Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2013.0271 Moderate: CloudForms Common 1.1.2 update 22 February 2013 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: CloudForms Common Publisher: Red Hat Operating System: Red Hat Enterprise Linux Server 6 Impact/Access: Overwrite Arbitrary Files -- Existing Account Denial of Service -- Remote/Unauthenticated Cross-site Scripting -- Remote with User Interaction Resolution: Patch/Upgrade CVE Names: CVE-2013-0256 CVE-2013-0184 CVE-2013-0183 CVE-2013-0162 CVE-2012-6109 Reference: ASB-2013.0017 ESB-2013.0267 Original Bulletin: https://rhn.redhat.com/errata/RHSA-2013-0548.html - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: CloudForms Common 1.1.2 update Advisory ID: RHSA-2013:0548-01 Product: Red Hat CloudForms Advisory URL: https://rhn.redhat.com/errata/RHSA-2013-0548.html Issue date: 2013-02-21 CVE Names: CVE-2012-6109 CVE-2013-0162 CVE-2013-0183 CVE-2013-0184 CVE-2013-0256 ===================================================================== 1. Summary: CloudForms Common 1.1.2 is now available. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: CloudForms Cloud Engine for RHEL 6 Server - noarch, x86_64 CloudForms System Engine for RHEL 6 Server - noarch, x86_64 3. Description: Red Hat CloudForms is an on-premise hybrid cloud Infrastructure-as-a-Service (IaaS) product that lets you create and manage private and public clouds. It provides self-service computing resources to users in a managed, governed, and secure way. Three flaws were found in rubygem-rack. A remote attacker could use these flaws to perform a denial of service attack against applications using rubygem-rack. (CVE-2012-6109, CVE-2013-0183, CVE-2013-0184) It was found that documentation created by rubygem-rdoc was vulnerable to a cross-site scripting (XSS) attack. If such documentation was accessible over a network, and a remote attacker could trick a user into visiting a specially-crafted URL, it would lead to arbitrary web script execution in the context of the user's session. As rubygem-rdoc is used for creating documentation for Ruby source files (such as classes, modules, and so on), it is not a common scenario to make such documentation accessible over the network. (CVE-2013-0256) It was found that ruby_parser from rubygem-ruby_parser created a temporary file in an insecure way. A local attacker could use this flaw to perform a symbolic link attack, overwriting arbitrary files accessible to the application using ruby_parser. (CVE-2013-0162) Red Hat would like to thank Eric Hodel of RDoc upstream for reporting CVE-2013-0256. Upstream acknowledges Evgeny Ermakov as the original reporter of CVE-2013-0256. The CVE-2013-0162 issue was discovered by Michael Scherer of the Red Hat Regional IT team. Refer to the CloudForms 1.1.2 Release Notes for further information about this release. The Release Notes will be available shortly from https://access.redhat.com/knowledge/docs/ Users of CloudForms Common are advised to upgrade to these updated packages. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 5. Bugs fixed (http://bugzilla.redhat.com/): 892806 - CVE-2013-0162 rubygem-ruby_parser: incorrect temporary file usage 895277 - CVE-2012-6109 rubygem-rack: parsing Content-Disposition header DoS 895282 - CVE-2013-0183 rubygem-rack: receiving excessively long lines triggers out-of-memory error 895384 - CVE-2013-0184 rubygem-rack: Rack::Auth::AbstractRequest DoS 907820 - CVE-2013-0256 rubygem-rdoc: Cross-site scripting in the documentation created by Darkfish Rdoc HTML generator / template 6. Package List: CloudForms Cloud Engine for RHEL 6 Server: Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/CloudForms/SRPMS/rubygem-activesupport-3.0.10-10.el6cf.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/CloudForms/SRPMS/rubygem-delayed_job-2.1.4-3.el6cf.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/CloudForms/SRPMS/rubygem-nokogiri-1.5.0-0.9.beta4.el6cf.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/CloudForms/SRPMS/rubygem-rack-1.3.0-3.el6cf.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/CloudForms/SRPMS/rubygem-rails_warden-0.5.5-2.el6cf.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/CloudForms/SRPMS/rubygem-rdoc-3.8-6.el6cf.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/CloudForms/SRPMS/rubygem-rspec-rails-2.6.1-7.el6cf.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/CloudForms/SRPMS/rubygem-ruby_parser-2.0.4-6.el6cf.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/CloudForms/SRPMS/rubygem-shoulda-2.11.3-5.el6cf.src.rpm noarch: rubygem-activesupport-3.0.10-10.el6cf.noarch.rpm rubygem-delayed_job-2.1.4-3.el6cf.noarch.rpm rubygem-delayed_job-doc-2.1.4-3.el6cf.noarch.rpm rubygem-nokogiri-doc-1.5.0-0.9.beta4.el6cf.noarch.rpm rubygem-rack-1.3.0-3.el6cf.noarch.rpm rubygem-rails_warden-0.5.5-2.el6cf.noarch.rpm rubygem-rails_warden-doc-0.5.5-2.el6cf.noarch.rpm rubygem-rdoc-3.8-6.el6cf.noarch.rpm rubygem-rdoc-doc-3.8-6.el6cf.noarch.rpm rubygem-rspec-rails-2.6.1-7.el6cf.noarch.rpm rubygem-rspec-rails-doc-2.6.1-7.el6cf.noarch.rpm rubygem-ruby_parser-2.0.4-6.el6cf.noarch.rpm rubygem-ruby_parser-doc-2.0.4-6.el6cf.noarch.rpm rubygem-shoulda-2.11.3-5.el6cf.noarch.rpm rubygem-shoulda-doc-2.11.3-5.el6cf.noarch.rpm x86_64: ruby-nokogiri-1.5.0-0.9.beta4.el6cf.x86_64.rpm rubygem-nokogiri-1.5.0-0.9.beta4.el6cf.x86_64.rpm rubygem-nokogiri-debuginfo-1.5.0-0.9.beta4.el6cf.x86_64.rpm CloudForms System Engine for RHEL 6 Server: Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/CloudForms/SRPMS/rubygem-activesupport-3.0.10-10.el6cf.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/CloudForms/SRPMS/rubygem-delayed_job-2.1.4-3.el6cf.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/CloudForms/SRPMS/rubygem-nokogiri-1.5.0-0.9.beta4.el6cf.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/CloudForms/SRPMS/rubygem-rack-1.3.0-3.el6cf.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/CloudForms/SRPMS/rubygem-rails_warden-0.5.5-2.el6cf.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/CloudForms/SRPMS/rubygem-rdoc-3.8-6.el6cf.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/CloudForms/SRPMS/rubygem-ruby_parser-2.0.4-6.el6cf.src.rpm noarch: rubygem-activesupport-3.0.10-10.el6cf.noarch.rpm rubygem-delayed_job-2.1.4-3.el6cf.noarch.rpm rubygem-delayed_job-doc-2.1.4-3.el6cf.noarch.rpm rubygem-nokogiri-doc-1.5.0-0.9.beta4.el6cf.noarch.rpm rubygem-rack-1.3.0-3.el6cf.noarch.rpm rubygem-rails_warden-0.5.5-2.el6cf.noarch.rpm rubygem-rails_warden-doc-0.5.5-2.el6cf.noarch.rpm rubygem-rdoc-3.8-6.el6cf.noarch.rpm rubygem-rdoc-doc-3.8-6.el6cf.noarch.rpm rubygem-ruby_parser-2.0.4-6.el6cf.noarch.rpm rubygem-ruby_parser-doc-2.0.4-6.el6cf.noarch.rpm x86_64: ruby-nokogiri-1.5.0-0.9.beta4.el6cf.x86_64.rpm rubygem-nokogiri-1.5.0-0.9.beta4.el6cf.x86_64.rpm rubygem-nokogiri-debuginfo-1.5.0-0.9.beta4.el6cf.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2012-6109.html https://www.redhat.com/security/data/cve/CVE-2013-0162.html https://www.redhat.com/security/data/cve/CVE-2013-0183.html https://www.redhat.com/security/data/cve/CVE-2013-0184.html https://www.redhat.com/security/data/cve/CVE-2013-0256.html https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/knowledge/docs/ 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2013 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFRJnS3XlSAg2UNWIIRAqlfAJ9IdWzwR1jRVkigqRmIspu4cz7MfACfcSMq dDqeZ5fkafTxBkjC5g2S5oE= =xVia - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBUScUr+4yVqjM2NGpAQL2SA//fnOHKaWeKUFHSkyBEi6NNuWaLSbJmXmY Ew/KNhnHPwIejKSlSBrzNZjDvhp7D7cUa18VZZs32lULm/p8R+e/QpQUUevjrpid t9fhWdyoVlvHZ0gRSIwW5SZECJk8/voRwHBp2mVP70fZ5MAshLmXCikiF3Tmr3oH 4HVjIMIyd+WvkPfM+oQ0OHQ7nONXQYQkUf1Vt+FYe8FLcTWFgB4M2JiLkJujwoxy ljO/cwTp2I7mHCY03Qn/o6PGQoirRfp48uRdUMI9Wh1xL16YCtoWR49RgDUEELYI xDkP2ZHdt7/Hj2GpVPkp8Dm6YVcSmfT3bXOzu7a5wNSMi82OpRn+CO9jeAjpHO3N tqTmrP7kmicesid6DCfwp/W4Hl/6NEiclzMOXylDPLYMwmYwIEERAfJUdnrjBFEQ PlHR/u3gsgIOkmSnlsZ1goSXjbSz271404NFtlfLowevrObDGA2xrOs+JdbYcm9i 5MAwRXOs0xBTYIIn8/veVMlwN5Yau0/Hpy8wo5VERXQV7/youMPKwrxeRKJVJKvt sIqoSwzNJiRxDvWJvYtAtA5f8SzZkVdi+PghddytBgpiUPIe0AQ0PglY15F2ROy3 LWTI7pDHNlAxLNFjMd+AlAhcxKG/E0zN5YlIt2Q4Lqll69IC9TuEx165GLQ53rlZ ENNFVDyaZ1c= =cibh -----END PGP SIGNATURE-----