Before It Bytes!

Vulnerability Roundup

Another week, another Adobe security problem, this time in Adobe’s Download Manager.  The Adobe Download Manager (DLM) used to download updates from Adobe’s site, but Aviv Raff discovered a vulnerability which would force the Download Manager to download a file of an attacker’s choosing.  DLM is supposed to remove itself from a system after a reboot, but as Aviv points out this is still a dangerous problem.  In what may be their quickest turnaround that I can remember, Adobe has released a patch and an advisory.

Mozilla released Firefox 3.5.8 and 3.0.18 which fix multiple vulnerabilities, but the same day Intevydis dropped 0-day for Firefox 3.6 for the VulnDisco add-on for Immunity’s Canvas. There seems to be some debate on the validity of the exploit, so keep that in mind.  It does not appear that Mozilla has officially responded to this yet or provided a patch.

Cisco has released a trio of advisories for Firewall Services Modules, ASA 5500 appliances and the Cisco Security Agent. The FWSM advisory is for a DoS attack when Skinny Client Control Protocol inspection is enabled.  The ASA and Security advisories both list multiple vulnerabilities, including SQLi, DoS, and Auth Bypass.

Updates are also available for OpenOffice and Google’s Picasa to close holes in file handling bugs among other vulnerabilites.

In other vulnerability news, 2X Software, who sell thin client/server/terminal software appear to have become accidental security researchers, as they claim to have found a vulnerability in Windows (according to them Windowas 2000 and up) which can be exploited for a DoS.  There is controversy around this, as other security researchers (non-accidental ones) argue that the same can be done without an exploit, and that the announcement is a publicity stunt and Microsoft appears to have this listed more as a bug than a feature, er vulnerability.  I’ve provided a few links so you can decide for yourself.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.