exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Red Hat Security Advisory 2012-1542-01

Red Hat Security Advisory 2012-1542-01
Posted Dec 4, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1542-01 - Red Hat CloudForms is an on-premise hybrid cloud Infrastructure-as-a-Service product that lets you create and manage private and public clouds. Multiple input validation vulnerabilities were discovered in rubygem-activerecored. A remote attacker could possibly use these flaws to perform an SQL injection attack against an application using rubygem-activerecord. Multiple cross-site scripting flaws were found in rubygem-actionpack. A remote attacker could use these flaws to conduct XSS attacks against users of an application using rubygem-actionpack.

tags | advisory, remote, vulnerability, xss, sql injection
systems | linux, redhat
advisories | CVE-2012-1986, CVE-2012-1987, CVE-2012-1988, CVE-2012-2139, CVE-2012-2140, CVE-2012-2660, CVE-2012-2661, CVE-2012-2694, CVE-2012-2695, CVE-2012-3424, CVE-2012-3463, CVE-2012-3464, CVE-2012-3465, CVE-2012-3864, CVE-2012-3865, CVE-2012-3867
SHA-256 | f96ce0acf37d0bdcad39fc2ad186927a862b5bffbd7f653a2b6e60984426c0c4

Red Hat Security Advisory 2012-1542-01

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

=====================================================================
Red Hat Security Advisory

Synopsis: Moderate: CloudForms Commons 1.1 security update
Advisory ID: RHSA-2012:1542-01
Product: Red Hat CloudForms
Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-1542.html
Issue date: 2012-12-04
CVE Names: CVE-2012-1986 CVE-2012-1987 CVE-2012-1988
CVE-2012-2139 CVE-2012-2140 CVE-2012-2660
CVE-2012-2661 CVE-2012-2694 CVE-2012-2695
CVE-2012-3424 CVE-2012-3463 CVE-2012-3464
CVE-2012-3465 CVE-2012-3864 CVE-2012-3865
CVE-2012-3867
=====================================================================

1. Summary:

Updated CloudForms Commons packages that fix several security issues are
now available.

The Red Hat Security Response Team has rated this update as having moderate
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

2. Relevant releases/architectures:

Cloud Engine for RHEL 6 Server - noarch
System Engine for RHEL 6 Server - noarch

3. Description:

Red Hat CloudForms is an on-premise hybrid cloud
Infrastructure-as-a-Service (IaaS) product that lets you create and manage
private and public clouds.

Multiple input validation vulnerabilities were discovered in
rubygem-activerecored. A remote attacker could possibly use these flaws
to perform an SQL injection attack against an application using
rubygem-activerecord. (CVE-2012-2660, CVE-2012-2661, CVE-2012-2694,
CVE-2012-2695)

Multiple cross-site scripting (XSS) flaws were found in rubygem-actionpack.
A remote attacker could use these flaws to conduct XSS attacks against
users of an application using rubygem-actionpack. (CVE-2012-3463,
CVE-2012-3464, CVE-2012-3465)

A flaw was found in the HTTP digest authentication implementation in
rubygem-actionpack. A remote attacker could use this flaw to cause a
denial of service of an application using rubygem-actionpack and digest
authentication. (CVE-2012-3424)

An input validation flaw was found in rubygem-mail's Exim and Sendmail
delivery methods. A remote attacker could use this flaw to execute
arbitrary commands with the privileges of an application using
rubygem-mail. (CVE-2012-2140)

A directory traversal flaw was found in rubygem-mail's file delivery
method. A remote attacker could use this flaw to send a mail with a
specially crafted To: header and write to files with the privileges of
an application using rubygem-mail. (CVE-2012-2139)

Puppet was updated to version 2.6.17, which fixes multiple security
issues. These issues are not exposed by CloudForms. (CVE-2012-1986,
CVE-2012-1987, CVE-2012-1988, CVE-2012-3864, CVE-2012-3865, CVE-2012-3867)

Red Hat would like to thank Puppet Labs for reporting CVE-2012-1988,
CVE-2012-1986, CVE-2012-1987, CVE-2012-3864, CVE-2012-3865, and
CVE-2012-3867.

Users are advised to upgrade to these CloudForms Commons packages, which
resolve these issues.

4. Solution:

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258

5. Bugs fixed (http://bugzilla.redhat.com/):

810069 - CVE-2012-1986 puppet: Filebucket arbitrary file read
810070 - CVE-2012-1987 puppet: Filebucket denial of service
810071 - CVE-2012-1988 puppet: Filebucket arbitrary code execution
816352 - CVE-2012-2139 CVE-2012-2140 rubygem-mail: arbitrary command execution when using exim or sendmail from commandline, file system traversal flaw
827353 - CVE-2012-2660 rubygem-actionpack: Unsafe query generation
827363 - CVE-2012-2661 rubygem-activerecord: SQL injection when processing nested query paramaters
831573 - CVE-2012-2695 rubygem-activerecord: SQL injection when processing nested query paramaters (a different flaw than CVE-2012-2661)
831581 - CVE-2012-2694 rubygem-actionpack: Unsafe query generation (a different flaw than CVE-2012-2660)
839130 - CVE-2012-3864 puppet: authenticated clients allowed to read arbitrary files from the puppet master
839131 - CVE-2012-3865 puppet: authenticated clients allowed to delete arbitrary files on the puppet master
839158 - CVE-2012-3867 puppet: insufficient validation of agent names in CN of SSL certificate requests
843711 - CVE-2012-3424 rubygem-actionpack: DoS vulnerability in authenticate_or_request_with_http_digest
847196 - CVE-2012-3463 rubygem-actionpack: potential XSS vulnerability in select_tag prompt
847199 - CVE-2012-3464 rubygem-actionpack: potential XSS vulnerability
847200 - CVE-2012-3465 rubygem-actionpack: XSS Vulnerability in strip_tags

6. Package List:

Cloud Engine for RHEL 6 Server:

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/CloudForms/SRPMS/converge-ui-devel-1.0.4-1.el6cf.src.rpm
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/CloudForms/SRPMS/puppet-2.6.17-2.el6cf.src.rpm
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/CloudForms/SRPMS/rubygem-actionpack-3.0.10-10.el6cf.src.rpm
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/CloudForms/SRPMS/rubygem-activerecord-3.0.10-6.el6cf.src.rpm
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/CloudForms/SRPMS/rubygem-activesupport-3.0.10-4.el6cf.src.rpm
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/CloudForms/SRPMS/rubygem-chunky_png-1.2.0-3.el6cf.src.rpm
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/CloudForms/SRPMS/rubygem-compass-0.11.5-2.el6cf.src.rpm
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/CloudForms/SRPMS/rubygem-compass-960-plugin-0.10.4-2.el6cf.src.rpm
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/CloudForms/SRPMS/rubygem-delayed_job-2.1.4-2.el6cf.src.rpm
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/CloudForms/SRPMS/rubygem-ldap_fluff-0.1.3-1.el6_3.src.rpm
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/CloudForms/SRPMS/rubygem-mail-2.3.0-3.el6cf.src.rpm
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/CloudForms/SRPMS/rubygem-net-ldap-0.1.1-3.el6cf.src.rpm

noarch:
converge-ui-devel-1.0.4-1.el6cf.noarch.rpm
puppet-2.6.17-2.el6cf.noarch.rpm
puppet-server-2.6.17-2.el6cf.noarch.rpm
rubygem-actionpack-3.0.10-10.el6cf.noarch.rpm
rubygem-activerecord-3.0.10-6.el6cf.noarch.rpm
rubygem-activesupport-3.0.10-4.el6cf.noarch.rpm
rubygem-chunky_png-1.2.0-3.el6cf.noarch.rpm
rubygem-compass-0.11.5-2.el6cf.noarch.rpm
rubygem-compass-960-plugin-0.10.4-2.el6cf.noarch.rpm
rubygem-compass-960-plugin-doc-0.10.4-2.el6cf.noarch.rpm
rubygem-delayed_job-2.1.4-2.el6cf.noarch.rpm
rubygem-delayed_job-doc-2.1.4-2.el6cf.noarch.rpm
rubygem-ldap_fluff-0.1.3-1.el6_3.noarch.rpm
rubygem-mail-2.3.0-3.el6cf.noarch.rpm
rubygem-mail-doc-2.3.0-3.el6cf.noarch.rpm
rubygem-net-ldap-0.1.1-3.el6cf.noarch.rpm

System Engine for RHEL 6 Server:

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/CloudForms/SRPMS/converge-ui-devel-1.0.4-1.el6cf.src.rpm
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/CloudForms/SRPMS/puppet-2.6.17-2.el6cf.src.rpm
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/CloudForms/SRPMS/rubygem-actionpack-3.0.10-10.el6cf.src.rpm
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/CloudForms/SRPMS/rubygem-activerecord-3.0.10-6.el6cf.src.rpm
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/CloudForms/SRPMS/rubygem-activesupport-3.0.10-4.el6cf.src.rpm
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/CloudForms/SRPMS/rubygem-chunky_png-1.2.0-3.el6cf.src.rpm
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/CloudForms/SRPMS/rubygem-compass-0.11.5-2.el6cf.src.rpm
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/CloudForms/SRPMS/rubygem-compass-960-plugin-0.10.4-2.el6cf.src.rpm
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/CloudForms/SRPMS/rubygem-delayed_job-2.1.4-2.el6cf.src.rpm
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/CloudForms/SRPMS/rubygem-ldap_fluff-0.1.3-1.el6_3.src.rpm
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/CloudForms/SRPMS/rubygem-mail-2.3.0-3.el6cf.src.rpm
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/CloudForms/SRPMS/rubygem-net-ldap-0.1.1-3.el6cf.src.rpm

noarch:
converge-ui-devel-1.0.4-1.el6cf.noarch.rpm
puppet-2.6.17-2.el6cf.noarch.rpm
puppet-server-2.6.17-2.el6cf.noarch.rpm
rubygem-actionpack-3.0.10-10.el6cf.noarch.rpm
rubygem-activerecord-3.0.10-6.el6cf.noarch.rpm
rubygem-activesupport-3.0.10-4.el6cf.noarch.rpm
rubygem-chunky_png-1.2.0-3.el6cf.noarch.rpm
rubygem-compass-0.11.5-2.el6cf.noarch.rpm
rubygem-compass-960-plugin-0.10.4-2.el6cf.noarch.rpm
rubygem-compass-960-plugin-doc-0.10.4-2.el6cf.noarch.rpm
rubygem-delayed_job-2.1.4-2.el6cf.noarch.rpm
rubygem-delayed_job-doc-2.1.4-2.el6cf.noarch.rpm
rubygem-ldap_fluff-0.1.3-1.el6_3.noarch.rpm
rubygem-mail-2.3.0-3.el6cf.noarch.rpm
rubygem-mail-doc-2.3.0-3.el6cf.noarch.rpm
rubygem-net-ldap-0.1.1-3.el6cf.noarch.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package

7. References:

https://www.redhat.com/security/data/cve/CVE-2012-1986.html
https://www.redhat.com/security/data/cve/CVE-2012-1987.html
https://www.redhat.com/security/data/cve/CVE-2012-1988.html
https://www.redhat.com/security/data/cve/CVE-2012-2139.html
https://www.redhat.com/security/data/cve/CVE-2012-2140.html
https://www.redhat.com/security/data/cve/CVE-2012-2660.html
https://www.redhat.com/security/data/cve/CVE-2012-2661.html
https://www.redhat.com/security/data/cve/CVE-2012-2694.html
https://www.redhat.com/security/data/cve/CVE-2012-2695.html
https://www.redhat.com/security/data/cve/CVE-2012-3424.html
https://www.redhat.com/security/data/cve/CVE-2012-3463.html
https://www.redhat.com/security/data/cve/CVE-2012-3464.html
https://www.redhat.com/security/data/cve/CVE-2012-3465.html
https://www.redhat.com/security/data/cve/CVE-2012-3864.html
https://www.redhat.com/security/data/cve/CVE-2012-3865.html
https://www.redhat.com/security/data/cve/CVE-2012-3867.html
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2012 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFQvmNDXlSAg2UNWIIRAsT1AKC0njSJM+mT6sXBY2tY9K7a7wa2zwCfd6dz
7/ckq62GY//PjJhueUGO298=
=nIh2
-----END PGP SIGNATURE-----


--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close