From security em unicamp.br Fri Apr 4 15:24:23 2008 From: security em unicamp.br (CSIRT - UNICAMP) Date: Fri, 4 Apr 2008 15:24:23 -0300 Subject: [SECURITY-L] US-CERT Technical Cyber Security Alert TA08-094A -- Apple Updates for Multiple Vulnerabilities Message-ID: <20080404182418.GA45681@unicamp.br> ----- Forwarded message from US-CERT Technical Alerts ----- From: US-CERT Technical Alerts Subject: US-CERT Technical Cyber Security Alert TA08-094A -- Apple Updates for Multiple Vulnerabilities To: technical-alerts em us-cert.gov Date: Thu, 3 Apr 2008 15:54:03 -0400 Organization: US-CERT - +1 202-205-5266 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA08-094A Apple Updates for Multiple Vulnerabilities Original release date: April 3, 2008 Last revised: -- Source: US-CERT Systems Affected * Apple Mac OS X running versions of QuickTime prior to 7.4.5 * Microsoft Windows running versions of QuickTime prior to 7.4.5 Overview Apple QuickTime contains multiple vulnerabilities as described in the Apple Knowledgebase article HT1241. Exploitation of these vulnerabilities could allow a remote attacker to execute arbitrary code or cause a denial-of-service condition. I. Description Apple QuickTime 7.4.5 vulnerabilities in the way different types of image and media files are handled. An attacker could exploit these vulnerabilities by convincing a user to access a specially crafted image or media file that could be hosted on a web page. Note that Apple iTunes installs QuickTime, so any system with iTunes may be vulnerable. II. Impact These vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial-of-service condition. For further information, please see Apple knowledgebase article HT1241 about the security content of QuickTime 7.4.5 III. Solution Upgrade QuickTime Upgrade to QuickTime 7.4.5. This and other updates for Mac OS X are available via Apple Update. Secure your web browser To help mitigate these and other vulnerabilities that can be exploited via a web browser, refer to Securing Your Web Browser. References * About the security content of the QuickTime 7.4.5 Update - * How to tell if Software Update for Windows is working correctly when no updates are available - * Apple - QuickTime - Download - * Mac OS X: Updating your software - * Securing Your Web Browser - _________________________________________________________________ The most recent version of this document can be found at: _________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to with "TA08-094A Feedback VU#931547" in the subject. _________________________________________________________________ For instructions on subscribing to or unsubscribing from this mailing list, visit . _________________________________________________________________ Produced 2008 by US-CERT, a government organization. Terms of use: ____________________________________________________________________ Revision History April 3, 2008: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iQEVAwUBR/UvJvRFkHkM87XOAQIyFAf/RbzzemNIgWIg5js5px9a+1gdaGHxvu/5 SMLzPniRUcOHyKha655bTQSzmZ4bT/j2x24u8NYbZyiWcYphzFmrNTjHCEMs++QP iTRymTYMC1CthV7J2uFpvNGa9UrIcVmeSJjWJcVw7xdOi2JrcD3pHU62bN0aFNsX Qtm7w1SlYP0+1y7YzMNP1ZsbCsKBmRfs45x4U8AivZJ6Bewh5uUc0Ic8PGSeLSsA HUXUQW/ddJREf1TBqgTlDchPHH4s9W4DbjGEdApsIYQJUWOjvZBSeGNzOz4eRpT+ WwDoxQDkBYn7T/ooofDh49L30s5dL4PTvnrb6Btnxr5M0wxduAKOrA== =cONM -----END PGP SIGNATURE----- ----- End forwarded message ----- From security em unicamp.br Fri Apr 4 15:30:24 2008 From: security em unicamp.br (CSIRT - UNICAMP) Date: Fri, 4 Apr 2008 15:30:24 -0300 Subject: [SECURITY-L] HEADS UP: FreeBSD 5.5, 6.1, and 6.2 EoLs coming soon Message-ID: <20080404183022.GB45681@unicamp.br> Subject: HEADS UP: FreeBSD 5.5, 6.1, and 6.2 EoLs coming soon To: freebsd security , FreeBSD Stable Cc: Date: Tue, 01 Apr 2008 12:47:06 -0400 Organization: FreeBSD Project -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello Everyone, On May 31st, FreeBSD 5.5, FreeBSD 6.1, and FreeBSD 6.2 will have reached their End of Life and will no longer be supported by the FreeBSD Security Team. Since FreeBSD 5.5 is the last remaining supported release from the FreeBSD 5.x stable branch, support for the FreeBSD 5.x stable branch will also cease at the same point. Users of any of these FreeBSD releases are strongly encouraged to upgrade to either FreeBSD 6.3 or FreeBSD 7.0 before that date. Please note that the End of Life dates for FreeBSD 5.5 and FreeBSD 6.1 were announced in May 2006; and the End of Life for FreeBSD 6.2, which was originally announced as January 31, 2008, has been extended by four months in order to allow time for users to upgrade. The FreeBSD Ports Management Team wishes to inform users that May 31st (the security team's End-Of-Support date for FreeBSD 5.x) will also be the end of support for the Ports Collection on both 5.5-RELEASE and the 5-STABLE branch. Neither the infrastructure nor individual ports are guaranteed to work on these FreeBSD versions after that date. A CVS tag will be created for users who cannot upgrade for some reason; as of that commit, these users are advised to stop tracking the latest ports CVS repository and instead stay with the version as of that tag. The current supported branches and expected EoL dates are: +---------------------------------------------------------------------+ | Branch | Release | Type | Release date | Estimated EoL | |-----------+------------+--------+-----------------+-----------------| |RELENG_5 |n/a |n/a |n/a |May 31, 2008 | |-----------+------------+--------+-----------------+-----------------| |RELENG_5_5 |5.5-RELEASE |Extended|May 25, 2006 |May 31, 2008 | |-----------+------------+--------+-----------------+-----------------| |RELENG_6 |n/a |n/a |n/a |last release + 2y| |-----------+------------+--------+-----------------+-----------------| |RELENG_6_1 |6.1-RELEASE |Extended|May 9, 2006 |May 31, 2008 | |---------------------------------------------------------------------| |RELENG_6_2 |6.2-RELEASE |Normal |January 15, 2007 |May 31, 2008 | |---------------------------------------------------------------------| |RELENG_6_3 |6.3-RELEASE |Extended|January 18, 2008 |January 31, 2010 | |---------------------------------------------------------------------| |RELENG_7 |n/a |n/a |n/a |last release + 2y| |-----------+------------+--------+-----------------+-----------------| |RELENG_7_0 |7.0-RELEASE |Normal |February 27, 2008|February 28, 2009| +---------------------------------------------------------------------+ Colin Percival FreeBSD Security Officer P.S. For clarity, this is NOT an April Fool's joke. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (FreeBSD) iD8DBQFH8mcKFdaIBMps37IRAjHXAJ9d8S7/4jP67tYi3Xei50lAaLKOdgCdEzk7 g/0WMldtV+8+zNySWP55/YQ= =osJi -----END PGP SIGNATURE----- _______________________________________________ freebsd-stable em freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscribe em freebsd.org" ----- End forwarded message ----- From security em unicamp.br Wed Apr 9 09:16:46 2008 From: security em unicamp.br (CSIRT - UNICAMP) Date: Wed, 9 Apr 2008 09:16:46 -0300 Subject: [SECURITY-L] US-CERT Technical Cyber Security Alert TA08-099A -- Microsoft Updates for Multiple Vulnerabilities Message-ID: <20080409121645.GA47571@unicamp.br> ----- Forwarded message from US-CERT Technical Alerts ----- From: US-CERT Technical Alerts Subject: US-CERT Technical Cyber Security Alert TA08-099A -- Microsoft Updates for Multiple Vulnerabilities To: technical-alerts em us-cert.gov Date: Tue, 8 Apr 2008 14:56:20 -0400 Organization: US-CERT - +1 202-205-5266 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA08-099A Microsoft Updates for Multiple Vulnerabilities Original release date: April 8, 2008 Last revised: -- Source: US-CERT Systems Affected * Microsoft Windows * Microsoft Internet Explorer * Microsoft Office Overview Microsoft has released updates that address vulnerabilities in Microsoft Windows, Internet Explorer, and Office. I. Description Microsoft has released updates to address vulnerabilities that affect Microsoft Windows, Internet Explorer, and Office as part of the Microsoft Security Bulletin Summary for April 2008. The most severe vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code. For more information, see the US-CERT Vulnerability Notes Database. II. Impact A remote, unauthenticated attacker could execute arbitrary code, gain elevated privileges, or cause a denial of service. III. Solution Apply updates from Microsoft Microsoft has provided updates for these vulnerabilities in the April 2008 security bulletin. The security bulletin describes any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. Administrators should consider using an automated update distribution system such as Windows Server Update Services (WSUS). IV. References * US-CERT Vulnerability Notes for Microsoft April 2008 updates - * Microsoft Security Bulletin Summary for April 2008 - * Microsoft Update - * Windows Server Update Services - ____________________________________________________________________ The most recent version of this document can be found at: ____________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to with "TA08-099A Feedback VU#155563" in the subject. ____________________________________________________________________ For instructions on subscribing to or unsubscribing from this mailing list, visit . ____________________________________________________________________ Produced 2008 by US-CERT, a government organization. Terms of use: ____________________________________________________________________ Revision History April 8, 2008: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iQEVAwUBR/u+e/RFkHkM87XOAQLyOAf/ZXYKdLFP8Rukf+SxCdIIAmWnyQMrbPNA 4bEXLy33ExdNe3hCcO4i8AvlxPm6dvzrWR7GDnxr4lwV9jly5QKJ17+cpQpZ5pBt 5lYYOgoRC60IhagH2qYSEieLbMIvlecnUq0DJGWJuD+MBRVEVPDGKqJCsMt7CORS FgxUQdfFMmv6kZ/JrJ2+x95eUAKBI8vwnggncsZ3z4zYbBuFWWZa6xbNL0O4G+VQ RcSzpTbi8V7Z2QBkHRJ4PmMQX0zA2VC9/t5kzdaCmmj3lByILFsQxIITq7BHJ3wp PbPkCcuxw5lcmDaEP0KUSZqPzsYgc1w0euHNmcNv7foUxrpWe42zXw== =cDS2 -----END PGP SIGNATURE----- ----- End forwarded message ----- From security em unicamp.br Wed Apr 9 09:17:10 2008 From: security em unicamp.br (CSIRT - UNICAMP) Date: Wed, 9 Apr 2008 09:17:10 -0300 Subject: [SECURITY-L] CAIS-Alerta: Vulnerabilidade no Microsoft Project (MS08-018) Message-ID: <20080409121709.GB47571@unicamp.br> ----- Forwarded message from Centro de Atendimento a Incidentes de Seguranca ----- From: Centro de Atendimento a Incidentes de Seguranca Subject: CAIS-Alerta: Vulnerabilidade no Microsoft Project (MS08-018) To: pop-seg em cais.rnp.br, rnp-alerta em cais.rnp.br, rnp-seg em cais.rnp.br Date: Tue, 8 Apr 2008 17:13:59 -0300 (BRT) -----BEGIN PGP SIGNED MESSAGE----- Prezados, O CAIS esta' repassando o alerta da Microsoft, intitulado "MS08-018 - Critical Vulnerability in Microsoft Project Could Allow Remote Code Execution (950183) ", que trata de uma vulnerabilidade recem-descoberta no Microsoft Office Project. A vulnerabilidade de execucao remota de codigo existe devido `a maneira impropria como o Microsoft Project valida recursos de memoria quando um arquivo do tipo Microsoft Project e' aberto. Caso um atacante consiga explorar com sucesso esta vulnerabilidade, ele podera obter o controle total sobre o sistema afetado. Entretanto, caso o usuario conectado no momento do ataque tenha menos privilegios, o impacto pode ser menor. A Microsoft considera esta vulnerabilidade como sendo critica e recomenda que todos os usuarios apliquem as correcoes imediatamente. Sistemas afetados: . Microsoft Project 2000 Service Release 1 . Microsoft Project 2002 Service Pack 1 . Microsoft Project 2003 Service Pack 2 Correcoes disponiveis: Recomenda-se fazer a atualizacao para as versoes disponiveis em : . Microsoft Project 2000 Service Release 1 http://www.microsoft.com/downloads/details.aspx?FamilyId=fbe46241-b9da-40c6-803d-42eb6234be77 . Microsoft Project 2002 Service Pack 1 http://www.microsoft.com/downloads/details.aspx?FamilyId=07a90718-6597-426d-9dca-a336d60c01b8 . Microsoft Project 2003 Service Pack 2 http://www.microsoft.com/downloads/details.aspx?FamilyId=aaba07d6-e972-4e85-bccd-406aa2c4a4f4 Mais informacoes: . MS08-018 - Critical Vulnerability in Microsoft Project Could Allow Remote Code Execution (950183) http://www.microsoft.com/technet/security/Bulletin/MS08-018.mspx . Microsoft Brasil Security http://www.microsoft.com/brasil/security . SANS ISC Handler's Diary 2008-04-08: April 2008 - Black Tuesday Overview http://www.isc.sans.org/diary.html?storyid=4264 . Technet Brasil - Central de Seguranca http://www.technetbrasil.com.br/seguranca . Windows Live OneCare http://safety.live.com/site/pt-BR/default.htm Identificador CVE (http://cve.mitre.org): CVE-2008-1088 O CAIS recomenda que os administradores mantenham seus sistemas e aplicativos sempre atualizados, de acordo com as ultimas versoes e correcoes oferecidas pelos fabricantes. Os Alertas do CAIS tambem sao oferecidos no formato RSS/RDF: http://www.rnp.br/cais/alertas/rss.xml Atenciosamente, ################################################################ # CENTRO DE ATENDIMENTO A INCIDENTES DE SEGURANCA (CAIS) # # Rede Nacional de Ensino e Pesquisa (RNP) # # # # cais em cais.rnp.br http://www.cais.rnp.br # # Tel. 019-37873300 Fax. 019-37873301 # # Chave PGP disponivel http://www.rnp.br/cais/cais-pgp.key # ################################################################ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (GNU/Linux) Comment: Made with pgp4pine 1.76 iQCVAwUBR/vSFOkli63F4U8VAQEvrwP/SfPn6OMWrFmmbqSg3rcxuoBWGw+8+sTo iZK0chMpDPmBjswWGYiyM/gmOYkNg5MyhSrWlW8HgaAJXJ6eUbX0Yan5kuB1DIGr uLe7d9a/FrWOj4auzGCBHf+3Wx9LiYc3S0iWhS6nod2e3qTNNa4sllEJo0Xe4IRj YlYpb2FIS+I= =UE4n -----END PGP SIGNATURE----- ----- End forwarded message ----- From security em unicamp.br Wed Apr 9 09:17:34 2008 From: security em unicamp.br (CSIRT - UNICAMP) Date: Wed, 9 Apr 2008 09:17:34 -0300 Subject: [SECURITY-L] CAIS-Alerta: Vulnerabilidades no Microsoft Visio (MS08-019) Message-ID: <20080409121733.GC47571@unicamp.br> ----- Forwarded message from Centro de Atendimento a Incidentes de Seguranca ----- From: Centro de Atendimento a Incidentes de Seguranca Subject: CAIS-Alerta: Vulnerabilidades no Microsoft Visio (MS08-019) To: pop-seg em cais.rnp.br, rnp-alerta em cais.rnp.br, rnp-seg em cais.rnp.br Date: Tue, 8 Apr 2008 17:15:36 -0300 (BRT) -----BEGIN PGP SIGNED MESSAGE----- Prezados, O CAIS esta' repassando o alerta da Microsoft, intitulado "MS08-019 - Important Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (949032)", que trata de duas vulnerabilidades recem-descobertas no Microsoft Visio. As vulnerabilidades de execucao remota de codigo existem devido `a maneira impropria como o Windows Microsoft Visio valida alocacoes de memoria e cabecalhos de dados em arquivos Microsoft Visio quando estes sao abertos. Caso um atacante consiga explorar com sucesso alguma destas vulnerabilidades, ele podera obter o controle total sobre o sistema afetado. Entretanto, caso um usuario com poucos privilegios esteja registrado no sistema no momento do ataque, o impacto do ataque pode ser menor do que se o usuario em uso operasse com mais privilegios administrativos no sistema Sistemas afetados: . Microsoft Visio 2002 Service Pack 2 parte do pacote Microsoft Office XP Service Pack 2 . Microsoft Visio 2003 Service Pack 2 parte do pacote Microsoft Office 2003 Service Pack 2 . Microsoft Visio 2003 Service Pack 3 parte do pacote Microsoft Office 2003 Service Pack 3 . Microsoft Visio 2007 parte do pacote 2007 Microsoft Office System . Microsoft Visio 2007 Service Pack 1 parte do pacote 2007 Microsoft Office System Service Pack 1 Correcoes disponiveis: Recomenda-se fazer a atualizacao para as versoes disponiveis em : . Microsoft Visio 2002 Service Pack 2 parte do pacote Microsoft Office XP Service Pack 2 http://www.microsoft.com/downloads/details.aspx?FamilyId=0056a936-def5-40fa-bcfc-0ab0dd5c3964 . Microsoft Visio 2003 Service Pack 2 parte do pacote Microsoft Office 2003 Service Pack 2 http://www.microsoft.com/downloads/details.aspx?FamilyId=18af0ce6-99a0-4471-8d26-9700a8a8e631 . Microsoft Visio 2003 Service Pack 3 parte do pacote Microsoft Office 2003 Service Pack 3 http://www.microsoft.com/downloads/details.aspx?FamilyId=18af0ce6-99a0-4471-8d26-9700a8a8e631 . Microsoft Visio 2007 parte do pacote 2007 Microsoft Office System http://www.microsoft.com/downloads/details.aspx?FamilyId=0510a1bb-b464-452c-900f-7f4e58ed9c7e . Microsoft Visio 2007 Service Pack 1 parte do pacote 2007 Microsoft Office System Service Pack 1 http://www.microsoft.com/downloads/details.aspx?FamilyId=0510a1bb-b464-452c-900f-7f4e58ed9c7e Mais informacoes: . MS08-019 - Important Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (949032) http://www.microsoft.com/technet/security/Bulletin/MS08-019.mspx . Microsoft Brasil Security http://www.microsoft.com/brasil/security . SANS ISC Handler's Diary 2008-04-08: April 2008 - Black Tuesday Overview http://www.isc.sans.org/diary.html?storyid=4264 . Technet Brasil - Central de Seguranca http://www.technetbrasil.com.br/seguranca . Windows Live OneCare http://safety.live.com/site/pt-BR/default.htm Identificador CVE (http://cve.mitre.org): CVE-2008-1089, CVE-2008-1090 O CAIS recomenda que os administradores mantenham seus sistemas e aplicativos sempre atualizados, de acordo com as ultimas versoes e correcoes oferecidas pelos fabricantes. Os Alertas do CAIS tambem sao oferecidos no formato RSS/RDF: http://www.rnp.br/cais/alertas/rss.xml Atenciosamente, ################################################################ # CENTRO DE ATENDIMENTO A INCIDENTES DE SEGURANCA (CAIS) # # Rede Nacional de Ensino e Pesquisa (RNP) # # # # cais em cais.rnp.br http://www.cais.rnp.br # # Tel. 019-37873300 Fax. 019-37873301 # # Chave PGP disponivel http://www.rnp.br/cais/cais-pgp.key # ################################################################ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (GNU/Linux) Comment: Made with pgp4pine 1.76 iQCVAwUBR/vSbukli63F4U8VAQGqTQQAlQGe2M04YBvx5Kkc4HQLMX7qTuA5KoNC 6/XU37UVzlKGXzkJjV2I+JLg32HteVjsYbEGnlRxUGAsoLVH4vl45LmXFEliNyoY uLe10oDl2JX9lPWbjJieVeNi6YlYp3JT4y7WWTYpgvuR7/9iV3Bs9aDJWZ04xEG4 bGT1t7KzHYc= =zT/m -----END PGP SIGNATURE----- ----- End forwarded message ----- From security em unicamp.br Wed Apr 9 09:17:59 2008 From: security em unicamp.br (CSIRT - UNICAMP) Date: Wed, 9 Apr 2008 09:17:59 -0300 Subject: [SECURITY-L] CAIS-Alerta: Vulnerabilidade no Cliente DNS (MS08-020) Message-ID: <20080409121758.GD47571@unicamp.br> ----- Forwarded message from Centro de Atendimento a Incidentes de Seguranca ----- From: Centro de Atendimento a Incidentes de Seguranca Subject: CAIS-Alerta: Vulnerabilidade no Cliente DNS (MS08-020) To: pop-seg em cais.rnp.br, rnp-alerta em cais.rnp.br, rnp-seg em cais.rnp.br Date: Tue, 8 Apr 2008 17:16:28 -0300 (BRT) -----BEGIN PGP SIGNED MESSAGE----- Prezados, O CAIS esta' repassando o alerta da Microsoft, intitulado "MS08-020 - Important Vulnerability in DNS Client Could Allow Spoofing (945553)", que trata de uma vulnerabilidade recem-descoberta nos clientes de DNS do Windows. A vulnerabilidade existe devido `a insuficiente aleatoriedade utilizada na escolha de valores para as transacoes DNS quando uma consulta deste tipo e' realizada. Caso um atacante consiga explorar com sucesso esta vulnerabilidade, ele podera impersonalizar ou redirecionar para maquinas ilegitimas o trafego de internet do sistema. Sistemas afetados: . Microsoft Windows 2000 Service Pack 4 . Windows XP Service Pack 2 . Windows XP Professional x64 Edition . Windows XP Professional x64 Edition Service Pack 2 . Windows Server 2003 Service Pack 1 . Windows Server 2003 Service Pack 2 . Windows Server 2003 x64 Edition . Windows Server 2003 x64 Edition Service Pack 2 . Windows Server 2003 com SP1 para Sistemas baseados em Itanium . Windows Server 2003 com SP2 para Sistemas baseados em Itanium . Windows Vista . Windows Vista x64 Edition Correcoes disponiveis: Recomenda-se fazer a atualizacao para as versoes disponiveis em : . Microsoft Windows 2000 Service Pack 4 http://www.microsoft.com/downloads/details.aspx?FamilyId=41326ade-96b6-47ce-9291-d4e3039471c4 . Windows XP Service Pack 2 http://www.microsoft.com/downloads/details.aspx?FamilyID=893f4cef-0395-4c44-ba28-7a10b6e7dd48 . Windows XP Professional x64 Edition http://www.microsoft.com/downloads/details.aspx?FamilyID=8fdd1207-6e93-4c43-bacc-fe3623a6ebe7 . Windows XP Professional x64 Edition Service Pack 2 http://www.microsoft.com/downloads/details.aspx?FamilyID=8fdd1207-6e93-4c43-bacc-fe3623a6ebe7 . Windows Server 2003 Service Pack 1 http://www.microsoft.com/downloads/details.aspx?FamilyId=214bd8f5-6eb2-414c-b013-c516a306d692 . Windows Server 2003 Service Pack 2 http://www.microsoft.com/downloads/details.aspx?FamilyId=214bd8f5-6eb2-414c-b013-c516a306d692 . Windows Server 2003 x64 Edition http://www.microsoft.com/downloads/details.aspx?FamilyId=fd123394-a5d6-4b55-be74-2938f52ce922 . Windows Server 2003 x64 Edition Service Pack 2 http://www.microsoft.com/downloads/details.aspx?FamilyId=fd123394-a5d6-4b55-be74-2938f52ce922 . Windows Server 2003 com SP1 para Sistemas baseados em Itanium http://www.microsoft.com/downloads/details.aspx?FamilyId=e0e63f03-904d-47ee-94fc-51a8dea668eb . Windows Server 2003 com SP2 para Sistemas baseados em Itanium http://www.microsoft.com/downloads/details.aspx?FamilyId=e0e63f03-904d-47ee-94fc-51a8dea668eb . Windows Vista http://www.microsoft.com/downloads/details.aspx?FamilyID=8203d303-c855-4579-9bbf-b06ddf5c1b87 . Windows Vista x64 Edition http://www.microsoft.com/downloads/details.aspx?FamilyID=73f3a234-3973-4467-be7e-69efa7ee978c Mais informacoes: . MS08-020 - Important Vulnerability in DNS Client Could Allow Spoofing (945553) http://www.microsoft.com/technet/security/Bulletin/MS08-020.mspx . Microsoft Brasil Security http://www.microsoft.com/brasil/security . SANS ISC Handler's Diary 2008-04-08: April 2008 - Black Tuesday Overview http://www.isc.sans.org/diary.html?storyid=4264 . Technet Brasil - Central de Seguranca http://www.technetbrasil.com.br/seguranca . Windows Live OneCare http://safety.live.com/site/pt-BR/default.htm Identificador CVE (http://cve.mitre.org): CVE-2008-0087 O CAIS recomenda que os administradores mantenham seus sistemas e aplicativos sempre atualizados, de acordo com as ultimas versoes e correcoes oferecidas pelos fabricantes. Os Alertas do CAIS tambem sao oferecidos no formato RSS/RDF: http://www.rnp.br/cais/alertas/rss.xml Atenciosamente, ################################################################ # CENTRO DE ATENDIMENTO A INCIDENTES DE SEGURANCA (CAIS) # # Rede Nacional de Ensino e Pesquisa (RNP) # # # # cais em cais.rnp.br http://www.cais.rnp.br # # Tel. 019-37873300 Fax. 019-37873301 # # Chave PGP disponivel http://www.rnp.br/cais/cais-pgp.key # ################################################################ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (GNU/Linux) Comment: Made with pgp4pine 1.76 iQCVAwUBR/vSoekli63F4U8VAQF49QQAmsOtumN2+/0l7xDQ9oC7qPIlXw3e14Nd RPfIUeRiYXJ4kV0b7+7Ph9iddjm0AkkvBl/Wh3pLRhmnzbArgkvCjSDaNyF/sLKP K9WQljOvJ2GhxMfU8u0K6BVolbTLWg9utqkqBfYPs4QqdYtN+In0pWhhz2T82xCX NWVM8MsK4uU= =5pgq -----END PGP SIGNATURE----- ----- End forwarded message ----- From security em unicamp.br Wed Apr 9 09:18:27 2008 From: security em unicamp.br (CSIRT - UNICAMP) Date: Wed, 9 Apr 2008 09:18:27 -0300 Subject: [SECURITY-L] CAIS-Alerta: Vulnerabilidade no GDI (MS08-021) Message-ID: <20080409121826.GE47571@unicamp.br> ----- Forwarded message from Centro de Atendimento a Incidentes de Seguranca ----- From: Centro de Atendimento a Incidentes de Seguranca Subject: CAIS-Alerta: Vulnerabilidade no GDI (MS08-021) To: pop-seg em cais.rnp.br, rnp-alerta em cais.rnp.br, rnp-seg em cais.rnp.br Date: Tue, 8 Apr 2008 17:17:05 -0300 (BRT) -----BEGIN PGP SIGNED MESSAGE----- Prezados, O CAIS esta' repassando o alerta da Microsoft, intitulado "MS08-021 - Vulnerability in GDI Could Allow Remote Code Execution (948590)", que trata de duas vulnerabilidades identificadas na biblioteca GDI (Graphics Rendering Engine). A primeira vulnerabilidade afeta as funcoes que executam calculos numericos ao tentar abrir arquivos de imagem no formato EMF ou WMF. A segunda vulnerabilidade e' causada por um erro de estouro de buffer ao tentar abrir arquivos de imagem no formato EMF. Ambas vulnerabilidades podem ser exploradas se o usuario for convencido a abrir um arquivo especialmente criado, permitindo ao atacante executar codigo malicioso no sistema vulneravel, com as mesmas permissoes do usuario conectado. Se o usuario tiver permissoes de administrador, o atacante podera obter o controle total sobre o sistema. Sistemas afetados: . Microsoft Windows 2000 Service Pack 4 . Microsoft Windows XP Service Pack 2 . Microsoft Windows XP Professional x64 Edition . Microsoft Windows XP Professional x64 Edition Service Pack 2 . Microsoft Windows Server 2003 Service Pack 1 . Microsoft Windows Server 2003 Service Pack 2 . Microsoft Windows Server 2003 x64 Edition . Microsoft Windows Server 2003 x64 Edition Service Pack 2 . Microsoft Windows Server 2003 com Service Pack 1 para sistemas baseados em Itanium . Microsoft Windows Server 2003 com Service Pack 2 para sistemas baseados em Itanium . Windows Vista . Windows Vista Service Pack 1 . Windows Vista x64 Edition . Windows Vista x64 Edition Service Pack 1 . Windows Server 2008 para sistemas 32-bits . Windows Server 2008 para sistemas x64 . Windows Server 2008 para sistemas baseados em Itanium Correcoes disponiveis: Recomenda-se fazer a atualizacao para as versoes disponiveis em : . Microsoft Windows 2000 Service Pack 4 http://www.microsoft.com/downloads/details.aspx?familyid=caac000a-22b6-48cb-aa00-1a0bfe886de2 . Microsoft Windows XP Service Pack 2 http://www.microsoft.com/downloads/details.aspx?familyid=c2763dd8-a03e-4a48-aa86-a7ec00250a7a . Microsoft Windows XP Professional x64 Edition http://www.microsoft.com/downloads/details.aspx?familyid=166f2ab5-913c-47a9-86fe-b814797b751e . Microsoft Windows XP Professional x64 Edition Service Pack 2 http://www.microsoft.com/downloads/details.aspx?familyid=166f2ab5-913c-47a9-86fe-b814797b751e . Microsoft Windows Server 2003 Service Pack 1 http://www.microsoft.com/downloads/details.aspx?familyid=bee91d80-d49a-4d3d-82d6-d5aa63f54979 . Microsoft Windows Server 2003 Service Pack 2 http://www.microsoft.com/downloads/details.aspx?familyid=bee91d80-d49a-4d3d-82d6-d5aa63f54979 . Microsoft Windows Server 2003 x64 Edition http://www.microsoft.com/downloads/details.aspx?familyid=e3dde449-e062-4ce0-a9f4-433bff23e224 . Microsoft Windows Server 2003 x64 Edition Service Pack 2 http://www.microsoft.com/downloads/details.aspx?familyid=e3dde449-e062-4ce0-a9f4-433bff23e224 . Microsoft Windows Server 2003 com Service Pack 1 para sistemas baseados em Itanium http://www.microsoft.com/downloads/details.aspx?familyid=7886a802-f2b5-489c-b14b-631f4c4c0742 . Microsoft Windows Server 2003 com Service Pack 2 para sistemas baseados em Itanium http://www.microsoft.com/downloads/details.aspx?familyid=7886a802-f2b5-489c-b14b-631f4c4c0742 . Windows Vista http://www.microsoft.com/downloads/details.aspx?familyid=9b51deb8-3873-4146-977f-7e3d0840a4c5 . Windows Vista Service Pack 1 http://www.microsoft.com/downloads/details.aspx?familyid=9b51deb8-3873-4146-977f-7e3d0840a4c5 . Windows Vista x64 Edition http://www.microsoft.com/downloads/details.aspx?familyid=4ad6dcd1-6ea5-43bf-8bee-a5f507beadc6 . Windows Vista x64 Edition Service Pack 1 http://www.microsoft.com/downloads/details.aspx?familyid=4ad6dcd1-6ea5-43bf-8bee-a5f507beadc6 . Windows Server 2008 para sistemas 32-bits http://www.microsoft.com/downloads/details.aspx?familyid=006d5c47-53e6-4ee1-932c-497611804938 . Windows Server 2008 para sistemas x64 http://www.microsoft.com/downloads/details.aspx?familyid=b7771a4a-4e4f-48d1-8551-bb8b778ca5a7 . Windows Server 2008 para sistemas baseados em Itanium http://www.microsoft.com/downloads/details.aspx?familyid=b7771a4a-4e4f-48d1-8551-bb8b778ca5a7 Mais informacoes: . MS08-021 - Vulnerabilities in GDI Could Allow Remote Code Execution (948590) http://www.microsoft.com/technet/security/bulletin/ms08-021.mspx . MS07-046 - Vulnerability in GDI Could Allow Remote Code Execution (938829) http://www.microsoft.com/technet/security/bulletin/ms07-046.mspx . SANS ISC Handler's Diary 2008-04-08: April 2008 - Black Tuesday Overview http://www.isc.sans.org/diary.html?storyid=4264 . Microsoft Brasil Security http://www.microsoft.com/brasil/security . Technet Brasil - Central de Seguranca http://www.technetbrasil.com.br/seguranca . Windows Live OneCare http://safety.live.com/site/pt-BR/default.htm Identificador CVE (http://cve.mitre.org): CVE-2008-1087, CVE-2008-1083 O CAIS recomenda que os administradores mantenham seus sistemas e aplicativos sempre atualizados, de acordo com as ultimas versoes e correcoes oferecidas pelos fabricantes. Os Alertas do CAIS tambem sao oferecidos no formato RSS/RDF: http://www.rnp.br/cais/alertas/rss.xml Atenciosamente, ################################################################ # CENTRO DE ATENDIMENTO A INCIDENTES DE SEGURANCA (CAIS) # # Rede Nacional de Ensino e Pesquisa (RNP) # # # # cais em cais.rnp.br http://www.cais.rnp.br # # Tel. 019-37873300 Fax. 019-37873301 # # Chave PGP disponivel http://www.rnp.br/cais/cais-pgp.key # ################################################################ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (GNU/Linux) Comment: Made with pgp4pine 1.76 iQCVAwUBR/vSy+kli63F4U8VAQGpTAP/ffapesMrHelthvHZxMdMVjyKlBZ2c7/D P59B8J9otj/spJbYRaTTUStXb2OR3cgCxh4SjdleombAp/l4nCRjo6a4PQTRiOzJ UzAVTgEz0Qwfl7VB9pVaiHK3KFMYxR/hPfMrpcxtECs5DAbHSABptSjr8HUF4pnk i5MO+YWiI7w= =8t0i -----END PGP SIGNATURE----- ----- End forwarded message ----- From security em unicamp.br Wed Apr 9 09:18:52 2008 From: security em unicamp.br (CSIRT - UNICAMP) Date: Wed, 9 Apr 2008 09:18:52 -0300 Subject: [SECURITY-L] CAIS-Alerta: Vulnerabilidade no VBScript e JScript Scripting Engines (MS08-022) Message-ID: <20080409121851.GF47571@unicamp.br> ----- Forwarded message from Centro de Atendimento a Incidentes de Seguranca ----- From: Centro de Atendimento a Incidentes de Seguranca Subject: CAIS-Alerta: Vulnerabilidade no VBScript e JScript Scripting Engines (MS08-022) To: pop-seg em cais.rnp.br, rnp-alerta em cais.rnp.br, rnp-seg em cais.rnp.br Date: Tue, 8 Apr 2008 17:17:42 -0300 (BRT) -----BEGIN PGP SIGNED MESSAGE----- Prezados, O CAIS esta' repassando o alerta da Microsoft, intitulado "MS08-022 - Critical Vulnerability in VBScript and JScript Scripting Engines Could Allow Remote Code Execution (944338)", que trata de uma vulnerabilidade recem-descoberta no VBScript e JScript scripting engines (motores de codificacao script em VBScript e JScript). A vulnerabilidade de execucao remota de codigo existe devido `a maneira como os motores de codificacao script em VBScript e JScript decodificam os scripts (trechos de codigo) em paginas web, para que eles possam ser inseridos na memoria do sistema e executados. Caso um atacante consiga explorar com sucesso esta vulnerabilidade, ele podera obter o controle total sobre o sistema afetado. Entretanto, caso um usuario com poucos privilegios esteja registrado no sistema no momento do ataque, o impacto do ataque pode ser menor do que se o usuario em uso operasse com mais privilegios administrativos no sistema. A Microsoft considera esta vulnerabilidade como sendo critica e recomenda que todos os usuarios apliquem as correcoes imediatamente. Sistemas afetados: . VBScript 5.1 e JScript 5.1 instalado em Microsoft Windows 2000 Service Pack 4 . VBScript 5.6 e JScript 5.6 instalado em Microsoft Windows 2000 Service Pack 4 . VBScript 5.6 e JScript 5.6 instalado em Windows XP Service Pack 2 . VBScript 5.6 e JScript 5.6 instalado em Windows XP Professional x64 Edition . VBScript 5.6 e JScript 5.6 instalado em Windows XP Professional x64 Edition Service Pack 2 . VBScript 5.6 e JScript 5.6 instalado em Windows Server 2003 Service Pack 1 . VBScript 5.6 e JScript 5.6 instalado em Windows Server 2003 Service Pack 2 . VBScript 5.6 e JScript 5.6 instalado em Windows Server 2003 x64 Edition . VBScript 5.6 e JScript 5.6 instalado em Windows Server 2003 x64 Edition Service Pack 2 . VBScript 5.6 e JScript 5.6 instalado em Windows Server 2003 com SP1 para Sistemas baseados em Itanium . VBScript 5.6 e JScript 5.6 instalado em Windows Server 2003 com SP2 para Sistemas baseados em Itanium Correcoes disponiveis: Recomenda-se fazer a atualizacao para as versoes disponiveis em : . VBScript 5.1 e JScript 5.1 instalado em Microsoft Windows 2000 Service Pack 4 http://www.microsoft.com/downloads/details.aspx?FamilyID=8e3ff44f-145b-4a68-9ad4-4a55d74b216e . VBScript 5.6 e JScript 5.6 instalado em Microsoft Windows 2000 Service Pack 4 http://www.microsoft.com/downloads/details.aspx?FamilyID=8e3ff44f-145b-4a68-9ad4-4a55d74b216e . VBScript 5.6 e JScript 5.6 instalado em Windows XP Service Pack 2 http://www.microsoft.com/downloads/details.aspx?FamilyID=c0124698-3b94-4474-9473-22a2f39a4a56 . VBScript 5.6 e JScript 5.6 instalado em Windows XP Professional x64 Edition http://www.microsoft.com/downloads/details.aspx?FamilyID=87b80ae3-e299-4d15-a135-3b1bcf943652 . VBScript 5.6 e JScript 5.6 instalado em Windows XP Professional x64 Edition Service Pack 2 http://www.microsoft.com/downloads/details.aspx?FamilyID=87b80ae3-e299-4d15-a135-3b1bcf943652 . VBScript 5.6 e JScript 5.6 instalado em Windows Server 2003 Service Pack 1 http://www.microsoft.com/downloads/details.aspx?FamilyID=88518aa6-e334-4529-aa63-0bf2ef417ce3 . VBScript 5.6 e JScript 5.6 instalado em Windows Server 2003 Service Pack 2 http://www.microsoft.com/downloads/details.aspx?FamilyID=88518aa6-e334-4529-aa63-0bf2ef417ce3 . VBScript 5.6 e JScript 5.6 instalado em Windows Server 2003 x64 Edition http://www.microsoft.com/downloads/details.aspx?FamilyID=12cefefc-8553-4dca-9850-c653371de61e . VBScript 5.6 e JScript 5.6 instalado em Windows Server 2003 x64 Edition Service Pack 2 http://www.microsoft.com/downloads/details.aspx?FamilyID=12cefefc-8553-4dca-9850-c653371de61e . VBScript 5.6 e JScript 5.6 instalado em Windows Server 2003 com SP1 para Sistemas baseados em Itanium http://www.microsoft.com/downloads/details.aspx?FamilyID=fe22a828-cca4-4b51-bbd5-995c65fead21 . VBScript 5.6 e JScript 5.6 instalado em Windows Server 2003 com SP2 para Sistemas baseados em Itanium http://www.microsoft.com/downloads/details.aspx?FamilyID=fe22a828-cca4-4b51-bbd5-995c65fead21 Mais informacoes: . MS08-022 - Critical Vulnerability in VBScript and JScript Scripting Engines Could Allow Remote Code Execution (944338) http://www.microsoft.com/technet/security/Bulletin/MS08-022.mspx . Microsoft Brasil Security http://www.microsoft.com/brasil/security . SANS ISC Handler's Diary 2008-04-08: April 2008 - Black Tuesday Overview http://www.isc.sans.org/diary.html?storyid=4264 . Technet Brasil - Central de Seguranca http://www.technetbrasil.com.br/seguranca . Windows Live OneCare http://safety.live.com/site/pt-BR/default.htm Identificador CVE (http://cve.mitre.org): CVE-2008-0083 O CAIS recomenda que os administradores mantenham seus sistemas e aplicativos sempre atualizados, de acordo com as ultimas versoes e correcoes oferecidas pelos fabricantes. Os Alertas do CAIS tambem sao oferecidos no formato RSS/RDF: http://www.rnp.br/cais/alertas/rss.xml Atenciosamente, ################################################################ # CENTRO DE ATENDIMENTO A INCIDENTES DE SEGURANCA (CAIS) # # Rede Nacional de Ensino e Pesquisa (RNP) # # # # cais em cais.rnp.br http://www.cais.rnp.br # # Tel. 019-37873300 Fax. 019-37873301 # # Chave PGP disponivel http://www.rnp.br/cais/cais-pgp.key # ################################################################ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (GNU/Linux) Comment: Made with pgp4pine 1.76 iQCVAwUBR/vS7ukli63F4U8VAQEzzQQAlgamVTDti2Ig24OPZ7eEQBvatS3UyBD6 MxpxCxArCsdPBJ4lbsxgHPDrqqPbxqTo7CzeP4W0WPOaxep1L2eP1wegdPFk34wT pr0mVogeb1Qi0uS5MHkWSo05ueR8sBcGuC9yd9ewCGpR0uRkS93yidOtJc2pXPPb BhIAp8NVVaY= =NcpG -----END PGP SIGNATURE----- ----- End forwarded message ----- From security em unicamp.br Wed Apr 9 09:19:15 2008 From: security em unicamp.br (CSIRT - UNICAMP) Date: Wed, 9 Apr 2008 09:19:15 -0300 Subject: [SECURITY-L] CAIS-Alerta: Atualizacao de Seguranca para ActiveX (MS08-023) Message-ID: <20080409121915.GG47571@unicamp.br> ----- Forwarded message from Centro de Atendimento a Incidentes de Seguranca ----- From: Centro de Atendimento a Incidentes de Seguranca Subject: CAIS-Alerta: Atualizacao de Seguranca para ActiveX (MS08-023) To: pop-seg em cais.rnp.br, rnp-alerta em cais.rnp.br, rnp-seg em cais.rnp.br Date: Tue, 8 Apr 2008 17:18:10 -0300 (BRT) -----BEGIN PGP SIGNED MESSAGE----- Prezados, O CAIS esta' repassando o alerta da Microsoft, intitulado "MS08-023 - Security Update of ActiveX Kill Bits (948881)", que trata de uma atualizacao de seguranca para o um controle ActiveX e aplicacao de "kill-bit" para controles ActiveX de terceiros. Existe uma vulnerabilidade na forma como o controle ActiveX "hxvz.dll" gerencia memoria, que se explorada, pode permitir ao atacante executar codigo malicioso no sistema vulneravel. Se explorada, a vulnerabilidade permite ao atacante obter as mesmas permissoes de acesso do usuario conectado. Se este usuario tiver permissoes de administrador, o atacante podera obter o controle total sobre o sistema. A segunda atualizacao desabilita, atraves da ativacao de um "kill-bit" (modificacao no registro), o funcionamento do controle ActiveX "Yahoo! Music Jukebox" no Internet Explorer. Este controle contem uma vulnerabilidade reportada pelo Yahoo recentemente. Sistemas afetados: . Microsoft Windows 2000 Service Pack 4 componente: Microsoft Internet Explorer 5.01 Service Pack 4 . Microsoft Windows 2000 Service Pack 4 componente: Microsoft Internet Explorer 6 Service Pack 1 . Windows XP Service Pack 2 . Windows XP Professional x64 Edition . Windows XP Professional x64 Edition Service Pack 2 . Windows Server 2003 Service Pack 1 . Windows Server 2003 Service Pack 2 . Windows Server 2003 x64 Edition . Windows Server 2003 x64 Edition Service Pack 2 . Windows Server 2003 com SP1 para sistemas baseados em Itanium . Windows Server 2003 com SP2 para sistemas baseados em Itanium . Windows Vista . Windows Vista Service Pack 1 . Windows Vista x64 Edition . Windows Vista x64 Edition Service Pack 1 . Windows Server 2008 para sistemas 32-bits . Windows Server 2008 para sistemas x64 . Windows Server 2008 para sistemas baseados em Itanium Correcoes disponiveis: Recomenda-se fazer a atualizacao para as versoes disponiveis em : . Microsoft Windows 2000 Service Pack 4 componente: Microsoft Internet Explorer 5.01 Service Pack 4 http://www.microsoft.com/downloads/details.aspx?FamilyId=0395451F-B719-4F71-A7B4-403D0C7E8FCC . Microsoft Windows 2000 Service Pack 4 componente: Microsoft Internet Explorer 6 Service Pack 1 http://www.microsoft.com/downloads/details.aspx?FamilyId=BA6D3AEB-E35A-47CC-BACE-7BD9D58A9D3F . Windows XP Service Pack 2 http://www.microsoft.com/downloads/details.aspx?FamilyId=9DBF002F-FE53-4CC7-A430-35F45C520D10 . Windows XP Professional x64 Edition http://www.microsoft.com/downloads/details.aspx?FamilyId=01400970-DF68-4DAF-AA39-2FC4F969974C . Windows XP Professional x64 Edition Service Pack 2 http://www.microsoft.com/downloads/details.aspx?FamilyId=01400970-DF68-4DAF-AA39-2FC4F969974C . Windows Server 2003 Service Pack 1 http://www.microsoft.com/downloads/details.aspx?FamilyId=AD384FEA-53BE-4BE3-8ACB-1CD23A7F5405 . Windows Server 2003 Service Pack 2 http://www.microsoft.com/downloads/details.aspx?FamilyId=AD384FEA-53BE-4BE3-8ACB-1CD23A7F5405 . Windows Server 2003 x64 Edition http://www.microsoft.com/downloads/details.aspx?FamilyId=FFC5C893-CB24-4875-B0A7-6D5C7AA4D642 . Windows Server 2003 x64 Edition Service Pack 2 http://www.microsoft.com/downloads/details.aspx?FamilyId=FFC5C893-CB24-4875-B0A7-6D5C7AA4D642 . Windows Server 2003 com SP1 para sistemas baseados em Itanium http://www.microsoft.com/downloads/details.aspx?FamilyId=94CF78D3-B6C3-41BC-993E-3AF3BE0D70F1 . Windows Server 2003 com SP2 para sistemas baseados em Itanium http://www.microsoft.com/downloads/details.aspx?FamilyId=94CF78D3-B6C3-41BC-993E-3AF3BE0D70F1 . Windows Vista http://www.microsoft.com/downloads/details.aspx?FamilyId=D7F14001-7F42-4CA0-9193-CDF061179B59 . Windows Vista Service Pack 1 http://www.microsoft.com/downloads/details.aspx?FamilyId=D7F14001-7F42-4CA0-9193-CDF061179B59 . Windows Vista x64 Edition http://www.microsoft.com/downloads/details.aspx?FamilyId=D33462B6-7391-482D-BABE-FB4CD0BEAA21 . Windows Vista x64 Edition Service Pack 1 http://www.microsoft.com/downloads/details.aspx?FamilyId=D33462B6-7391-482D-BABE-FB4CD0BEAA21 . Windows Server 2008 para sistemas 32-bits http://www.microsoft.com/downloads/details.aspx?FamilyId=95691924-2813-4A86-9E11-99D853F8E606 . Windows Server 2008 para sistemas x64 http://www.microsoft.com/downloads/details.aspx?FamilyId=920AE29B-19D0-4089-AC79-F2DA824A2256 . Windows Server 2008 para sistemas baseados em Itanium http://www.microsoft.com/downloads/details.aspx?FamilyId=66DF79AC-8364-4922-9688-EBC7EC76D89F Mais informacoes: . MS08-023 - Security Update of ActiveX Kill Bits (948881) http://www.microsoft.com/technet/security/Bulletin/MS08-023.mspx . Yahoo! Music Jukebox Security Update http://help.yahoo.com/l/us/yahoo/music/jukebox/troubleshoot/securityupdate.html . Microsoft Brasil Security http://www.microsoft.com/brasil/security . SANS ISC Handler's Diary 2008-04-08: April 2008 - Black Tuesday Overview http://www.isc.sans.org/diary.html?storyid=4264 . Technet Brasil - Central de Seguranca http://www.technetbrasil.com.br/seguranca . Windows Live OneCare http://safety.live.com/site/pt-BR/default.htm Identificador CVE (http://cve.mitre.org): CVE-2008-1086 O CAIS recomenda que os administradores mantenham seus sistemas e aplicativos sempre atualizados, de acordo com as ultimas versoes e correcoes oferecidas pelos fabricantes. Os Alertas do CAIS tambem sao oferecidos no formato RSS/RDF: http://www.rnp.br/cais/alertas/rss.xml Atenciosamente, ################################################################ # CENTRO DE ATENDIMENTO A INCIDENTES DE SEGURANCA (CAIS) # # Rede Nacional de Ensino e Pesquisa (RNP) # # # # cais em cais.rnp.br http://www.cais.rnp.br # # Tel. 019-37873300 Fax. 019-37873301 # # Chave PGP disponivel http://www.rnp.br/cais/cais-pgp.key # ################################################################ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (GNU/Linux) Comment: Made with pgp4pine 1.76 iQCVAwUBR/vTCekli63F4U8VAQHovgP9HEJKLFBDqWCEAGmFR976qu2Xrmqo5EU5 KSlih1uNqZI0nDAZDEp0VQCDYmHA12DiDb9rwj92jpbdw0QtTmRLIASNvEb1UZT0 /3P9iKE5AeCQi+YdGCwTjEkWK1yDDmiwpoQBIHtT6jwvs8kzMOdz+aZ4bZtMQmm8 GAZoz+M/WtQ= =uW3u -----END PGP SIGNATURE----- ----- End forwarded message ----- From security em unicamp.br Wed Apr 9 09:19:40 2008 From: security em unicamp.br (CSIRT - UNICAMP) Date: Wed, 9 Apr 2008 09:19:40 -0300 Subject: [SECURITY-L] CAIS-Alerta: Correcoes de Seguranca Acumulativas para Internet Explorer (MS08-024) Message-ID: <20080409121939.GH47571@unicamp.br> ----- Forwarded message from Centro de Atendimento a Incidentes de Seguranca ----- From: Centro de Atendimento a Incidentes de Seguranca Subject: CAIS-Alerta: Correcoes de Seguranca Acumulativas para Internet Explorer (MS08-024) To: pop-seg em cais.rnp.br, rnp-alerta em cais.rnp.br, rnp-seg em cais.rnp.br Date: Tue, 8 Apr 2008 17:19:06 -0300 (BRT) -----BEGIN PGP SIGNED MESSAGE----- Prezados, O CAIS esta' repassando o alerta da Microsoft, intitulado "MS08-024 - Cumulative Security Update for Internet Explorer (947864)", que trata de uma vulnerabilidade recem identificada no navegador Internet Explorer. A vulnerabilidade foi classificada como critica pela Microsoft e permite a execucao remota de codigo caso um usuario abra uma pagina Web maliciosa com um navegador Internet Explorer afetado. Usuarios cujas contas tenham menos privilegios no sistema podem sofrer menos impacto. Sistemas afetados: . Internet Explorer 5.01 - Microsoft Windows 2000 Service Pack 4 . Internet Explorer 6 Service Pack 1 - Microsoft Windows 2000 Service Pack 4 . Internet Explorer 6 - Windows XP Service Pack 2 - Windows XP Professional x64 Edition - Windows XP Professional x64 Edition Service Pack 2 - Windows Server 2003 Service Pack 1 - Windows Server 2003 Service Pack 2 - Windows Server 2003 x64 Edition - Windows Server 2003 x64 Edition Service Pack 2 - Windows Server 2003 com SP1 para sistemas baseados em Itanium - Windows Server 2003 com SP2 para sistemas baseados em Itanium . Internet Explorer 7 - Windows XP Service Pack 2 - Windows XP Professional x64 Edition - Windows XP Professional x64 Edition Service Pack 2 - Windows Server 2003 Service Pack 1 - Windows Server 2003 Service Pack 2 - Windows Server 2003 x64 Edition - Windows Server 2003 x64 Edition Service Pack 2 - Windows Server 2003 com SP1 para sistemas baseados em Itanium - Windows Server 2003 com SP2 para sistemas baseados em Itanium - Windows Vista - Windows Vista Service Pack 1 - Windows Vista x64 Edition - Windows Vista x64 Edition Service Pack 1 - Windows Server 2008 para sistemas 32-bit - Windows Server 2008 para sistemas x64 - Windows Server 2008 para sistemas baseados em Itanium Correcoes disponiveis: Recomenda-se fazer a atualizacao para as versoes disponiveis em: . Internet Explorer 5.01 - Microsoft Windows 2000 Service Pack 4 http://www.microsoft.com/downloads/details.aspx?FamilyId=B051AE04-FE81-440D-9136-D6B239CA954E . Internet Explorer 6 Service Pack 1 - Microsoft Windows 2000 Service Pack 4 http://www.microsoft.com/downloads/details.aspx?FamilyId=75D2DC78-E3A4-4FF6-9E2D-BF1935003E8E . Internet Explorer 6 - Windows XP Service Pack 2 http://www.microsoft.com/downloads/details.aspx?FamilyId=36C641AD-953F-4B09-BA1C-9C383295E180 - Windows XP Professional x64 Edition http://www.microsoft.com/downloads/details.aspx?FamilyId=85BEACC0-8CA2-4DED-9C24-23348D05C735 - Windows XP Professional x64 Edition Service Pack 2 http://www.microsoft.com/downloads/details.aspx?FamilyId=85BEACC0-8CA2-4DED-9C24-23348D05C735 - Windows Server 2003 Service Pack 1 http://www.microsoft.com/downloads/details.aspx?FamilyId=0444B76E-93FA-43C2-B1BC-A5C054529EB5 - Windows Server 2003 Service Pack 2 http://www.microsoft.com/downloads/details.aspx?FamilyId=0444B76E-93FA-43C2-B1BC-A5C054529EB5 - Windows Server 2003 x64 Edition http://www.microsoft.com/downloads/details.aspx?FamilyId=5EBB5EF9-615F-4CAB-BAC5-6F45F1B94952 - Windows Server 2003 x64 Edition Service Pack 2 http://www.microsoft.com/downloads/details.aspx?FamilyId=5EBB5EF9-615F-4CAB-BAC5-6F45F1B94952 - Windows Server 2003 com SP1 para sistemas baseados em Itanium http://www.microsoft.com/downloads/details.aspx?FamilyId=63DA8040-FDA2-42C7-8543-26AD6F9811F2 - Windows Server 2003 com SP2 para sistemas baseados em Itanium http://www.microsoft.com/downloads/details.aspx?FamilyId=63DA8040-FDA2-42C7-8543-26AD6F9811F2 . Internet Explorer 7 - Windows XP Service Pack 2 http://www.microsoft.com/downloads/details.aspx?FamilyId=E771EFE8-8881-4F23-B5B0-15651A390BA9 - Windows XP Professional x64 Edition http://www.microsoft.com/downloads/details.aspx?FamilyId=9364BF81-6505-4788-958D-A4BD29DC98AD - Windows XP Professional x64 Edition Service Pack 2 http://www.microsoft.com/downloads/details.aspx?FamilyId=9364BF81-6505-4788-958D-A4BD29DC98AD - Windows Server 2003 Service Pack 1 http://www.microsoft.com/downloads/details.aspx?FamilyId=9ACD2A03-5530-49C8-9EA1-0BFAF259700D - Windows Server 2003 Service Pack 2 http://www.microsoft.com/downloads/details.aspx?FamilyId=9ACD2A03-5530-49C8-9EA1-0BFAF259700D - Windows Server 2003 x64 Edition http://www.microsoft.com/downloads/details.aspx?FamilyId=A9E406AA-33E2-49B8-AB54-4A7328E46147 - Windows Server 2003 x64 Edition Service Pack 2 http://www.microsoft.com/downloads/details.aspx?FamilyId=A9E406AA-33E2-49B8-AB54-4A7328E46147 - Windows Server 2003 com SP1 para sistemas baseados em Itanium http://www.microsoft.com/downloads/details.aspx?FamilyId=75A05D3A-92A0-4A00-95D4-E2B2F6755180 - Windows Server 2003 com SP2 para sistemas baseados em Itanium http://www.microsoft.com/downloads/details.aspx?FamilyId=75A05D3A-92A0-4A00-95D4-E2B2F6755180 - Windows Vista http://www.microsoft.com/downloads/details.aspx?FamilyId=D4E24966-6530-463A-9EE2-F6A9D000F998 - Windows Vista Service Pack 1 http://www.microsoft.com/downloads/details.aspx?FamilyId=D4E24966-6530-463A-9EE2-F6A9D000F998 - Windows Vista x64 Edition http://www.microsoft.com/downloads/details.aspx?FamilyId=295CF8F2-265E-4570-B708-21033337FE05 - Windows Vista x64 Edition Service Pack 1 http://www.microsoft.com/downloads/details.aspx?FamilyId=295CF8F2-265E-4570-B708-21033337FE05 - Windows Server 2008 para sistemas 32-bit http://www.microsoft.com/downloads/details.aspx?FamilyId=E57B4D94-19AD-4818-8311-A3F94BE01A4B - Windows Server 2008 para sistemas x64 http://www.microsoft.com/downloads/details.aspx?FamilyId=93E9F52A-C7D0-4033-9C12-740665A219AF - Windows Server 2008 para sistemas baseados em Itanium http://www.microsoft.com/downloads/details.aspx?FamilyId=ACF948E8-C4A9-40DA-B282-F5E584E77B05 Mais informacoes: . MS08-024 - Cumulative Security Update for Internet Explorer (947864) http://www.microsoft.com/technet/security/bulletin/ms08-024.mspx . SANS ISC Handler's Diary 2008-04-08: April 2008 - Black Tuesday Overview http://www.isc.sans.org/diary.html?storyid=4264 . Microsoft Brasil Security http://www.microsoft.com/brasil/security . Technet Brasil - Central de Seguranca http://www.technetbrasil.com.br/seguranca . Windows Live OneCare http://safety.live.com/site/pt-BR/default.htm Identificador CVE (http://cve.mitre.org): CVE-2008-1085 O CAIS recomenda que os administradores mantenham seus sistemas e aplicativos sempre atualizados, de acordo com as ultimas versoes e correcoes oferecidas pelos fabricantes. Os Alertas do CAIS tambem sao oferecidos no formato RSS/RDF: http://www.rnp.br/cais/alertas/rss.xml Atenciosamente, ################################################################ # CENTRO DE ATENDIMENTO A INCIDENTES DE SEGURANCA (CAIS) # # Rede Nacional de Ensino e Pesquisa (RNP) # # # # cais em cais.rnp.br http://www.cais.rnp.br # # Tel. 019-37873300 Fax. 019-37873301 # # Chave PGP disponivel http://www.rnp.br/cais/cais-pgp.key # ################################################################ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (GNU/Linux) Comment: Made with pgp4pine 1.76 iQCVAwUBR/vTP+kli63F4U8VAQGSjgP8DwmnreOEQnZBi06fhYDW0/5nx8tJ1d9v +browb6lMlB+ukLLLYdRo5mAShTtsh/EHOwRvbtDxwoiONAlKaaCneC0Zyhzccrt 3X1nolhggREqc5L8uFJtYNJIfZocFAIf/f8gS+ROEUGIslX23MUuz7Xhto7MNp4c ViicYw5cltY= =tX8C -----END PGP SIGNATURE----- ----- End forwarded message ----- From security em unicamp.br Wed Apr 9 09:20:05 2008 From: security em unicamp.br (CSIRT - UNICAMP) Date: Wed, 9 Apr 2008 09:20:05 -0300 Subject: [SECURITY-L] CAIS-Alerta: Vulnerabilidade no Kernel do Microsoft Windows (MS08-025) Message-ID: <20080409122005.GI47571@unicamp.br> ----- Forwarded message from Centro de Atendimento a Incidentes de Seguranca ----- From: Centro de Atendimento a Incidentes de Seguranca Subject: CAIS-Alerta: Vulnerabilidade no Kernel do Microsoft Windows (MS08-025) To: pop-seg em cais.rnp.br, rnp-alerta em cais.rnp.br, rnp-seg em cais.rnp.br Date: Tue, 8 Apr 2008 17:19:54 -0300 (BRT) -----BEGIN PGP SIGNED MESSAGE----- Prezados, O CAIS esta' repassando o alerta da Microsoft, intitulado "MS08-025 - Vulnerability in Windows Kernel Could Allow Elevation of Privilege (941693)", que trata de uma vulnerabilidade no Kernel do Microsoft Windows. A vulnerabilidade de elevacao de privilegios existe devido `a maneira impropria como o Microsoft Windows valida entradas passadas do modo usuario para o Kernel. Caso um atacante consiga explorar com sucesso esta vulnerabilidade, ele podera obter o controle total sobre o sistema afetado. Sistemas afetados: . Microsoft Windows 2000 Service Pack 4 . Windows XP Service Pack 2 . Windows XP Professional x64 Edition . Windows XP Professional x64 Edition Service Pack 2 . Windows Server 2003 Service Pack 1 . Windows Server 2003 Service Pack 2 . Windows Server 2003 x64 Edition . Windows Server 2003 x64 Edition Service Pack 2 . Windows Server 2003 com SP1 para Sistemas baseados em Itanium . Windows Server 2003 com SP2 para Sistemas baseados em Itanium . Windows Vista . Windows Vista Service Pack 1 . Windows Vista x64 Edition . Windows Vista x64 Edition Service Pack 1 . Windows Server 2008 para Sistemas 32-bit . Windows Server 2008 para Sistemas baseados em x64 . Windows Server 2008 para Sistemas baseados em Itanium Correcoes disponiveis: Recomenda-se fazer a atualizacao para as versoes disponiveis em : . Microsoft Windows 2000 Service Pack 4 http://www.microsoft.com/downloads/details.aspx?familyid=8db9f328-da0e-4fb8-96c4-6d368b47c224 . Windows XP Service Pack 2 http://www.microsoft.com/downloads/details.aspx?familyid=0e937f65-abd0-46dd-8883-5bfd70ea1178 . Windows XP Professional x64 Edition http://www.microsoft.com/downloads/details.aspx?familyid=a29bbd13-761f-44fa-8948-e1a8c244bd7a . Windows XP Professional x64 Edition Service Pack 2 http://www.microsoft.com/downloads/details.aspx?familyid=a29bbd13-761f-44fa-8948-e1a8c244bd7a . Windows Server 2003 Service Pack 1 http://www.microsoft.com/downloads/details.aspx?familyid=d3b855a6-4648-4771-826d-11a151828eac . Windows Server 2003 Service Pack 2 http://www.microsoft.com/downloads/details.aspx?familyid=d3b855a6-4648-4771-826d-11a151828eac . Windows Server 2003 x64 Edition http://www.microsoft.com/downloads/details.aspx?familyid=320fd100-35e1-4345-9399-796393235cbc . Windows Server 2003 x64 Edition Service Pack 2 http://www.microsoft.com/downloads/details.aspx?familyid=320fd100-35e1-4345-9399-796393235cbc . Windows Server 2003 com SP1 para Sistemas baseados em Itanium http://www.microsoft.com/downloads/details.aspx?familyid=126426a7-be38-4327-89db-02d99d76589d . Windows Server 2003 com SP2 para Sistemas baseados em Itanium http://www.microsoft.com/downloads/details.aspx?familyid=126426a7-be38-4327-89db-02d99d76589d . Windows Vista http://www.microsoft.com/downloads/details.aspx?familyid=9640cd8b-d749-4ddd-8af9-b298cebed969 . Windows Vista Service Pack 1 http://www.microsoft.com/downloads/details.aspx?familyid=9640cd8b-d749-4ddd-8af9-b298cebed969 . Windows Vista x64 Edition http://www.microsoft.com/downloads/details.aspx?familyid=d56bb4fe-304e-45e0-95f2-fde2f47b2a04 . Windows Vista x64 Edition Service Pack 1 http://www.microsoft.com/downloads/details.aspx?familyid=d56bb4fe-304e-45e0-95f2-fde2f47b2a04 . Windows Server 2008 para Sistemas 32-bit http://www.microsoft.com/downloads/details.aspx?familyid=4497333c-9418-4b91-83dc-0155735421c0 . Windows Server 2008 para Sistemas baseados em x64 http://www.microsoft.com/downloads/details.aspx?familyid=5aefc7a6-79a4-45a2-b534-35d0ec400dda . Windows Server 2008 para Sistemas baseados em Itanium http://www.microsoft.com/downloads/details.aspx?familyid=3080c26b-7456-41ef-8668-28f15bc7b8ce Mais informacoes: . MS08-025: Vulnerability in Windows Kernel Could Allow Elevation of Privilege (941693) http://www.microsoft.com/technet/security/Bulletin/MS08-025.mspx . Microsoft Brasil Security http://www.microsoft.com/brasil/security . SANS ISC Handler's Diary 2008-04-08: April 2008 - Black Tuesday Overview http://www.isc.sans.org/diary.html?storyid=4264 . Technet Brasil - Central de Seguranca http://www.technetbrasil.com.br/seguranca . Windows Live OneCare http://safety.live.com/site/pt-BR/default.htm Identificador CVE (http://cve.mitre.org): CVE-2008-1084 O CAIS recomenda que os administradores mantenham seus sistemas e aplicativos sempre atualizados, de acordo com as ultimas versoes e correcoes oferecidas pelos fabricantes. Os Alertas do CAIS tambem sao oferecidos no formato RSS/RDF: http://www.rnp.br/cais/alertas/rss.xml Atenciosamente, ################################################################ # CENTRO DE ATENDIMENTO A INCIDENTES DE SEGURANCA (CAIS) # # Rede Nacional de Ensino e Pesquisa (RNP) # # # # cais em cais.rnp.br http://www.cais.rnp.br # # Tel. 019-37873300 Fax. 019-37873301 # # Chave PGP disponivel http://www.rnp.br/cais/cais-pgp.key # ################################################################ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (GNU/Linux) Comment: Made with pgp4pine 1.76 iQCVAwUBR/vTdOkli63F4U8VAQESswP/UN/stGp7rtQ6kSXwc5PRtdfWnzix2M/M 3/LkDIard/0cjBfATfTwxYm2apuvRupvPf9EuQqfROgspQuxkAKBbixhP7GCZTWJ 22/8VMKYqbEDaKsvQ2YYD8TuHIZk77vW/2u8XvBjSLNwzTyptAiPTxFP/gcpwDV2 ZwUXTaTghv0= =ieqr -----END PGP SIGNATURE----- ----- End forwarded message ----- From security em unicamp.br Fri Apr 11 10:22:34 2008 From: security em unicamp.br (CSIRT - UNICAMP) Date: Fri, 11 Apr 2008 10:22:34 -0300 Subject: [SECURITY-L] US-CERT Technical Cyber Security Alert TA08-100A -- Adobe Flash Updates for Multiple Vulnerabilities Message-ID: <20080411132233.GA31935@unicamp.br> ----- Forwarded message from US-CERT Technical Alerts ----- From: US-CERT Technical Alerts Subject: US-CERT Technical Cyber Security Alert TA08-100A -- Adobe Flash Updates for Multiple Vulnerabilities To: technical-alerts em us-cert.gov Date: Wed, 9 Apr 2008 11:36:12 -0400 Organization: US-CERT - +1 202-205-5266 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA08-100A Adobe Flash Updates for Multiple Vulnerabilities Original release date: April 9, 2008 Last revised: -- Source: US-CERT Systems Affected * Adobe Flash Player 9.0.115.0 and earlier * Adobe Flash Player 8.0.39.0 and earlier Overview Adobe has released Security advisory APSB08-11 to address multiple vulnerabilities affecting Adobe Flash. The most severe of these vulnerabilities could allow a remote attacker to execute arbitrary code. I. Description Adobe Security Advisory APSB08-011 addresses a number of vulnerabilities affecting the Adobe Flash player. Flash player versions 9.0.115.0 and earlier and 8.0.39.0 and earlier are affected. Further details are available in the US-CERT Vulnerability Notes Database. An attacker could exploit these vulnerabilities by convincing a user to visit a website that hosts a specially crafted SWF file. The Adobe Flash browser plugin is available for multiple web browsers and operating systems, any of which could be affected. II. Impact The impacts of these vulnerabilities vary. The most severe of these vulnerabilities allows a remote attacker to execute arbitrary code or conduct cross-site scripting attacks. III. Solution Apply Updates Check with your operating system vendor for patches or updates. If you get the flash player from Adobe, see the Adobe Get Flash page for information about updates. Restrict access These vulnerabilities can be mitigated by disabling the Flash plugin or by using the NoScript extension to whitelist websites that can access the Flash plugin. For more information about securely configuring web browsers, please see the Securing Your Web Browser document. IV. References * Adobe Security Advisory APSB08-011 - * Adobe Flash Player Download Center - * Understanding Flash Player 9 April 2008 Security Update compatibility - * US-CERT Vulnerability Notes for Adobe Security advisory APSB08-011 - * Securing Your Web Browser - _________________________________________________________________ The most recent version of this document can be found at: _________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to with "TA08-100A Feedback VU#347812" in the subject. _________________________________________________________________ For instructions on subscribing to or unsubscribing from this mailing list, visit . _________________________________________________________________ Produced 2008 by US-CERT, a government organization. Terms of use: ____________________________________________________________________ Revision History April 9, 2008: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iQEVAwUBR/zdXPRFkHkM87XOAQIR+ggAk0+t7keRs7OzyAsdG12UtFjyxheeX9Xi Zl5UNxlnrUIAxe4eO0ySC+7TQm1MaJrBW2yWN7nbtf0pMGRfSudG78kv2KdVqT4o SIrFhxIW+a4g2bFh56TEhZGRitMI+Yg3P0YyDA//svYvAQTXoEnBM0I4TBEYkb5C d2X5O6cEJHpdz6yTlox0lnQb5fkpVsqGqnzagWtBAufEA482e1LeRiz/ehSs/SRa iSbkadW30ZStsrRIrF1E7QRS1BF1QZ96C/5pgxl44zBb4d4+Dhjkk21S0hUjI/hm FFKom4BrBaON+dRpsAWTDwxhM0Dib3YfskvKrdNic+lQ5ow/Mnp0Pg== =SC0g -----END PGP SIGNATURE----- ----- End forwarded message ----- From security em unicamp.br Tue Apr 22 10:50:41 2008 From: security em unicamp.br (CSIRT - UNICAMP) Date: Tue, 22 Apr 2008 10:50:41 -0300 Subject: [SECURITY-L] CAIS-Alerta: Multiplas Vulnerabilidades em Produtos Oracle - Abril 2008 Message-ID: <20080422135040.GA68331@unicamp.br> ----- Forwarded message from Centro de Atendimento a Incidentes de Seguranca ----- From: Centro de Atendimento a Incidentes de Seguranca Subject: CAIS-Alerta: Multiplas Vulnerabilidades em Produtos Oracle - Abril 2008 To: pop-seg em cais.rnp.br, rnp-alerta em cais.rnp.br, rnp-seg em cais.rnp.br Date: Fri, 18 Apr 2008 17:29:42 -0300 (BRT) -----BEGIN PGP SIGNED MESSAGE----- Prezados, O CAIS esta' repassando o alerta da Oracle, intitulado "Oracle Critical Patch Update - April 2008", que trata de uma serie de correcoes para multiplas vulnerabilidades em diversos produtos Oracle. No total 41 vulnerabilidades sao cobertas por estas correcoes. O impacto das vulnerabilidades depende do produto, componente ou configuracao do sistema. Consequencias potenciais incluem execucao remota de codigo arbitrario, obtencao de informacoes sensiveis e negacao de servico (DoS). Componentes vulneraveis podem estar disponiveis para atacantes remotos mesmo que estes nao tenham se autenticado. As correcoes estao distribuidas da seguinte forma: . 17 novas correcoes para o Oracle Database . 3 novas correcoes para o Oracle Application Server . 11 novas correcoes para o Oracle E-Business Suite e Applications . 1 nova correcao para o Oracle Oracle Enterprise Manager . 3 novas correcoes para o Oracle PeopleSoft Enterprise e JD Edwards EnterpriseOne . 6 novas correcoes para o Oracle Siebel Enterprise Sistemas afetados: . Oracle Database 11g, versao 11.1.0.6 . Oracle Database 10g Release 2, versoes 10.2.0.2, 10.2.0.3 . Oracle Database 10g, versao 10.1.0.5 . Oracle Database 9i Release 2, versoes 9.2.0.8, 9.2.0.8DV . Oracle Application Server 10g Release 3 (10.1.3), versoes 10.1.3.1.0,10.1.3.3.0 . Oracle Application Server 10g Release 2 (10.1.2), versoes 10.1.2.0.2,10.1.2.1.0, 10.1.2.2.0 . Oracle Application Server 10g (9.0.4), versao 9.0.4.3 . Oracle Collaboration Suite 10g, versao 10.1.2 . Oracle E-Business Suite Release 12, versao 12.0.4 . Oracle E-Business Suite Release 11i, versao 11.5.10.2 . Oracle PeopleSoft Enterprise PeopleTools versoes 8.22.19, 8.48.16, 8.49.09 . Oracle PeopleSoft Enterprise HCM versoes 8.8 SP1, 8.9, 9.0 . Oracle Siebel SimBuilder versoes 7.8.2, 7.8.5 . Oracle Database 9i, versao 9.0.1.5 FIPS+ . Oracle Application Server 9i Release 1, versao 1.0.2.2 Correcoes disponiveis: As correcoes para os produtos Oracle estao disponiveis mediante usuario e senha, atraves dos enderecos fornecidos abaixo: . Oracle Database http://metalink.oracle.com/metalink/plsql/ml2_documents.showDocument?p_database_id=NOT&p_id=552248.1#DBAVAIL . Oracle Application Server http://metalink.oracle.com/metalink/plsql/ml2_documents.showDocument?p_database_id=NOT&p_id=552248.1#ASMIDTIER . Oracle Collaboration Suite http://metalink.oracle.com/metalink/plsql/ml2_documents.showDocument?p_database_id=NOT&p_id=552248.1#OCSAVAIL . Oracle E-Business Suite e Application http://metalink.oracle.com/metalink/plsql/ml2_documents.showDocument?p_database_id=NOT&p_id=557157.1 . Oracle Enterprise Manager http://metalink.oracle.com/metalink/plsql/ml2_documents.showDocument?p_database_id=NOT&p_id=552248.1#OEMAVAIL . Oracle PeopleSoft Enterprise e JD Edwards Enterprise http://www.peoplesoft.com/corp/en/support/security_index.jsp . Oracle Siebel Enterprise http://metalink.oracle.com/metalink/plsql/showdoc?db=Not&id=562615.1 Mais informacoes: . Oracle Critical Patch Update - January 2008 http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2008.html O CAIS recomenda que os administradores mantenham seus sistemas e aplicativos sempre atualizados, de acordo com as ultimas versoes e correcoes oferecidas pelos fabricantes. Os Alertas do CAIS tambem sao oferecidos no formato RSS/RDF: http://www.rnp.br/cais/alertas/rss.xml Atenciosamente, ################################################################ # CENTRO DE ATENDIMENTO A INCIDENTES DE SEGURANCA (CAIS) # # Rede Nacional de Ensino e Pesquisa (RNP) # # # # cais em cais.rnp.br http://www.cais.rnp.br # # Tel. 019-37873300 Fax. 019-37873301 # # Chave PGP disponivel http://www.rnp.br/cais/cais-pgp.key # ################################################################ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (GNU/Linux) Comment: Made with pgp4pine 1.76 iQCVAwUBSAkExukli63F4U8VAQE5UAP+N9ngpWbCGyaADA8DdreQTq+9JDkZxN2J Jk0zecAooECcZyASpUnlfR5I3VwIE4krvhYjiWMJ8yoVoPFn6Jzu4KUIns5+mVJL sUYSlIGIEIsA0h/1yURc5JBRCevMqofX3awtmM7dMxkXNq6EK+A1VrMl2PGqc+AT zPCoBZ0wb9g= =34EM -----END PGP SIGNATURE----- ----- End forwarded message ----- From security em unicamp.br Tue Apr 22 10:51:17 2008 From: security em unicamp.br (CSIRT - UNICAMP) Date: Tue, 22 Apr 2008 10:51:17 -0300 Subject: [SECURITY-L] CAIS-Alerta: Vulnerabilidades no Abobe Flash Player (APSB08-11) Message-ID: <20080422135116.GB68331@unicamp.br> ----- Forwarded message from Centro de Atendimento a Incidentes de Seguranca ----- From: Centro de Atendimento a Incidentes de Seguranca Subject: CAIS-Alerta: Vulnerabilidades no Abobe Flash Player (APSB08-11) To: pop-seg em cais.rnp.br, rnp-alerta em cais.rnp.br, rnp-seg em cais.rnp.br Date: Fri, 18 Apr 2008 17:31:24 -0300 (BRT) -----BEGIN PGP SIGNED MESSAGE----- Prezados, O CAIS esta' repassando o alerta da Adobe, intitulado "APSB08-11 - Flash Player update available to address security vulnerabilities", que trata de multiplas vulnerabilidades recem-descobertas no Adobe Flash Player. Foram descobertos erros de validacao de entrada nas versoes Flash Player que podem permitir a um atacante a execucao de codigo malicioso atraves da visita a uma pagina web, e-mail ou atraves da execucao de qualquer aplicativo que carregue um arquivo SWF no Adobe Flash Player. Ja' existe disponivel na Internet codigo malicioso capaz de explorar estas vulnerabilidades. Assim, o CAIS recomenda fortemente que as medidas paliativas indicadas na secao "Correcoes Disponiveis" sejam adotadas, uma vez que os tocadores multimidia sao frequentemente vetores de ataques. Hoje arquivos Flash estao presentes em diversas aplicacoes web, como YouTube, videos em sites de noticias, jogos online, visualizacao de arquivos PowerPoint no Gmail, entre outras aplicacoes. Esta atualizacao corrige uma vulnerabilidade divulgada no evento de seguranca CanSecWest, em que um laptop Windows Vista foi comprometido. Tratava-se de uma disputa (PWN2OWN 2008), em que 3 sistemas totalmente atualizados (Ubuntu 7.10, Microsoft Windows Vista Ultimate SP1 e OSX 10.5.2) deveriam ser comprometidos com novas vulnerabilidades. Sistemas afetados: . Flash Player 9.0.115.0 e anteriores . Flash Player 8.0.39.0 e anteriores Correcoes disponiveis: Recomenda-se fazer a atualizacao para a versao mais recente disponivel em: . Flash Player 9.0.124.0 http://www.adobe.com/go/getflashplayer/ Se por algum motivo nao for possivel instalar esta atualizacao em seu ambiente sugerimos algumas medidas paliativas: . Flashblock - extensao para o navegador Mozilla Firefox que impede que conteudo Flash seja carregado automaticamente. https://addons.mozilla.org/en-US/firefox/addon/433 . NoScript - extensao para o navegador Mozilla Firefox que controla a execucao de scripts em sites. Esta extensao tambem controla a execucao do plugin Flash Player. http://noscript.net/ Mais informacoes: . Secunia: Adobe Flash Player "Declare Function (V7)" Heap Overflow http://secunia.com/secunia_research/2007-103/advisory/ . Adobe: Flash Player update available to address security vulnerabilities http://www.adobe.com/support/security/bulletins/apsb08-11.html . US-CERT Vulnerability Notes for Adobe Security advisory APSB08-011 http://www.kb.cert.org/vuls/byid?searchview&query=APSB08-011 . CanSecWest 2008 Pwn2Own Contest (Adobe PSIRT Blog 02/04/2008) http://blogs.adobe.com/psirt/2008/04/cansecwest_2008_pwn2own_contes_1.html . Security Bulletins - April 2008 (Adobe PSIRT Blog 08/04/2008) http://blogs.adobe.com/psirt/2008/04/security_bulletins_april_2008_1.html . CanSecWest PWN2OWN 2008 http://cansecwest.com/post/2008-03-20.21:33:00.CanSecWest_PWN2OWN_2008 Identificadores CVE (http://cve.mitre.org): CVE-2007-5275, CVE-2007-6243, CVE-2007-6637, CVE-2007-6019, CVE-2007-0071, CVE-2008-1655, CVE-2008-1654 O CAIS recomenda que os administradores mantenham seus sistemas e aplicativos sempre atualizados, de acordo com as ultimas versoes e correcoes oferecidas pelos fabricantes. Os Alertas do CAIS tambem sao oferecidos no formato RSS/RDF: http://www.rnp.br/cais/alertas/rss.xml Atenciosamente, ################################################################ # CENTRO DE ATENDIMENTO A INCIDENTES DE SEGURANCA (CAIS) # # Rede Nacional de Ensino e Pesquisa (RNP) # # # # cais em cais.rnp.br http://www.cais.rnp.br # # Tel. 019-37873300 Fax. 019-37873301 # # Chave PGP disponivel http://www.rnp.br/cais/cais-pgp.key # ################################################################ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (GNU/Linux) Comment: Made with pgp4pine 1.76 iQCVAwUBSAkFH+kli63F4U8VAQFq+wP/U0DB3hiYya6bDu/9d3bnpacYmsBnmgrj ds4onWV1D8j6JzpqiGuY22lnwF/97z1df4bfpcZQ6HSZooPX0uZTlSFEUeph7RcZ 804KaCy6RLDDeGnw6zUPB5gexN9z+l5TRGYkbQmIrAEFeUiqCl55TdS5eyHajJaG lS0HxHgleEE= =ILDm -----END PGP SIGNATURE----- ----- End forwarded message ----- From security em unicamp.br Tue Apr 22 10:51:48 2008 From: security em unicamp.br (CSIRT - UNICAMP) Date: Tue, 22 Apr 2008 10:51:48 -0300 Subject: [SECURITY-L] CAIS-Alerta: Caso Isabella Nardoni se torna isca para download de software malicioso Message-ID: <20080422135147.GC68331@unicamp.br> ----- Forwarded message from Centro de Atendimento a Incidentes de Seguranca ----- From: Centro de Atendimento a Incidentes de Seguranca Subject: CAIS-Alerta: Caso Isabella Nardoni se torna isca para download de software malicioso To: pop-seg em cais.rnp.br, rnp-alerta em cais.rnp.br, rnp-seg em cais.rnp.br Date: Fri, 18 Apr 2008 17:32:15 -0300 (BRT) -----BEGIN PGP SIGNED MESSAGE----- Prezados, Desde que o Caso Isabella Nardoni ganhou a atencao do publico, em 30 de Marco, o CAIS identificou diversas tentativas de uso do tema como isca para o download de software malicioso. Assim como o acidente da TAM, em 2007, este caso esta' sendo coberto pela midia com grande destaque. Noticias extraordinarias, boletins especiais e manchetes naturalmente deixam as pessoas curiosas sobre o desenvolvimento do caso. A curiosidade, mais uma vez, e' a vulnerabilidade que fraudadores tentam explorar. Lembramos que as iscas para download de software malicioso podem ser enviadas por diversos meios: e-mail, instant messaging (MSN Messenger, Yahoo! Messenger, Google Talk, entre outros) e ate' mesmo Orkut, como foi noticiado pela Folha Online (veja secao "Mais informacoes"). Catalogo de Fraudes O Centro de Atendimento a Incidentes de Seguranca (CAIS) da Rede Nacional de Ensino e Pesquisa lancou, em 31 de marco, um catalogo de fraudes em seu Website (http://www.rnp.br/cais/fraudes.php). Desde entao foram incluidos mais de 150 amostras de fraude neste catalogo. O objetivo principal da criacao desta pagina e' contribuir com a seguranca na Internet, por meio da disseminacao de informacao aos usuarios, evitando assim o roubo de suas informacoes pessoais, como senhas de bancos ou numeros de cartao de credito, bem como ressaltar os golpes que envolvem o download e execucao inadvertida de software malicioso. Sobre o Caso Isabella Nardoni, 6 modelos de fraudes ja chegaram ao conhecimento do CAIS, todos tentando levar o usuario a fazer o download de software malicioso. Estas mensagens traziam os seguintes textos no campo assunto do e-mail fraudulento: . G1 Online Isabella Nardoni . Caso Isabella Nardoni: A verdade que a televis�o n�o mostrou! . Uol ultimas noticias . Caso Isabella: Exclusivo vizinho grava o assasinato! . Campanha em protesto a Izabella. ajude nos a divulgar . Menina Jogada da janela Assim, recomendamos fortemente a todos os usuarios a utilizarem um firewall pessoal e a manterem seus aplicativos de anti-v�rus e anti-spyware sempre atualizados, com frequencia diaria ou de forma automatica; nao abram anexos de qualquer especie sem antes analisa-los com um anti-virus, e sempre certifiquem-se da autenticidade do endereco de origem dos e-mails recebidos. Em caso de duvida, aconselha-se consultar os sites oficiais da empresa ou instituicao citada na mensagem. Mais informacoes: . CAIS: Catalogo de Fraudes http://www.rnp.br/cais/fraudes.php . CAIS-Alerta: Mensagens falsas relacionadas ao acidente da TAM http://www.rnp.br/cais/alertas/2007/cais-alr-20070719.html . Catalogo de Fraudes CAIS: G1 Online Isabella Nardoni (18/04/2008) http://www.rnp.br/cais/fraudes.php?id=161 . Catalogo de Fraudes CAIS: Caso Isabella Nardoni: A verdade que a televis�o n�o mostrou! (17/04/2008) http://www.rnp.br/cais/fraudes.php?id=156 . Catalogo de Fraudes CAIS: Uol ultimas noticias (14/04/2008) http://www.rnp.br/cais/fraudes.php?id=150 . Catalogo de Fraudes CAIS: Caso Isabella: Exclusivo vizinho grava o assasinato! (11/04/2008) http://www.rnp.br/cais/fraudes.php?id=139 . Catalogo de Fraudes CAIS: Campanha em protesto a Izabella. ajude nos a divulgar. (08/04/2008) http://www.rnp.br/cais/fraudes.php?id=117 . Catalogo de Fraudes CAIS: Menina Jogada da janela (07/04/2008) http://www.rnp.br/cais/fraudes.php?id=112 . Folha Online: Caso Isabella http://www1.folha.uol.com.br/folha/especial/2008/casoisabella/ . Perfil no Orkut usa caso Isabella para disseminar programa invasor http://www1.folha.uol.com.br/folha/informatica/ult124u388743.shtml . Golpe online promete video inedito sobre o caso da menina Isabella http://idgnow.uol.com.br/seguranca/2008/04/15/golpe-online-promete-video-inedito-sobre-o-caso-da-menina-isabella/ O CAIS recomenda que os administradores mantenham seus sistemas e aplicativos sempre atualizados, de acordo com as ultimas versoes e correcoes oferecidas pelos fabricantes. Os Alertas do CAIS tambem sao oferecidos no formato RSS/RDF: http://www.rnp.br/cais/alertas/rss.xml Atenciosamente, ################################################################ # CENTRO DE ATENDIMENTO A INCIDENTES DE SEGURANCA (CAIS) # # Rede Nacional de Ensino e Pesquisa (RNP) # # # # cais em cais.rnp.br http://www.cais.rnp.br # # Tel. 019-37873300 Fax. 019-37873301 # # Chave PGP disponivel http://www.rnp.br/cais/cais-pgp.key # ################################################################ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (GNU/Linux) Comment: Made with pgp4pine 1.76 iQCVAwUBSAkFVOkli63F4U8VAQGYygQAokNg/uYIAtzGlCBF4Ud5ifZRtoCgm2Am oK8cV4EkuyepDXvaRQ98aifY52IkWUN/bn9DP1Vfd8rI6yc4BaYAMfoc726j3RKi snkzfankhJCR5cB/GcjAFxN6xCO79MlT2zdMlRVHI2eHI8abbTQTCgKa92x6kNYq gebIcF3tU8g= =Ji9n -----END PGP SIGNATURE----- ----- End forwarded message -----