From security em unicamp.br Thu Mar 6 14:26:38 2008 From: security em unicamp.br (CSIRT - UNICAMP) Date: Thu, 6 Mar 2008 14:26:38 -0300 Subject: [SECURITY-L] Cursos CERT.br: Calendario 2008 e Novo Curso Message-ID: <20080306172637.GA7959@unicamp.br> From: "CERT.br" Subject: [certbr-anuncios] Cursos CERT.br: Calendario 2008 e Novo Curso To: certbr-anuncios em listas.cert.br Date: Tue, 4 Mar 2008 18:06:48 -0300 Organization: Computer Emergency Response Team Brazil A partir de 2008 o CERT.br passará a ministrar um novo curso do CERT Program, da Carnegie Mellon University: * Overview of Creating and Managing Computer Security Incident Response Teams (CSIRTs) Este curso foi incluído na grade em substituição ao curso "Creating a Computer Security Incident Response Team". Os demais cursos são aqueles exigidos pelo programa de Certificação "CERT-Certified Computer Security Incident Handler". O calendário de cursos para o ano de 2008 está nesta página: http://www.cert.br/cursos/ Os cursos que já estão com inscrições abertas são: * Information Security for Technical Staff Turma: 09 a 13 de junho de 2008 Encerramento das inscrições: 09 de maio de 2008 * Overview of Creating and Managing Computer Security Incident Response Teams Turma: 01 de agosto de 2008 Encerramento das inscrições: 04 de julho de 2008 * Fundamentals of Incident Handling Turma: 04 a 08 de agosto de 2008 Encerramento das inscrições: 04 de julho de 2008 Os formulários de inscrição para os cursos estão disponíveis na página: http://www.cert.br/cursos/inscricao/ Mais informações sobre os outros cursos podem ser obtidas na página: http://www.cert.br/cursos/ Atenciosamente, -- CERT.br http://www.cert.br/ _______________________________________________ certbr-anuncios mailing list certbr-anuncios em listas.cert.br https://listas.cert.br/mailman/listinfo/certbr-anuncios From security em unicamp.br Fri Mar 7 08:53:25 2008 From: security em unicamp.br (CSIRT - UNICAMP) Date: Fri, 7 Mar 2008 08:53:25 -0300 Subject: [SECURITY-L] US-CERT Technical Cyber Security Alert TA08-066A -- Sun Updates for Multiple Vulnerabilities in Java Message-ID: <20080307115325.GA18097@unicamp.br> ----- Forwarded message from US-CERT Technical Alerts ----- From: US-CERT Technical Alerts Subject: US-CERT Technical Cyber Security Alert TA08-066A -- Sun Updates for Multiple Vulnerabilities in Java To: technical-alerts em us-cert.gov Date: Thu, 6 Mar 2008 16:05:32 -0500 Organization: US-CERT - +1 202-205-5266 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA08-066A Sun Updates for Multiple Vulnerabilities in Java Original release date: March 6, 2008 Last revised: -- Source: US-CERT Systems Affected Sun Java Runtime Environment versions * JDK and JRE 6 Update 4 and earlier * JDK and JRE 5.0 Update 14 and earlier * SDK and JRE 1.4.2_16 and earlier * SDK and JRE 1.3.1_21 and earlier Overview Sun has released alerts to address multiple vulnerabilities affecting the Sun Java Runtime Environment. The most severe of these vulnerabilities could allow a remote attacker to execute arbitrary code. I. Description The Sun Java Runtime Environment (JRE) allows users to run Java applications in a browser or as standalone programs. Sun has released updates to the Java Runtime Environment software to address multiple vulnerabilities. Further details about these vulnerabilities are available in the US-CERT Vulnerability Notes Database. Sun released the following alerts to address these issues: * 233321 Two Security Vulnerabilities in the Java Runtime Environment Virtual Machine * 233322 Security Vulnerability in the Java Runtime Environment With the Processing of XSLT Transformations * 233323 Multiple Security Vulnerabilities in Java Web Start May Allow an Untrusted Application to Elevate Privileges * 233324 A Security Vulnerability in the Java Plug-in May Allow an Untrusted Applet to Elevate Privileges * 233325 Vulnerabilties in the Java Runtime Environment image Parsing Library * 233326 Security Vulnerability in the Java Runtime Environment May Allow Untrusted JavaScript Code to Elevate Privileges Through Java APIs * 233327 Buffer Overflow Vulnerability in Java Web Start May Allow an Untrusted Application to Elevate its Privileges II. Impact The impacts of these vulnerabilities vary. The most severe of these vulnerabilities allows a remote attacker to execute arbitrary code. III. Solution Apply an update from Sun These issues are addressed in the following versions of the Sun Java Runtime environment: * JDK and JRE 6 Update 5 or later * JDK and JRE 5.0 Update 15 or later * SDK and JRE 1.4.2_17 or later * SDK and JRE 1.3.1_21 and earlier If you install the latest version of Java, older versions of Java may remain installed on your computer. If these versions of Java are not needed, you may wish to remove them. For instructions on how to remove older versions of Java, refer to the following instructions from Sun. Disable Java Disable Java in your web browser, as specified in the Securing Your Web Browser document. While this does not fix the underlying vulnerabilities, it does block a common attack vector. IV. References * US-CERT Vulnerability Notes for Sun Alerts - * Securing Your Web Browser - * Sun Alert 233321 - * Sun Alert 233322 - * Sun Alert 233323 - * Sun Alert 233324 - * Sun Alert 233325 - * Sun Alert 233326 - * Sun Alert 233327 - * Java SE Technologies at a Glance - * Java SE Security - * Can I remove older versions of the JRE after installing a newer version? - ____________________________________________________________________ The most recent version of this document can be found at: ____________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to with "TA08-066A Feedback VU#223028" in the subject. ____________________________________________________________________ For instructions on subscribing to or unsubscribing from this mailing list, visit . ____________________________________________________________________ Produced 2008 by US-CERT, a government organization. Terms of use: ____________________________________________________________________ Revision History March 6, 2008: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iQEVAwUBR9BZrfRFkHkM87XOAQLTzQgAnYzrhCIWEuWRlfH8tVWZl159MZ+vEX5Z TYwjqClljWyy8edzxNWRUV0pqHVe799hJtRA1luKgTEOWqOtXLrw6/AGdpIf+3CB ikiAEQR4Cirvt5lHRrlZjMG7eBPZwGQtFgHxzVrEE2lwDl5UDGejMDz+rTwJCm7/ HWBkktM7suHWpZu9jKFpfnizFTbzRSXw/CcALe/FwFxjND3hBjnDWv2Gu7bmMaEA 7a/Q8IJ8mNiU6ZIYdriQEVZHZs6IHtzyw39Qh9NpL+NAGuBxna4MXAOtqoIR1Rvt FyzZUfjMvEBSKHvA6VWrWmt/JlaSlcVUZB7jRIyInYTvbYPwAnylXg== =U6aE -----END PGP SIGNATURE----- ----- End forwarded message ----- From security em unicamp.br Fri Mar 7 15:27:57 2008 From: security em unicamp.br (CSIRT - UNICAMP) Date: Fri, 7 Mar 2008 15:27:57 -0300 Subject: [SECURITY-L] CAIS-Alerta: Multiplas Vulnerabilidades no Sun Java (TA08-066A) Message-ID: <20080307182757.GB18097@unicamp.br> ----- Forwarded message from Centro de Atendimento a Incidentes de Seguranca ----- From: Centro de Atendimento a Incidentes de Seguranca Subject: CAIS-Alerta: Multiplas Vulnerabilidades no Sun Java (TA08-066A) To: pop-seg em cais.rnp.br, rnp-alerta em cais.rnp.br, rnp-seg em cais.rnp.br Date: Fri, 7 Mar 2008 11:43:13 -0300 (BRT) -----BEGIN PGP SIGNED MESSAGE----- Prezados, O CAIS esta' repassando o alerta do US-CERT, intitulado "TA08-066A - Sun Updates for Multiple Vulnerabilities in Java", que trata de 12 vulnerabilidades que afetam diversas versoes do Sun Java Runtime Environment. Caso um atacante consiga explorar com sucesso algumas destas vulnerabilidades, ele podera ler ou alterar dados armazenados em um sistema vulneravel, contornando mecanismos de seguranca e comprometendo estes sistemas. Uma vez que uma das principais caracteristicas de aplicacoes Java e' a portabilidade, a capacidade de executar aplicacoes em diversos sistemas operacionais (Windows, distribuicoes Linux) e classes de dispositivos (PCs, celulares) torna estas vulnerabilidades ainda mais criticas e devem ser corrigidas por meio de atualizacao o mais breve possivel. Sistemas afetados: . JDK e JRE 6 Update 4 e anteriores . JDK e JRE 5.0 Update 14 e anteriores . SDK e JRE 1.4.2_16 e anteriores . SDK e JRE 1.3.1_21 e anteriores Correcoes disponiveis: Recomenda-se fazer a atualizacao para as versoes disponiveis em: . JDK and JRE 6 Update 5 http://java.sun.com/javase/downloads/index.jsp . JDK and JRE 5.0 Update 15 http://java.sun.com/javase/downloads/index_jdk5.jsp . SDK and JRE 1.4.2_17 http://java.sun.com/j2se/1.4.2/download.html Mais informacoes: . TA08-066A - Sun Updates for Multiple Vulnerabilities in Java http://www.us-cert.gov/cas/techalerts/TA08-066A.html . SA29239 - Sun Java JDK / JRE Multiple Vulnerabilities http://secunia.com/advisories/29239/ . JavaTM SE 6 Update Release Notes http://java.sun.com/javase/6/webnotes/ReleaseNotes.html . #233321: Two Security Vulnerabilities in the Java Runtime Environment Virtual Machine http://sunsolve.sun.com/search/document.do?assetkey=1-66-233321-1 . #233322: Security Vulnerability in the Java Runtime Environment With the Processing of XSLT Transformations http://sunsolve.sun.com/search/document.do?assetkey=1-66-233322-1 . #233323: Multiple Security Vulnerabilities in Java Web Start May Allow an Untrusted Application to Elevate Privileges http://sunsolve.sun.com/search/document.do?assetkey=1-66-233323-1 . #233324: A Security Vulnerability in the Java Plug-in May Allow an Untrusted Applet to Elevate Privileges http://sunsolve.sun.com/search/document.do?assetkey=1-66-233324-1 . #233325: Vulnerabilties in the Java Runtime Environment image Parsing Library http://sunsolve.sun.com/search/document.do?assetkey=1-66-233325-1 . #233326: Security Vulnerability in the Java Runtime Environment May Allow Untrusted JavaScript Code to Elevate Privileges Through Java APIs http://sunsolve.sun.com/search/document.do?assetkey=1-66-233326-1 . #233327: Buffer Overflow Vulnerability in Java Web Start May Allow an Untrusted Application to Elevate its Privileges http://sunsolve.sun.com/search/document.do?assetkey=1-66-233327-1 Identificador CVE (http://cve.mitre.org): CVE-2008-1185, CVE-2008-1186, CVE-2008-1187, CVE-2008-1188, CVE-2008-1189, CVE-2008-1190, CVE-2008-1191, CVE-2008-1192, CVE-2008-1193, CVE-2008-1194, CVE-2008-1195, CVE-2008-1196 O CAIS recomenda que os administradores mantenham seus sistemas e aplicativos sempre atualizados, de acordo com as ultimas versoes e correcoes oferecidas pelos fabricantes. Os Alertas do CAIS tambem sao oferecidos no formato RSS/RDF: http://www.rnp.br/cais/alertas/rss.xml Atenciosamente, ################################################################ # CENTRO DE ATENDIMENTO A INCIDENTES DE SEGURANCA (CAIS) # # Rede Nacional de Ensino e Pesquisa (RNP) # # # # cais em cais.rnp.br http://www.cais.rnp.br # # Tel. 019-37873300 Fax. 019-37873301 # # Chave PGP disponivel http://www.rnp.br/cais/cais-pgp.key # ################################################################ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (GNU/Linux) Comment: Made with pgp4pine 1.76 iQCVAwUBR9FUiekli63F4U8VAQHFwAQAuwaug5nLwx/Bu2dSfgRh16WjKrarIe2t VqqAUNosj1jP8CvKCBS4qXFkFgr2iUC2KsqYrD471NfOy7lGvywQyPTRjKY06VMu eEGAMggH5LLQJGCkZXDl6J8SGvNGDqt4WoedU0OAwHOpO1wEHrPjCnXFEkFVaGih lzim+5lw9Kk= =uqzP -----END PGP SIGNATURE----- ----- End forwarded message ----- From security em unicamp.br Wed Mar 12 12:41:37 2008 From: security em unicamp.br (CSIRT - UNICAMP) Date: Wed, 12 Mar 2008 12:41:37 -0300 Subject: [SECURITY-L] CAIS-Alerta: Vulnerabilidade no Microsoft Excel (MS08-014) Message-ID: <20080312154124.GA43975@unicamp.br> ----- Forwarded message from Centro de Atendimento a Incidentes de Seguranca ----- From: Centro de Atendimento a Incidentes de Seguranca Subject: CAIS-Alerta: Vulnerabilidade no Microsoft Excel (MS08-014) To: pop-seg em cais.rnp.br, rnp-alerta em cais.rnp.br, rnp-seg em cais.rnp.br Date: Tue, 11 Mar 2008 17:35:50 -0300 (BRT) -----BEGIN PGP SIGNED MESSAGE----- Prezados, O CAIS esta' repassando o alerta da Microsoft, intitulado "MS08-014 - Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (949029)", que trata de multiplas vulnerabilidades encontradas no Microsoft Excel. Tres vulnerabilidades estao relacionadas a abertura e manipulacao de arquivos excel. Uma esta' relacionada a manipulacao de formulas e outra a formatacao condicional de valores. A penultima vulnerabilidade e' decorrente da leitura incorreta de campos de texto rico e a ultima da abertura de aquivos por macros. Das sete vulnerabilidades, as relacionadas ao Excel 2000 sao consideradas criticas pela Microsoft, sendo as demais consideradas importantes. A exploracao das vulnerabilidades pode permitir a execucao remota de codigo no sistema afetado caso um ataque seja realizado com sucesso. Sistemas afetados: . Excel 2000 Service Pack 3 componente do Microsoft Office 2000 Service Pack 3 . Excel 2002 Service Pack 3 componente do Microsoft Office XP Service Pack 3 . Excel 2003 Service Pack 2 componente do Microsoft Office 2003 Service Pack 2 . Excel 2007 componente do 2007 Microsoft Office System . Microsoft Office Excel Viewer 2003 . Microsoft Office Compatibility Pack para Word, Excel, e PowerPoint 2007 File Formats . Microsoft Office 2004 for Mac . Microsoft Office 2008 for Mac Correcoes disponiveis: Recomenda-se fazer a atualizacao para as versoes disponiveis em: . Excel 2000 Service Pack 3 componente do Microsoft Office 2000 Service Pack 3 http://www.microsoft.com/downloads/details.aspx?FamilyId=f7f90c30-1bfd-406b-a77f-612443e30185 . Excel 2002 Service Pack 3 componente do Microsoft Office XP Service Pack 3 http://www.microsoft.com/downloads/details.aspx?FamilyId=907f96d5-d1e9-4471-b41c-3ac811e63038 . Excel 2003 Service Pack 2 componente do Microsoft Office 2003 Service Pack 2 http://www.microsoft.com/downloads/details.aspx?FamilyId=296e5f2c-f594-41c8-a20a-3e4c40ae3948 . Excel 2007 componente do 2007 Microsoft Office System http://www.microsoft.com/downloads/details.aspx?FamilyId=e7634cb5-9531-4284-9554-4168fc488e0c . Microsoft Office Excel Viewer 2003 http://www.microsoft.com/downloads/details.aspx?FamilyId=280bb2ac-b21a-46b5-8751-5a50fbebf107 . Microsoft Office Compatibility Pack para Word, Excel, e PowerPoint 2007 File Formats http://www.microsoft.com/downloads/details.aspx?FamilyId=e9251d71-9098-4125-ae91-7d4c83ea58ad . Microsoft Office 2004 for Mac http://www.microsoft.com/downloads/details.aspx?FamilyId=95DCEB37-B35F-46DB-B280-DB0F3B298AA9 . Microsoft Office 2008 for Mac http://www.microsoft.com/downloads/details.aspx?FamilyId=8FE8C32A-6D7A-482B-97C6-42562F089EE4 Mais informacoes: . MS08-014 - Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (949029) http://www.microsoft.com/technet/security/bulletin/ms08-014.mspx . March Black Tuesday Overview http://www.isc.sans.org/diary.html?storyid=4124 . Microsoft Brasil Security http://www.microsoft.com/brasil/security . Technet Brasil - Central de Seguranca http://www.technetbrasil.com.br/seguranca . Windows Live OneCare http://safety.live.com/site/pt-BR/default.htm Identificador CVE (http://cve.mitre.org): CVE-2008-0111, CVE-2008-0112, CVE-2008-0114, CVE-2008-0115, CVE-2008-0116, CVE-2008-0117, CVE-2008-0081 O CAIS recomenda que os administradores mantenham seus sistemas e aplicativos sempre atualizados, de acordo com as ultimas versoes e correcoes oferecidas pelos fabricantes. Os Alertas do CAIS tambem sao oferecidos no formato RSS/RDF: http://www.rnp.br/cais/alertas/rss.xml Atenciosamente, ################################################################ # CENTRO DE ATENDIMENTO A INCIDENTES DE SEGURANCA (CAIS) # # Rede Nacional de Ensino e Pesquisa (RNP) # # # # cais em cais.rnp.br http://www.cais.rnp.br # # Tel. 019-37873300 Fax. 019-37873301 # # Chave PGP disponivel http://www.rnp.br/cais/cais-pgp.key # ################################################################ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (GNU/Linux) Comment: Made with pgp4pine 1.76 iQCVAwUBR9btK+kli63F4U8VAQEGsgP+PNFn+O5HilXn60JNBnPYSl3RqdumNMZP Rtr8uwQM7zRM/XAeADjWwD0mvqLsXvCNni0VwECiQec3hC9tQozKzwY0VenRi0Dr Aq9qEMt3FSoMQBhYR2QTg4S24apY+5hvQlV36DYQiHABZkrqD5fb6mjyEYNNKKV8 UhkzrmrBAxI= =gTOy -----END PGP SIGNATURE----- ----- End forwarded message ----- From security em unicamp.br Wed Mar 12 12:42:25 2008 From: security em unicamp.br (CSIRT - UNICAMP) Date: Wed, 12 Mar 2008 12:42:25 -0300 Subject: [SECURITY-L] CAIS-Alerta: Vulnerabilidade no Microsoft Outlook (MS08-015) Message-ID: <20080312154216.GB43975@unicamp.br> ----- Forwarded message from Centro de Atendimento a Incidentes de Seguranca ----- From: Centro de Atendimento a Incidentes de Seguranca Subject: CAIS-Alerta: Vulnerabilidade no Microsoft Outlook (MS08-015) To: pop-seg em cais.rnp.br, rnp-alerta em cais.rnp.br, rnp-seg em cais.rnp.br Date: Tue, 11 Mar 2008 17:36:06 -0300 (BRT) -----BEGIN PGP SIGNED MESSAGE----- Prezados, O CAIS esta' repassando o alerta da Microsoft, intitulado "MS08-015 - Vulnerability in Microsoft Outlook Could Allow Remote Code Execution (949031)", que trata de uma vulnerabilidade no Microsoft Outlook. A vulnerabilidade em questao esta' no tratamento inadequado de certos URIs do tipo "mailto:" e permite a execucao remota de codigo. Caso um atacante consiga explorar com sucesso esta vulnerabilidade, ele podera obter o controle total sobre o sistema afetado. Entretanto, se no momento do ataque o usuario que estiver registrado no sistema possuir poucos privilegios o ataque podera' causar danos menores do que um cenario em que este usuario tivesse privilegios de administrador no sistema. A atualizacao deste boletim substitui a atualizacao do boletim MS07-003. Sistemas afetados: . Microsoft Office 2000 Service Pack 3 - Outlook 2000 Service Pack 3 . Microsoft Office XP Service Pack 3 - Outlook 2002 Service Pack 3 . Microsoft Office 2003 Service Pack 2 - Outlook 2003 Service Pack 2 . Microsoft Office 2003 Service Pack 3 - Outlook 2003 Service Pack 3 . 2007 Microsoft Office System - Outlook 2007 Correcoes disponiveis: Recomenda-se fazer a atualizacao para as versoes disponiveis em: . Microsoft Office 2000 Service Pack 3 - Outlook 2000 Service Pack 3 http://www.microsoft.com/downloads/details.aspx?FamilyId=714a49cd-5bca-4719-96a1-e1077f279533 . Microsoft Office XP Service Pack 3 - Outlook 2002 Service Pack 3 http://www.microsoft.com/downloads/details.aspx?FamilyId=59853687-d885-4059-9460-ee403855dbd8 . Microsoft Office 2003 Service Pack 2 - Outlook 2003 Service Pack 2 http://www.microsoft.com/downloads/details.aspx?FamilyId=fccc7c4c-8496-4682-bd46-6590503c1bf2 . Microsoft Office 2003 Service Pack 3 - Outlook 2003 Service Pack 3 http://www.microsoft.com/downloads/details.aspx?FamilyId=fccc7c4c-8496-4682-bd46-6590503c1bf2 . 2007 Microsoft Office System - Outlook 2007 http://www.microsoft.com/downloads/details.aspx?FamilyId=4e2baf00-88eb-4eb6-961a-54245b363c21 Mais informacoes: . MS08-015 - Vulnerability in Microsoft Outlook Could Allow Remote Code Execution (949031) http://www.microsoft.com/technet/security/bulletin/ms08-015.mspx . CAIS-Alerta: Vulnerabilidades no Outlook Express (MS07-003) http://www.rnp.br/cais/alertas/2007/ms07-003.html . SANS ISC 2008-03-11: March Black Tuesday Overview http://isc.sans.org/diary.html?storyid=4124 . Microsoft Brasil Security http://www.microsoft.com/brasil/security . Technet Brasil - Central de Seguranca http://www.technetbrasil.com.br/seguranca . Windows Live OneCare http://safety.live.com/site/pt-BR/default.htm Identificador CVE (http://cve.mitre.org): CVE-2008-0110 O CAIS recomenda que os administradores mantenham seus sistemas e aplicativos sempre atualizados, de acordo com as ultimas versoes e correcoes oferecidas pelos fabricantes. Os Alertas do CAIS tambem sao oferecidos no formato RSS/RDF: http://www.rnp.br/cais/alertas/rss.xml Atenciosamente, ################################################################ # CENTRO DE ATENDIMENTO A INCIDENTES DE SEGURANCA (CAIS) # # Rede Nacional de Ensino e Pesquisa (RNP) # # # # cais em cais.rnp.br http://www.cais.rnp.br # # Tel. 019-37873300 Fax. 019-37873301 # # Chave PGP disponivel http://www.rnp.br/cais/cais-pgp.key # ################################################################ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (GNU/Linux) Comment: Made with pgp4pine 1.76 iQCVAwUBR9btO+kli63F4U8VAQGjRgQAv3xWTxzogsu7XA8sCSkpuJW9ueibqbX4 pmGFUm91GMBXtPbv+JqttnB77/2ievb5IKron20AXb9JxUOV5eeES0i+cl2tctBx eSfT8wEF5dvvLu3S2/gKAWuK+rF5iwj+icoB/C/3nRfq932XEjev+L0vRzlCVPkq abDAHrUDd7s= =S7Fm -----END PGP SIGNATURE----- ----- End forwarded message ----- From security em unicamp.br Wed Mar 12 12:43:08 2008 From: security em unicamp.br (CSIRT - UNICAMP) Date: Wed, 12 Mar 2008 12:43:08 -0300 Subject: [SECURITY-L] CAIS-Alerta: Vulnerabilidades no Microsoft Office (MS08-016) Message-ID: <20080312154256.GC43975@unicamp.br> ----- Forwarded message from Centro de Atendimento a Incidentes de Seguranca ----- From: Centro de Atendimento a Incidentes de Seguranca Subject: CAIS-Alerta: Vulnerabilidades no Microsoft Office (MS08-016) To: pop-seg em cais.rnp.br, rnp-alerta em cais.rnp.br, rnp-seg em cais.rnp.br Date: Tue, 11 Mar 2008 17:36:25 -0300 (BRT) -----BEGIN PGP SIGNED MESSAGE----- Prezados, O CAIS esta' repassando o alerta da Microsoft, intitulado "MS08-016 - Critical Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (949030)", que trata de duas vulnerabilidades recem-descobertas no Microsoft Office. As vulnerabilidades existem devido a ocorrencia de um erro na abertura de um documento do Microsoft Office especialmente preparado. O erro pode corromper a memoria do sistema permitindo que o atacante consiga executar codigo arbitrario no mesmo. Caso um atacante consiga explorar com sucesso esta vulnerabilidade, ele podera obter o controle total sobre o sistema afetado. Entretanto, se no momento do ataque o usuario que estiver registrado no sistema possuir poucos privilegios, o ataque podera causar danos menores do que caso este usuario tivesse privilegios de administrador no sistema. Sistemas afetados: . Microsoft Office 2000 Service Pack 3 . Microsoft Office XP Service Pack 3 . Microsoft Office 2003 Service Pack 2 . Microsoft Office Excel Viewer 2003 . Microsoft Office Excel Viewer 2003 Service Pack 3 . Microsoft Office 2004 para Mac Correcoes disponiveis: Recomenda-se fazer a atualizacao para as versoes disponiveis em : . Microsoft Office 2000 Service Pack 3 http://www.microsoft.com/downloads/details.aspx?familyid=72735aa1-e22c-40ed-8c79-38fba89979aa . Microsoft Office XP Service Pack 3 http://www.microsoft.com/downloads/details.aspx?familyid=9cf8aafa-71a5-4017-b53c-4e80ef6e1188 . Microsoft Office 2003 Service Pack 2 http://www.microsoft.com/downloads/details.aspx?familyid=9f25922c-d3c2-4ef1-b164-8a21a77d29aa . Microsoft Office Excel Viewer 2003 http://www.microsoft.com/downloads/details.aspx?familyid=9f25922c-d3c2-4ef1-b164-8a21a77d29aa . Microsoft Office Excel Viewer 2003 Service Pack 3 http://www.microsoft.com/downloads/details.aspx?familyid=9f25922c-d3c2-4ef1-b164-8a21a77d29aa . Microsoft Office 2004 para Mac http://www.microsoft.com/downloads/details.aspx?FamilyId=95DCEB37-B35F-46DB-B280-DB0F3B298AA9 Mais informacoes: . MS08-016 - Critical Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (949030) http://www.microsoft.com/technet/security/bulletin/MS08-016.mspx . SANS ISC Handler's Diary 2008-03-11: March Black Tuesday Overview http://www.isc.sans.org/diary.html?storyid=4124 . Microsoft Brasil Security http://www.microsoft.com/brasil/security . Technet Brasil - Central de Seguranca http://www.technetbrasil.com.br/seguranca . Windows Live OneCare http://safety.live.com/site/pt-BR/default.htm Identificador CVE (http://cve.mitre.org): CVE-2008-0113, CVE-2008-0118 O CAIS recomenda que os administradores mantenham seus sistemas e aplicativos sempre atualizados, de acordo com as ultimas versoes e correcoes oferecidas pelos fabricantes. Os Alertas do CAIS tambem sao oferecidos no formato RSS/RDF: http://www.rnp.br/cais/alertas/rss.xml Atenciosamente, ################################################################ # CENTRO DE ATENDIMENTO A INCIDENTES DE SEGURANCA (CAIS) # # Rede Nacional de Ensino e Pesquisa (RNP) # # # # cais em cais.rnp.br http://www.cais.rnp.br # # Tel. 019-37873300 Fax. 019-37873301 # # Chave PGP disponivel http://www.rnp.br/cais/cais-pgp.key # ################################################################ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (GNU/Linux) Comment: Made with pgp4pine 1.76 iQCVAwUBR9btTekli63F4U8VAQH4pAP7BYqDqPsgzagPNAzPq2BFkcb6G8jJiP3w R6loMIvN1XmrQyH3Iu8jGYBsAMQLUS5hMpDqwGyBY4MfSjYeX5k0/T1MTDR9b+A0 qqRuXtbutOMmzlrUZzagFEifL9ORgnca23VzdQfv+Nwr7knGy/Wk2rG9VrqWFNZL O/t8Ftsdyko= =eIH5 -----END PGP SIGNATURE----- ----- End forwarded message ----- From security em unicamp.br Wed Mar 12 12:43:38 2008 From: security em unicamp.br (CSIRT - UNICAMP) Date: Wed, 12 Mar 2008 12:43:38 -0300 Subject: [SECURITY-L] Vulnerabilidade no Microsoft Office Web Components (MS08-017) Message-ID: <20080312154338.GD43975@unicamp.br> ----- Forwarded message from Centro de Atendimento a Incidentes de Seguranca ----- From: Centro de Atendimento a Incidentes de Seguranca Subject: Vulnerabilidade no Microsoft Office Web Components (MS08-017) To: pop-seg em cais.rnp.br, rnp-alerta em cais.rnp.br, rnp-seg em cais.rnp.br Date: Tue, 11 Mar 2008 17:36:50 -0300 (BRT) -----BEGIN PGP SIGNED MESSAGE----- Prezados, O CAIS esta' repassando o alerta da Microsoft, intitulado "MS08-017 - Vulnerabilities in Microsoft Office Web Components Could Allow Remote Code Execution (933103)", que trata de duas vulnerabilidades encontradas no Microsoft Office Web Components. As vulnerabilidades ocorrem no gerenciamento de recursos de memoria, ao manipular URLs e paginas web. Um atacante pode explorar estas vulnerabilidades criando uma pagina web especialmente construida, que deve ser visitada pelo usuario, e com isso executar codigo no sistema vulneravel com as permissoes do usuario conectado. Se o usuario conectado tiver permissoes de administrador, o atacante podera' obter controle total sobre o sistema. Sistemas afetados: . Microsoft Office 2000 Service Pack 3 . Microsoft Office XP Service Pack 3 . Visual Studio .NET 2002 Service Pack 1 . Visual Studio .NET 2003 Service Pack 1 . Microsoft BizTalk Server 2000 . Microsoft BizTalk Server 2002 . Microsoft Commerce Server 2000 . Internet Security and Acceleration Server 2000 Service Pack 2 Correcoes disponiveis: Recomenda-se fazer a atualizacao para as versoes disponiveis em: . Microsoft Office 2000 Service Pack 3 http://www.microsoft.com/downloads/details.aspx?FamilyId=806c654a-35e3-4385-855a-4b803249bfcf . Microsoft Office XP Service Pack 3 http://www.microsoft.com/downloads/details.aspx?FamilyId=f54d2a5e-c0ed-4f70-9746-38dd61c8e9d7 . Visual Studio .NET 2002 Service Pack 1 http://www.microsoft.com/downloads/details.aspx?FamilyId=D71B23FA-A873-406D-BAD7-E38E565DEE39 . Visual Studio .NET 2003 Service Pack 1 http://www.microsoft.com/downloads/details.aspx?FamilyId=2FE10CCD-40CB-4090-B83D-EAE3D4ECA174 . Microsoft BizTalk Server 2000 http://www.microsoft.com/downloads/details.aspx?FamilyId=E0993E49C0A811D2973D00C04F79E4B3 . Microsoft BizTalk Server 2002 http://www.microsoft.com/downloads/details.aspx?FamilyId=12B7D09A92AB4596996670799837D961 . Microsoft Commerce Server 2000 http://www.microsoft.com/downloads/details.aspx?FamilyId=71DE76BA-B62C-4A7A-A78A-9317F5255B13 . Internet Security and Acceleration Server 2000 Service Pack 2 http://www.microsoft.com/downloads/details.aspx?FamilyId=526D87BD-C3DA-412E-8765-C15987AE9B01 Mais informacoes: . MS08-017 - Vulnerabilities in Microsoft Office Web Components Could Allow Remote Code Execution (933103) http://www.microsoft.com/technet/security/bulletin/ms08-017.mspx . SANS ISC Handler's Diary 2008-03-11: March Black Tuesday Overview http://www.dshield.org/diary.html?storyid=4124 . Microsoft Brasil Security http://www.microsoft.com/brasil/security . Technet Brasil - Central de Seguranca http://www.technetbrasil.com.br/seguranca . Windows Live OneCare http://safety.live.com/site/pt-BR/default.htm Identificador CVE (http://cve.mitre.org): CVE-2006-4695, CVE-2007-1201 O CAIS recomenda que os administradores mantenham seus sistemas e aplicativos sempre atualizados, de acordo com as ultimas versoes e correcoes oferecidas pelos fabricantes. Os Alertas do CAIS tambem sao oferecidos no formato RSS/RDF: http://www.rnp.br/cais/alertas/rss.xml Atenciosamente, ################################################################ # CENTRO DE ATENDIMENTO A INCIDENTES DE SEGURANCA (CAIS) # # Rede Nacional de Ensino e Pesquisa (RNP) # # # # cais em cais.rnp.br http://www.cais.rnp.br # # Tel. 019-37873300 Fax. 019-37873301 # # Chave PGP disponivel http://www.rnp.br/cais/cais-pgp.key # ################################################################ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (GNU/Linux) Comment: Made with pgp4pine 1.76 iQCVAwUBR9btaOkli63F4U8VAQGc2gQAr33D0BLZtbNRO8l30I0BdMwqCGYxXjNz S+UqiVETC+VRS5NUQfWzGvDRlrN/IEJ027GgWKwkGsR2HVekTb5bDqnCUaPvCebA axIfY6XwqX/O3VH92kEQ5e54ChuiS7qQwkuXZZjuw2V+Ot6Qfi+R5VfdalzwZ7tR pLyKQQ67d2E= =k+qN -----END PGP SIGNATURE----- ----- End forwarded message ----- From security em unicamp.br Wed Mar 12 12:44:07 2008 From: security em unicamp.br (CSIRT - UNICAMP) Date: Wed, 12 Mar 2008 12:44:07 -0300 Subject: [SECURITY-L] US-CERT Technical Cyber Security Alert TA08-071A -- Microsoft Updates for Multiple Vulnerabilities Message-ID: <20080312154407.GE43975@unicamp.br> ----- Forwarded message from US-CERT Technical Alerts ----- From: US-CERT Technical Alerts Subject: US-CERT Technical Cyber Security Alert TA08-071A -- Microsoft Updates for Multiple Vulnerabilities To: technical-alerts em us-cert.gov Date: Tue, 11 Mar 2008 17:07:53 -0400 Organization: US-CERT - +1 202-205-5266 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA08-071A Microsoft Updates for Multiple Vulnerabilities Original release date: March 11, 2008 Last revised: -- Source: US-CERT Systems Affected * Microsoft Office * Microsoft Outlook * Microsoft Excel * Microsoft Excel Viewer * Microsoft Office for Mac * Microsoft Office Web Componenets Overview Microsoft has released updates that address vulnerabilities in Microsoft Office, Outlook, Excel, Excel Viewer, Office for Mac, and Office Web Components. I. Description Microsoft has released updates to address vulnerabilities that affect Microsoft Office, Outlook, Excel, Excel Viewer, Office for Mac, and Office Web Components as part of the Microsoft Security Bulletin Summary for March 2008. The most severe vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code. For more information, see the US-CERT Vulnerability Notes Database. II. Impact A remote, unauthenticated attacker could execute arbitrary code, gain elevated privileges, or cause a denial of service. III. Solution Apply updates from Microsoft Microsoft has provided updates for these vulnerabilities in the March 2008 security bulletin. The security bulletin describe any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. Administrators should consider using an automated update distribution system such as Windows Server Update Services (WSUS). IV. References * US-CERT Vulnerability Notes for Microsoft March 2008 updates - * Microsoft Security Bulletin Summary for March 2008 - * Microsoft Update - * Windows Server Update Services - _________________________________________________________________ The most recent version of this document can be found at: _________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to with "TA08-071A Feedback VU#393305" in the subject. _________________________________________________________________ For instructions on subscribing to or unsubscribing from this mailing list, visit . _________________________________________________________________ Produced 2008 by US-CERT, a government organization. Terms of use: -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iQEVAwUBR9b0APRFkHkM87XOAQLTUwf9HHlM9vQfwMpmCv77RuJKdZgdn5bNTPQA HjsABoxmVZzE4XnArclHPyMivO8x/oel6UFvZgG/h2oGFarK7h1WpvCFQKE/cNO8 c5o0tRhxMx+ri7w7DnkhmhbWTLQ8coqKjzAioKoc2mboNz+PamQO22INjS3ktOyL dRA+qwxSsPN3Bi7NDS2DOdUeAA+VdMn0cQTDLHJ7ZPhzy7JOiVXwQwyO3CwNDeOl C6+FGSk8o1BsMjdP6kRaGnQkgivBi1ID4dcAQA8h0K2IGDPkCBIYiGTvj9pNnpwZ lrP6DdHyd2idzGEXr2R0VlTQPrhabs+YpZq+qzVh6f2tg+Lc9xBwHg== =aCnE -----END PGP SIGNATURE----- ----- End forwarded message ----- From security em unicamp.br Mon Mar 24 08:42:51 2008 From: security em unicamp.br (CSIRT - UNICAMP) Date: Mon, 24 Mar 2008 08:42:51 -0300 Subject: [SECURITY-L] US-CERT Technical Cyber Security Alert TA08-079B -- MIT Kerberos Updates for Multiple Vulnerabilities Message-ID: <20080324114250.GA95392@unicamp.br> ----- Forwarded message from US-CERT Technical Alerts ----- From: US-CERT Technical Alerts Subject: US-CERT Technical Cyber Security Alert TA08-079B -- MIT Kerberos Updates for Multiple Vulnerabilities To: technical-alerts em us-cert.gov Date: Wed, 19 Mar 2008 12:28:49 -0400 Organization: US-CERT - +1 202-205-5266 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA08-079B MIT Kerberos Updates for Multiple Vulnerabilities Original release date: March 19, 2008 Last revised: -- Source: US-CERT Systems Affected * MIT Kerberos Overview The MIT Kerberos implementation contains several vulnerabilities. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code, compromise the key database or cause a denial of service on a vulnerable system. I. Description The MIT Kerberos Development Team has released MIT krb5 Security Advisory 2008-002 to address vulnerabilities in multiple versions of MIT Kerberos. More information about these vulnerabilities can be found in VU#895609 and VU#374121. II. Impact Potential consequences include arbitrary code execution, key database compromise, and denial of service. III. Solution Install updates from your vendor Check with your vendors for patches or updates. For information about a vendor, please see the systems affected section in vulnerability notes VU#895609 and VU#374121 or contact your vendor directly. Administrators who compile MIT Kerberos from source should refer to MIT Security Advisory 2008-002 for more information. IV. References * US-CERT Vulnerability Note VU#895609 - * US-CERT Vulnerability Note VU#374121 - * MIT krb5 Security Advisory 2008-002 - _________________________________________________________________ The most recent version of this document can be found at: _________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to with "TA08-079B Feedback VU#895609" in the subject. _________________________________________________________________ For instructions on subscribing to or unsubscribing from this mailing list, visit . _________________________________________________________________ Produced 2008 by US-CERT, a government organization. Terms of use: ____________________________________________________________________ Revision History March 19, 2008: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iQEVAwUBR+E+pPRFkHkM87XOAQK1jwf/ZDEomMLCZvsmN7KVXa0Il5PqXlfRvG2Y jdWPUCi92qmgvm8LdqoNgAUxnUGYzCHLQzw8ebmnz37AMigDNsYIzFHStgnoJDVi iK6UGC6gHLnGJFuG+otEC9jZaVeIiUbKddB2+vzvmDWLnvIsyxzmHf6lJe0IrZlH ho/cCgpfRctgZHM5Ke+pPPqMjZZ7u0OUQnM7MIcSsZbKxw8x2CyUpaSiheMDhf8p 8JGyx+nkyvZoja6Ee4WCRq3xtVaUlp/sg8IZYY5nav2VuSh15rJXLJCWDBXUU+oV aAXPa2JEx5Cn3S0CFz8SIJ4NoLUp09usVMFyeNd57FMBKRjTAC/DBw== =4wkz -----END PGP SIGNATURE----- ----- End forwarded message ----- From security em unicamp.br Mon Mar 24 08:43:12 2008 From: security em unicamp.br (CSIRT - UNICAMP) Date: Mon, 24 Mar 2008 08:43:12 -0300 Subject: [SECURITY-L] US-CERT Technical Cyber Security Alert TA08-079A -- Apple Updates for Multiple Vulnerabilities Message-ID: <20080324114311.GB95392@unicamp.br> ----- Forwarded message from US-CERT Technical Alerts ----- From: US-CERT Technical Alerts Subject: US-CERT Technical Cyber Security Alert TA08-079A -- Apple Updates for Multiple Vulnerabilities To: technical-alerts em us-cert.gov Date: Wed, 19 Mar 2008 13:01:00 -0400 Organization: US-CERT - +1 202-205-5266 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA08-079A Apple Updates for Multiple Vulnerabilities Original release date: March 19, 2008 Last revised: -- Source: US-CERT Systems Affected * Apple Mac OS X versions prior to and including 10.4.11 and 10.5.2 * Apple Mac OS X Server versions prior to and including 10.4.11 and 10.5.1 * Apple Safari prior to 3.1, including both OS X and Windows versions Overview Apple has released the Apple Security Update 2008-002 and Apple Safari 3.1 to correct multiple vulnerabilities affecting Apple Mac OS X, Mac OS X Server, and Apple Safari. Attackers could exploit these vulnerabilities to execute arbitrary code, gain access to sensitive information, execute cross-site scripting attacks or cause a denial of service. I. Description Apple Security Update 2008-002 and Apple Safari 3.1 to address a number of vulnerabilities affecting Apple Mac OS X, OS X Server, and Safari. Further details are available in the US-CERT Vulnerability Notes Database. II. Impact The impacts of these vulnerabilities vary. Potential consequences include arbitrary code execution, sensitive information disclosure, cross-site scripting, and denial of service. III. Solution Install updates from Apple Install Apple Security Update 2008-002. These and other updates are available via Software Update or via Apple Downloads. IV. References * US-CERT Vulnerability Notes for Apple Security Update 2008-002 - * About the security content of Apple Security Update 2008-002 - * About the security content of Safari 3.1 - * Mac OS X: Updating your software - * Apple Support Downloads - _________________________________________________________________ The most recent version of this document can be found at: _________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to with "TA08-079A Feedback VU#766019" in the subject. _________________________________________________________________ For instructions on subscribing to or unsubscribing from this mailing list, visit . _________________________________________________________________ Produced 2008 by US-CERT, a government organization. Terms of use: ____________________________________________________________________ Revision History March 19, 2008: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iQEVAwUBR+FGcPRFkHkM87XOAQK4Owf/XOOgbik8hEhLWJ4JDcP4crvAEqkwYN1+ pqxpSds4aTp2a77DabWbX4CWZvOM9XUSeQU7SzFHYOXtJLQ8Rd0txac1O7plUeuM W4r2TBdMIGFQfkWJWrQHnbbuA4Cx5M97N5j0CdycISdk2FPgJhQhfCh1GxQ9GcGI RiNoozyYhXNtOXJzz8XGwTGrVyrxVqE4CPxWNmS4/5DixSlajao0U2TSNQ+1Fhp5 G8L0nGfCdGwpxL901XBWDTOAX/Gfa5O21qsbHR3UwjQynG4s4gbDufvTMLJa0va5 /s7y0KTJWFFDmdZ/s2uqRl4or8et1bYU6vDJhFzbSyKen+Zt0MduVw== =z3hA -----END PGP SIGNATURE----- ----- End forwarded message ----- From security em unicamp.br Fri Mar 28 11:22:46 2008 From: security em unicamp.br (CSIRT - UNICAMP) Date: Fri, 28 Mar 2008 11:22:46 -0300 Subject: [SECURITY-L] US-CERT Technical Cyber Security Alert TA08-087B -- Cisco Updates for Multiple Vulnerabilities Message-ID: <20080328142245.GA14294@unicamp.br> ----- Forwarded message from US-CERT Technical Alerts ----- From: US-CERT Technical Alerts Subject: US-CERT Technical Cyber Security Alert TA08-087B -- Cisco Updates for Multiple Vulnerabilities To: technical-alerts em us-cert.gov Date: Thu, 27 Mar 2008 16:05:34 -0400 Organization: US-CERT - +1 202-205-5266 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA08-087B Cisco Updates for Multiple Vulnerabilities Original release date: March 27, 2007 Last revised: -- Source: US-CERT Systems Affected * Cisco IOS Overview Cisco has released Cisco Security Advisory cisco-sa-20080326-bundle to correct multiple vulnerabilities affecting Cisco IOS. Attackers could exploit these vulnerabilities to access sensitive information or cause a denial of service. I. Description Cisco Security Advisory cisco-sa-20080326-bundle addresses a number of vulnerabilities affecting Cisco IOS 12.0, 12.1, 12.2, 12.3, and 12.4. Further details are available in the US-CERT Vulnerability Notes Database. II. Impact The impacts of these vulnerabilities vary. Potential consequences include disclosure of sensitive information and denial of service. III. Solution Upgrade These vulnerabilities are addressed in Cisco Security Advisory cisco-sa-20080326-bundle. IV. References * US-CERT Vulnerability Notes - * Cisco Security Advisory cisco-sa-20080326-bundle - * Cisco Security Advisory: Cisco IOS Virtual Private Dial-up Network Denial of Service Vulnerability - * Cisco Security Advisory: Multiple DLSw Denial of Service Vulnerabilities in Cisco IOS - * Cisco Security Advisory: Cisco IOS User Datagram Protocol Delivery Issue For IPv4/IPv6 Dual-stack Routers - * Cisco Security Advisory: Vulnerability in Cisco IOS with OSPF, MPLS VPN, and Supervisor 32, Supervisor 720, or Route Switch Processor 720 - * Cisco Security Advisory: Cisco IOS Multicast Virtual Private Network (MVPN) Data Leak - ____________________________________________________________________ The most recent version of this document can be found at: ____________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to with "TA08-087B Feedback VU#936177" in the subject. ____________________________________________________________________ For instructions on subscribing to or unsubscribing from this mailing list, visit . ____________________________________________________________________ Produced 2008 by US-CERT, a government organization. Terms of use: ____________________________________________________________________ Revision History March 27, 2008: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iQEVAwUBR+vjW/RFkHkM87XOAQLjnQf+PgUTq9wrF8th28Ur2qUgViOGFbNOzwbp 1Awp1ygPnGsT2BVBdwo7ugfuQXMHiz8rnG/7Ovf5prr3FjI6I/3XRMFTpS/ZmF1W m0e6H+vhJSmvJp02a4X9Rzm8Rq9jYda7SJHAFiiblxMSKOuOn2bKpOPxyrhnZmcA UsuFp5A4mHoMqi4LWO0XqCTBzC1r3myx9j3dVg0yJ0LuIvYWUoqOsHI1ywG+ryLO MfSbpvFgbfU5pn3e61hS++oIpOjmlLuRdu1o/2vHizqcUSfhKx2ccdOUG0c2Opr/ oabL6WpJHRePXbz1jdOPHGVPVH/6OVVSr+L2Ug1Qd8hBLwwbcfGweQ== =pX05 -----END PGP SIGNATURE----- ----- End forwarded message ----- From security em unicamp.br Fri Mar 28 11:23:13 2008 From: security em unicamp.br (CSIRT - UNICAMP) Date: Fri, 28 Mar 2008 11:23:13 -0300 Subject: [SECURITY-L] US-CERT Technical Cyber Security Alert TA08-087A -- Mozilla Updates for Multiple Vulnerabilities Message-ID: <20080328142312.GB14294@unicamp.br> ----- Forwarded message from US-CERT Technical Alerts ----- From: US-CERT Technical Alerts Subject: US-CERT Technical Cyber Security Alert TA08-087A -- Mozilla Updates for Multiple Vulnerabilities To: technical-alerts em us-cert.gov Date: Thu, 27 Mar 2008 16:34:11 -0400 Organization: US-CERT - +1 202-205-5266 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA08-087A Mozilla Updates for Multiple Vulnerabilities Original release date: March 27, 2008 Last revised: -- Source: US-CERT Systems Affected * Mozilla Firefox * Mozilla Thunderbird * Mozilla SeaMonkey Other products based on Mozilla components may also be affected. Overview New versions of Firefox, Thunderbird, and SeaMonkey address several vulnerabilities, the most severe of which could allow a remote attacker to execute arbitrary code on an affected system. I. Description The Mozilla and the SeaMonkey projects have released new versions of Firefox, Thunderbird and SeaMonkey to address several vulnerabilities. Further details about these vulnerabilities are available in Mozilla Foundation Security Advisories and the Vulnerability Notes Database. An attacker could exploit these vulnerabilities by convincing a user to view a specially crafted HTML document, such as a web page or an HTML email message. II. Impact While the impacts of the individual vulnerabilities vary, the most severe could allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. An attacker may also be able to cause a denial of service or execute cross-site scripting attacks. III. Solution Upgrade These vulnerabilities are addressed in Mozilla Firefox 2.0.0.13, Thunderbird 2.0.0.13, and SeaMonkey 1.1.9. Disable JavaScript Some of these vulnerabilities can be mitigated by disabling JavaScript or by using the NoScript extension. For more information about configuring Firefox, please see the Securing Your Web Browser document. Thunderbird disables JavaScript by default. IV. References * US-CERT Vulnerability Notes - * Securing Your Web Browser - * Mozilla Foundation Security Advisories - * Known Vulnerabilities in Mozilla Products - * Mozilla Hall of Fame - * NoScript Firefox Extension - _________________________________________________________________ The most recent version of this document can be found at: _________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to with "TA08-087A Feedback VU#466521" in the subject. _________________________________________________________________ For instructions on subscribing to or unsubscribing from this mailing list, visit . _________________________________________________________________ Produced 2008 by US-CERT, a government organization. Terms of use: ____________________________________________________________________ Revision History March 27, 2008: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iQEVAwUBR+wDN/RFkHkM87XOAQJAhgf/bIVWAfAziBM4goXAtieyD2iOa3IG+6In KhYvC97IuQhVi2OBXW6mIBjBIGSg1mPehN9Su1N2/58hHH5yvmH2mhus2unOV6cQ z+SXE8fuVbWthaeYaAlCRFGjtwek6uaXre1PmfUV4tbrPLZIyo3GgU/W37SIxp3L BtBJTUL2rnEh+c7GH+6PjY6WNZvLHjuSaktSVXkFZZ7cr8cbVF2Q/qluK0Yb04Zu sYlzZnI8kqwlck+EuNOgU1BDfkDCz2ZIMcre6/y7og+btXiLeo+f84DfXLlthqyo Ng4D/I2+9iI/k4QhUOShrOKY3ZQzr9liQn/mtZUFPVxXTuOe9dtK5w== =Ite0 -----END PGP SIGNATURE----- ----- End forwarded message -----