.7

Product & Service Introduction:
===============================
WebDisk lets your iphone/ipad become a file website over wi-fi netwrk.You can upload/download your
document to your iphone/ipad 
on your pc browser over wi-fi. It is also a document viewer.let you direct view your document on your
iphone/iphone. You can 
upload /download file to iphone/ipad on your pc browser over wi-fi.

(Copy of the Homepage: https://itunes.apple.com/us/app/webdisk/id546221210 )

(Continue reading)

SEC Consult SA-20140423-0 :: Path Traversal/Remote Code Execution in WD Arkeia Network Backup Appliances

SEC Consult Vulnerability Lab Security Advisory < 20140423-0 >
=======================================================================
              title: Path Traversal/Remote Code Execution
            product: WD Arkeia Virtual Appliance (AVA)
 vulnerable version: All Arkeia Network Backup releases (ASA/APA/AVA) since 7.0.3.
      fixed version: 10.2.9
         CVE number: CVE-2014-2846
             impact: critical
           homepage: http://www.arkeia.com/
              found: 2014-03-05
                 by: M. Lucinskij
                     SEC Consult Vulnerability Lab
                     https://www.sec-consult.com
=======================================================================

Vendor description:
-------------------
"The WD Arkeia virtual appliance (AVA) for backup provides simple, reliable and
affordable data protection for enterprises seeking to optimize the benefits of
virtualization. The AVA offers all the features of the hardware appliance, but
permits you to use your own choice of hardware."

source:
http://www.arkeia.com/en/products/arkeia-network-backup/backup-server/virtual-appliance

Business recommendation:
------------------------
The identified path traversal vulnerability can be exploited by unauthenticated
remote attackers to gain unauthorized access to the WD Arkeia virtual appliance
and stored backup data.
(Continue reading)

Raphael Geissert | 22 Apr 23:47 2014
Picon

[SECURITY] [DSA 2808-2] openjpeg regression update


-------------------------------------------------------------------------
Debian Security Advisory DSA-2808-2                   security <at> debian.org
http://www.debian.org/security/                          Raphael Geissert
April 22, 2014                         http://www.debian.org/security/faq
-------------------------------------------------------------------------

Package        : openjpeg

A regression in the decoding of chroma-subsampled images in OpenJPEG
was introduced by one of the patches for CVE-2013-6045. This update
fixes the regression.

For reference, the original text of DSA-2808-1 is reproduced below:

Several vulnerabilities have been discovered in OpenJPEG, a JPEG 2000
image library, that may lead to denial of service (CVE-2013-1447) via
application crash or high memory consumption, possible code execution
through heap buffer overflows (CVE-2013-6045), information disclosure
(CVE-2013-6052), or yet another heap buffer overflow that only appears
to affect OpenJPEG 1.3 (CVE-2013-6054).

For the oldstable distribution (squeeze), this problem has been fixed in
version 1.3+dfsg-4+squeeze3.

For the stable distribution (wheezy), this problem has been fixed in
version 1.3+dfsg-4.8.

We recommend that you upgrade your openjpeg packages.

(Continue reading)

security-alert | 23 Apr 01:09 2014
Picon

[security bulletin] HPSBMU03013 rev.1 - WMI Mapper for HP Systems Insight Manager running OpenSSL, Remote Disclosure of Information


Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04260385

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04260385
Version: 1

HPSBMU03013 rev.1 - WMI Mapper for HP Systems Insight Manager running
OpenSSL, Remote Disclosure of Information

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release Date: 2014-04-22
Last Updated: 2014-04-22

Potential Security Impact: Remote disclosure of information

Source: Hewlett-Packard Company, HP Software Security Response Team

VULNERABILITY SUMMARY
A potential security vulnerability has been identified with WMI Mapper for HP
Systems Insight Manager running OpenSSL. This is the OpenSSL vulnerability
known as "Heartbleed" which could be exploited remotely resulting in
disclosure of information.

References: CVE-2014-0160, SSRT101523
(Continue reading)

security-alert | 22 Apr 23:38 2014
Picon

[security bulletin] HPSBST03015 rev.1 - HP 3PAR OS running OpenSSL, Remote Disclosure of Information


Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04261644

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04261644
Version: 1

HPSBST03015 rev.1 - HP 3PAR OS running OpenSSL, Remote Disclosure of
Information

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release Date: 2014-04-22
Last Updated: 2014-04-22

Potential Security Impact: Remote disclosure of information

Source: Hewlett-Packard Company, HP Software Security Response Team

VULNERABILITY SUMMARY
A potential security vulnerability has been identified with HP 3PAR OS
running OpenSSL. This is the OpenSSL vulnerability known as "Heartbleed"
which could be exploited remotely resulting in disclosure of information.

References: CVE-2014-0160, SSRT101526

(Continue reading)

Apple Product Security | 22 Apr 22:59 2014
Picon

APPLE-SA-2014-04-22-4 AirPort Base Station Firmware Update 7.7.3


APPLE-SA-2014-04-22-4 AirPort Base Station Firmware Update 7.7.3

AirPort Base Station Firmware Update 7.7.3 is now available and
addresses the following:

Available for:
AirPort Extreme and AirPort Time Capsule base stations with 802.11ac
Impact:  An attacker in a privileged network position may obtain
memory contents
Description:  An out-of-bounds read issue existed in the OpenSSL
library when handling TLS heartbeat extension packets. An attacker in
a privileged network position could obtain information from process
memory. This issue was addressed through additional bounds checking.
Only AirPort Extreme and AirPort Time Capsule base stations with
802.11ac are affected, and only if they have Back to My Mac or Send
Diagnostics enabled. Other AirPort base stations are not impacted by
this issue.
CVE-ID
CVE-2014-0160 : Riku, Antti, and Matti of Codenomicon and Neel Mehta
of Google Security

Installation note for Firmware version 7.7.3

Firmware version 7.7.3 is installed on AirPort Extreme or AirPort
Time Capsule base stations with 802.11ac using AirPort Utility for
Mac or iOS.

Use AirPort Utility 6.3.1 or later on OS X, or AirPort Utility 1.3.1
or later on iOS to upgrade to Firmware version 7.7.3.
(Continue reading)

security-alert | 22 Apr 23:37 2014
Picon

[security bulletin] HPSBST03000 rev.1 - HP StoreEver ESL G3 Tape Library and Enterprise Library LTO-6 Tape Drives running OpenSSL, Remote Disclosure of Information


Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04260637

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04260637
Version: 1

HPSBST03000 rev.1 - HP StoreEver ESL G3 Tape Library and Enterprise Library
LTO-6 Tape Drives running OpenSSL, Remote Disclosure of Information

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release Date: 2014-04-22
Last Updated: 2014-04-22

Potential Security Impact: Remote disclosure of information

Source: Hewlett-Packard Company, HP Software Security Response Team

VULNERABILITY SUMMARY
A potential security vulnerability has been identified with HP StoreEver ESL
G3 Tape Library and Enterprise Library LTO-6 Tape Drives running OpenSSL.
This is the OpenSSL vulnerability known as "Heartbleed" which could be
exploited remotely resulting in disclosure of information.

References: CVE-2014-0160, SSRT101513
(Continue reading)

Apple Product Security | 22 Apr 20:14 2014
Picon

APPLE-SA-2014-04-22-2 iOS 7.1.1


APPLE-SA-2014-04-22-2 iOS 7.1.1

iOS 7.1.1 is now available and addresses the following:

CFNetwork HTTPProtocol
Available for:  iPhone 4 and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact:  An attacker in a privileged network position can obtain web
site credentials
Description:  Set-Cookie HTTP headers would be processed even if the
connection closed before the header line was complete. An attacker
could strip security settings from the cookie by forcing the
connection to close before the security settings were sent, and then
obtain the value of the unprotected cookie. This issue was addressed
by ignoring incomplete HTTP header lines.
CVE-ID
CVE-2014-1296 : Antoine Delignat-Lavaud of Prosecco at Inria Paris

IOKit Kernel
Available for:  iPhone 4 and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact:  A local user can read kernel pointers, which can be used to
bypass kernel address space layout randomization
Description:  A set of kernel pointers stored in an IOKit object
could be retrieved from userland. This issue was addressed through
removing the pointers from the object.
CVE-ID
CVE-2014-1320 : Ian Beer of Google Project Zero working with HP's
Zero Day Initiative
(Continue reading)

Apple Product Security | 22 Apr 20:14 2014
Picon

APPLE-SA-2014-04-22-3 Apple TV 6.1.1


APPLE-SA-2014-04-22-3 Apple TV 6.1.1

Apple TV 6.1.1 is now available and addresses the following:

Apple TV
Available for:  Apple TV 2nd generation and later
Impact:  An attacker in a privileged network position can obtain web
site credentials
Description:  Set-Cookie HTTP headers would be processed even if the
connection closed before the header line was complete. An attacker
could strip security settings from the cookie by forcing the
connection to close before the security settings were sent, and then
obtain the value of the unprotected cookie. This issue was addressed
by ignoring incomplete HTTP header lines.
CVE-ID
CVE-2014-1296 : Antoine Delignat-Lavaud of Prosecco at Inria Paris

Apple TV
Available for:  Apple TV 2nd generation and later
Impact:  A local user can read kernel pointers, which can be used to
bypass kernel address space layout randomization
Description:  A set of kernel pointers stored in an IOKit object
could be retrieved from userland. This issue was addressed through
removing the pointers from the object.
CVE-ID
CVE-2014-1320 : Ian Beer of Google Project Zero working with HP's
Zero Day Initiative

Apple TV
(Continue reading)


Gmane