Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2012.0692 System Packages Update Required to fix CVE-2012-2955/CVE-2012-2202 Vulnerabilities 20 July 2012 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Lotus Protector for Mail Security Publisher: IBM Operating System: Linux variants Impact/Access: Cross-site Scripting -- Remote with User Interaction Access Confidential Data -- Existing Account Resolution: Patch/Upgrade CVE Names: CVE-2012-2955 CVE-2012-2202 Original Bulletin: http://www-01.ibm.com/support/docview.wss?uid=swg21605199 - --------------------------BEGIN INCLUDED TEXT-------------------- System Packages Update Required to fix CVE-2012-2955/CVE-2012-2202 Vulnerabilities Flash (Alert) Document information Lotus Protector for Mail Security Software version: 2.5, 2.5.1, 2.8 Operating system(s): Linux Software edition: All Editions Reference #: 1605199 Modified date: 2012-07-18 Abstract Two vulnerabilities have been detected in the management interface of the affected products. The vulnerabilities are listed under CVE-2012-2955 and CVE-2012-2202. An update has been created by IBM Security Systems that addresses the vulnerabilities. Content Two vulnerabilities have been detected in the management interface of the affected products. The vulnerabilities are: CVE-2012-2955: "Reflected XSS" allowing the execution of Javascript code as part of the management interface page displayed. CVE-2012-2202: An "Arbitrary File Read" which allows access to files the web server process has authorization to read/ Mitigating Factors: Both attacks are post-authentication and require the attacker to have valid login credentials for the admin UI. The end user interface is not affected by these vulnerabilities. Resolving the Issue: An update has been created by IBM Security Systems that addresses the vulnerabilities. Depending on the Firmware your system is running on, there are several options to proceed. Firmware 2.8 or newer: If you have enabled automatic System Package Updates no further action is necessary. The system will download install the update automatically. If you do manual System Package Updates: - Log in to the Management Console - Go to "Updates" -> "Updates & Licensing" - Install all pending System Package Updates Firmware 2.5: The update must be installed manually SSH to the system (log in as 'root') Run "wget http://upload.cobion.com/download/pnmss/repotools-1.1.3-16059.i586.rpm" Run "rpm -ihv --nodeps repotools-1.1.3-16059.i586.rpm" Cross reference information Segment Product Component Platform Version Edition Security Proventia Network Mail Security System Firmware 2.5, 2.5.1, 2.6, 2.5.0.2, 2.8 All Editions Copyright and trademark information IBM, the IBM logo and ibm.com are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the Web at "Copyright and trademark information" at www.ibm.com/legal/copytrade.shtml. - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBUAjzxO4yVqjM2NGpAQKr+w/7BnaaVAnBsuCZa9Svj8BqpRGoQqLQHVA1 sV2JE5DZAAE5CtHXsEMYmhPvZdlnRDk0fWckIt3baRtDHZ9TDQMhr8wTp+MAtNPM 5uQ1oczt4y4EBoLIXC2x4+UZOvmxM/FhRUVqQVmNGQMOWHDONffBttcLLK9qHGrA 9mgUmnGxS5Vh71rXvnEpE26y/4/+eP8CtikZM9M0qDvAKLoOFdJ05Fz34mKXOBHr Dzhz2S/2tBQ3Y7MCQf7zf8gIv9FQV+KFLK1J4p9w3dyOYAaFkOrMdgd9dJgr+uzy fI6iqeZUBUICxVgVGxCQkMXQWF4tBhKghzNmqlJ//pdoepIzlgh5Z9RQ7fplTgkn irNPBunhgg69345G0RHbn3WLR9WpAjy/CKuYAeVgbXRY1JmsnEheg8gCWSknNZgm qu6uZFSmMsuxb5wEQez+JzqQo+j5LU3BoUB97VPfrJV7SCGa8eMChNy5WlymF5nl 1U+Pr2+ZCrwB2nMiIRPZiUtXuBjfBQW0CKRhAjSfW+NHUr/y8v8FIdv/5vC89Isd l4dhBz3pU8LTCYfJVAXHX5wlSDs1C/lwAFvKqO9qKfHjkPamtJXC6tMLfcE4ekM1 TQrd5qikr61loESj2e+2oteafef3Onxz+eAuXEAHmKocARo8RuiKolZQ+Io+VCwJ XzbDYWtnbCg= =wu9/ -----END PGP SIGNATURE-----