Assessing risk for the July 2013 security updates

Today we released seven security bulletins addressing 34 CVE’s. Six bulletins have a maximum severity rating of Critical, and one has a maximum severity rating of Important. We hope that the table below helps you prioritize the deployment of the updates appropriately for your environment. Bulleti...

Schneider Electric Vijeo Citect, CitectSCADA, PowerLogic SCADA Vulnerability

Overview Schneider Electric has identified an XML external entity vulnerability in Vijeo Citect, CitectSCADA, and PowerLogic SCADA applications. Timur Yunusov, Alexey Osipov, and Ilya Karpov of Positive Technologies reported the vulnerability directly to Schneider Electric. Schneider Electric has...

[SCIP] Indentify, Enumerate & Execute Invisible ASP.net Controls

SCIP is an OWASP ZAP extension designed to assess the security of ASP.net and Mono applications, while abusing platform specific behaviors and misconfigurations. The extension currently supports the following features: Identify the existence of invisible, commented and disabled server side web...

Mitsubishi Electric Automation MX Component V3 ActiveX Vulnerability

OVERVIEW This advisory is a follow-up to the alert titled ICS-ALERT-13-091-01 Mitsubishi Electric Automation MX Buffer Overflow Vulnerability that was published April 1, 2013, on the ICS-CERT Web siteICSA-13-091-01, http://ics-cert.us-cert.gov/alerts/ICSA-13-091-01, last accessed May 20, 2013...

Wonderware Intelligence Tableau Server Ruby on Rails Improper Input Validation (Update A)

Overview This updated advisory was orignally posted to the US-CERT secure Portal library on February 5, 2013, and is now being released to the ICS-CERT Web page. Mitigation details for multiple vulnerabilities that impact third-party software integrated into the Invensys Wonderware Intelligence...

Microsoft Remote Desktop Protocol Memory Corruption Vulnerability

Overview ICS-CERT is aware of a public report of a Remote Desktop Protocol RDP vulnerability with proof-of-concept PoC exploit code affecting multiple Microsoft Windows operating systems. RDP is a proprietary protocol developed by Microsoft, which provides a user with a graphical interface to...

ABB Robot Communications Runtime Buffer Overflow

Overview ICS-CERT received a report from ABB and the Zero Day Initiative ZDI concerning a buffer overflow vulnerability in the Robot Communication Runtime software used to communicate with IRC5, IRC5C, and IRCP robot controllers. This vulnerability was reported to ZDI by independent security...

Cogent DataHub XSS and CRLF

Overview ICS-CERT is aware of a public report of multiple vulnerabilities in Cogent’s DataHub application. These vulnerabilities include cross-site scripting and an HTTP header injection vulnerability, also known as a carriage return line feed. According to the report, Cogent Real-Times Systems...

Oracle Leaves Fix for Java SE Zero Day Until February Patch Update

Oracle will not patch a critical sandbox escape vulnerability in Java SE versions 5, 6 and 7 until its February Critical Patch Update, according to the researcher who discovered the flaw. Adam Gowdiak of Polish security firm Security Explorations told Threatpost via email that Oracle said it was...

SuSE 10 Security Update : clamav (ZYPP Patch Number 8200)

The following issue has been fixed : - Viruses contained in specially crafted tar or CHM files could have evaded detection by clamav. CVE-2012-1457 / CVE-2012-1458 / CVE-2012-1459 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...

Innominate MGuard Weak HTTPS and SSH Keys

Overview An independent research group comprised of Nadia Heninger, Zakir Durumeric, Eric Wustrow, and J. Alex Halderman identified an insufficient entropy vulnerability in Innominate’s mGuard network appliance product line. By impersonating the device, an attacker can obtain the credentials of...

Cisco Security Advisory: Cisco Cius Denial of Service Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Cisco Cius Denial of Service Vulnerability Advisory ID: cisco-sa-20120229-cius Revision 1.0 For Public Release 2012 February 29 16:00 UTC GMT +-------------------------------------------------------------------- Summary...

Fedora 15 : tremulous-1.2.0-0.4.beta1.fc15 (2012-2405)

Fixes CVE-2011-2764 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable...

RuggedCom Weak Cryptography for Password Vulnerability

Overview --------- Begin Update A Part 1 of 2 -------- This is an update to the original advisory titled ICSA-12-146-01—RuggedCom Weak Cryptography for Password Vulnerability that was published May 25, 2012, on the ICS-CERT Web page. Independent researcher Justin W. Clarke identified a default...

Progea Movicon Memory Corruption Vulnerability

Overview Security researcher Dillon Beresford of IXIAhttp://www.ixiacom.com/, website last accessed May 10, 2012. has identified a memory corruption vulnerability in the Progea Movicon application. This vulnerability can be exploited by a remote attacker; however, no public exploits are currently...

[CAL-2012-0004] opera array integer overflow

CAL-2012-0004 opera array integer overflow 1 Affected Products ================= 11.60 and prior 2 Vulnerability Details ===================== Code Audit Labs http://www.vulnhunt.com has discovered a integer overflow vulnerability in array functions like Int32Array,Int16Array... . Opear vendor sa...

sudo 1.8.0 < 1.8.3p1 - Format String

Phenoelit Advisory Authors joernchen Phenoelit Group http://www.phenoelit.de Affected Products sudo 1.8.0 - 1.8.3p1 http://sudo.ws Vendor communication 2012-01-24 Send vulnerability details to sudo maintainer 2012-01-24 Maintainer is embarrased 2012-01-27 Asking maintainer how the fixing goes...

Symantec Endpoint Protection Manager Cross-Site Request Forgery and Cross-Site Scripting

SUMMARY Symantec Endpoint Protection Manager 12.1 web console is susceptible to cross-site scripting and cross-site request forgery that could potentially lead to arbitrary code execution. AFFECTED PRODUCTS Product | Version | Build | Solutions ---|---|---|--- Symantec Endpoint Protection | 12.1 ...

Oracle WebLogic Portal Elevation of Privilege (CVE-2008-5462)

According to its self-reported banner, the version of Oracle WebLogic Server running on the remote host is affected by an unspecified privilege elevation vulnerability in the portal component that could be exploited remotely. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

Ecava IntegraXor SQL

Overview ICS-CERT has received a report from independent security researcher Dan Rosenberg with Virtual Security Research VSR of an unauthenticated Structured Query Language SQL vulnerability in the Ecava IntegraXor human machine interface HMI product that could allow data leakage, data...