Archive for October, 2012

120 results.

[20130202] – Core – Information Disclosure

Oct08
by Ike on October 8, 2012 at 9:09 pm
Posted In: Uncategorized
  • Project: Joomla!
  • SubProject: All
  • Severity: Low
  • Versions: 3.0.2 and earlier 3.0.x versions.
  • Exploit type: Information disclosure
  • Reported Date: 2013-January-16
  • Fixed Date: 2013-February-4
  • CVE Number: CVE-2013-1455

Description

Undefined variable caused information disclosure in some situations.

Affected Installs

Joomla! version 3.0.2 and earlier 3.0.x versions.

Solution

Upgrade to version 3.0.3.

Reported by Mark Dexter

Contact

The JSST at the Joomla! Security Center.

 Comment 

[20121101] – Core – Clickjacking

Oct08
by Ike on October 8, 2012 at 9:09 pm
Posted In: Uncategorized
  • Project: Joomla!
  • SubProject: All
  • Severity: Moderate
  • Versions: 3.0.1 and 3.0.0.
  • Exploit type: Clickjacking vulnerability
  • Reported Date: 2012-October-15
  • Fixed Date: 2012-November-08
  • CVE Number: CVE-2012-5827

Description

Inadequate protection leads to clickjacking vulnerability.

Affected Installs

Joomla! version 3.0.1 and 3.0.0.

Solution

Upgrade to version 3.0.2

Reported by Ajay Singh Negi

Contact

The JSST at the Joomla! Security Center.

 Comment 

[20121102] – Core – Clickjacking

Oct08
by Ike on October 8, 2012 at 9:09 pm
Posted In: Uncategorized
  • Project: Joomla!
  • SubProject: All
  • Severity: Moderate
  • Versions: 2.5.7 and all earlier 2.5.x versions
  • Exploit type: Clickjacking vulnerability
  • Reported Date: 2012-October-15
  • Fixed Date: 2012-November-08
  • CVE Number: CVE-2012-5827

Description

Inadequate protection leads to clickjacking vulnerability.

Affected Installs

Joomla! version 2.5.7 and all earlier 2.5.x versions.

Solution

Upgrade to version 2.5.8

Reported by Ajay Singh Negi

Contact

The JSST at the Joomla! Security Center.

 Comment 

Plesk Mirror Setup Tool 1.2

Oct08
by Ike on October 8, 2012 at 5:35 am
Posted In: Uncategorized

New version of Plesk Mirror Setup Tool 1.2 is uploaded to the article http://kb.parallels.com/113337
Synchronization of extensions/ directory for Linux versions of Plesk has been added.

 Comment 

Ubuntu: 1588-1: Software Properties vulnerability

Oct07
by Ike on October 7, 2012 at 7:26 am
Posted In: Uncategorized

(Oct 1) Software Properties could be tricked into installing arbitrary PPA GPG keys.

 Comment 

Ubuntu: 1595-1: libxslt vulnerabilities

Oct07
by Ike on October 7, 2012 at 7:26 am
Posted In: Uncategorized

(Oct 4) Applications using libxslt could be made to crash or run programs as yourlogin if they processed a specially crafted file.

 Comment 

Debian: 2555-1: libxslt: Multiple vulnerabilities

Oct06
by Ike on October 6, 2012 at 7:22 am
Posted In: Uncategorized

(Oct 5) Nicholas Gregoire and Cris Neckar discovered several memory handling bugs in libxslt, which could lead to denial of service or the execution of arbitrary code if a malformed document is processed. [More…]

 Comment 

Ubuntu: 1596-1: Python 2.6 vulnerabilities

Oct06
by Ike on October 6, 2012 at 7:17 am
Posted In: Uncategorized

(Oct 4) Several security issues were fixed in Python 2.6.

 Comment 

Ubuntu: 1597-1: Linux kernel (EC2) vulnerability

Oct06
by Ike on October 6, 2012 at 7:17 am
Posted In: Uncategorized

(Oct 5) The system could be made to crash under certain conditions.

 Comment 

Parallels Plesk Panel 8.6.0 MU#18 for Linux

Oct05
by Ike on October 5, 2012 at 9:46 am
Posted In: Uncategorized

The following bug has been fixed:
[-] Autoinstaller fails at microupdate installation with error “Unsupported item type: shell (line 244 column 9)”

 Comment 

Ubuntu: 1594-1: Linux kernel (Oneiric backport) vulnerabilities

Oct05
by Ike on October 5, 2012 at 7:08 am
Posted In: Uncategorized

(Oct 3) Several security issues were fixed in the kernel.

 Comment 

Ubuntu: 1576-2: DBus regressions

Oct05
by Ike on October 5, 2012 at 7:08 am
Posted In: Uncategorized

(Oct 4) DBus could be made to run programs as an administrator.

 Comment 

Red Hat: 2012:1323-01: kernel: Important Advisory

Oct05
by Ike on October 5, 2012 at 7:08 am
Posted In: Uncategorized

(Oct 2) Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having [More…]

 Comment 

Parallels Plesk Panel 8.6.0 MU#17 for Linux

Oct04
by Ike on October 4, 2012 at 12:58 pm
Posted In: Uncategorized

The update delivers Major Security fixes on Linux.
It is recommended for all PP users and includes general functionality fixes that improve the stability, compatibility, and security of your PP server.

 Comment 

Parallels Plesk Panel 9.5.4 MU#24 for Linux

Oct04
by Ike on October 4, 2012 at 12:57 pm
Posted In: Uncategorized

The update delivers Major Security fixes on Linux.
It is recommended for all PP users and includes general functionality fixes that improve the stability, compatibility, and security of your PP server.

 Comment 

Parallels Plesk Panel 9.5.5 MU#7 for Windows

Oct04
by Ike on October 4, 2012 at 12:56 pm
Posted In: Uncategorized

The update delivers Major Security fixes on Windows.
It is recommended for all PP users and includes general functionality fixes that improve the stability, compatibility, and security of your PP server.

 Comment 

Parallels Plesk Panel 10.4.4 MU#44

Oct04
by Ike on October 4, 2012 at 12:56 pm
Posted In: Uncategorized

The update delivers Major Security fixes on Linux and Windows.
It is recommended for all PP users and includes general functionality fixes that improve the stability, compatibility, and security of your PP server.

 Comment 

Parallels Plesk Panel 11.0.9 MU#17

Oct04
by Ike on October 4, 2012 at 12:55 pm
Posted In: Uncategorized

The update delivers Major Security fixes on Linux and Windows.
It is recommended for all PP users and includes general functionality fixes that improve the stability, compatibility, and security of your PP server.

 Comment 

SmarterMail 10 support

Oct04
by Ike on October 4, 2012 at 12:25 pm
Posted In: Uncategorized

SmarterMail 10 support has been added in Parallels Plesk 11.0.9

 Comment 

Ubuntu: 1592-1: Python 2.7 vulnerabilities

Oct04
by Ike on October 4, 2012 at 7:04 am
Posted In: Uncategorized

(Oct 2) Several security issues were fixed in Python 2.7.

 Comment 

Ubuntu: 1593-1: devscripts vulnerabilities

Oct04
by Ike on October 4, 2012 at 7:04 am
Posted In: Uncategorized

(Oct 2) Several security issues were fixed in devscripts.

 Comment 

Red Hat: 2012:1326-01: freeradius: Moderate Advisory

Oct04
by Ike on October 4, 2012 at 7:04 am
Posted In: Uncategorized

(Oct 2) Updated freeradius packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate [More…]

 Comment 

Red Hat: 2012:1327-01: freeradius2: Moderate Advisory

Oct04
by Ike on October 4, 2012 at 7:04 am
Posted In: Uncategorized

(Oct 2) Updated freeradius2 packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate [More…]

 Comment 

Parallels Plesk 10.4.4 MU#44

Oct04
by Ike on October 4, 2012 at 4:56 am
Posted In: Uncategorized

The update delivers Major Security fixes on Linux and Windows.
It is recommended for all PP users and includes general functionality fixes that improve the stability, compatibility, and security of your PP server.

 Comment 

Parallels Plesk 11.0.9 MU#17

Oct04
by Ike on October 4, 2012 at 4:55 am
Posted In: Uncategorized

The update delivers Major Security fixes on Linux and Windows.
It is recommended for all PP users and includes general functionality fixes that improve the stability, compatibility, and security of your PP server.

 Comment 

Ubuntu: 1589-1: GNU C Library vulnerabilities

Oct03
by Ike on October 3, 2012 at 7:02 am
Posted In: Uncategorized

(Oct 2) Multiple security issues were fixed in the GNU C Library.

 Comment 

Ubuntu: 1590-1: QEMU vulnerability

Oct03
by Ike on October 3, 2012 at 7:02 am
Posted In: Uncategorized

(Oct 2) QEMU could be made to crash or run programs.

 Comment 

Joomla Community Magazine | October 2012

Oct02
by Ike on October 2, 2012 at 12:10 pm
Posted In: Uncategorized

JCM October 2012

The October issue of the Joomla Community Magazine is here! Our stories this month:

Editors Introduction

Get R3ADY!, by Alice Grevet

Feature Stories

Website Case Study: Russian TV Channel, by Vladimir
Interview: Robert Deutz – The First Joomla! World Conference!, by Dianne Henning
Interview: Paul Orwig on JDay Colombia, by Alice Grevet
Website Case Study: NexGen Music, by Sully Sullivan

Events

JoomlaDay Events in October 2012, by Jacques Rentzke
Joomla! Day Poland 2012, by Radek Suski

Project News

Leadership Highlights – October 2012, by Alice Grevet

Developers

Adding Interceptor Filters via Annotation in Joomla!, by Paul de Raaij
20 Suggestions for Better Style and Script Designing in Joomla! Extensions (Part 1), by Soheil Novinfard

Administrators

Simple Performance Guide, by Ofer Cohen

Business Matters

The Keys to Selling Event Sponsorships, by Luke Summerfield

Sitebuilders

Adding Cool Stuff to Search Results through Semantic HTML and other Tweaks, by Ruth Cheesley
Best Ukrainian sites made ​​on Joomla CMS. Part 4, by Denys Nosov
Part 1 – Review 9 Free Web Hosting Services to Make Your Joomla! Site LIVE, by Tuan Bui
Google Panda & Penguin – How to Identify Problems and Recover Rankings, by Ruth Cheesley

Did you know…?

Joomla Forum User Webdongle reaches 20,000 Posts, by Kenneth Crowder

Book Reviews

Free Book “Joomla! 3 in 10 easy steps”, by Hagen Graf

Designers

Using a Joomla Template Framework to Design your Site, by Scott Greenwald

Google Summer of Code

Google Summer of Code: the Future of the Languages Installer Tool, by Javier Gomez

The Joomla! Haikus

Post your Haikus for October, by Dianne Henning

In our next issue

We want to publish your Joomla! story in the next JCM issue! So take a look at our Author Resources content to get a better idea of what we are looking for, and then register to become a JCM author and submit your Joomla! story!


 Comment 

October 2012 Web Server Survey

Oct02
by Ike on October 2, 2012 at 10:40 am
Posted In: Uncategorized

In the October 2012 survey we received responses from 620,480,777 sites, an increase of 350K sites since last month’s survey.

 Comment 

Most Reliable Hosting Company Sites in September 2012

Oct01
by Ike on October 1, 2012 at 7:00 am
Posted In: Uncategorized

Qube Managed Services was the most reliable hosting company in September, responding to 99.997% of all requests throughout the month. The London-based company specialises in VMware cloud services, colocation, backups and offers PCI-DSS compliant hosting on both virtual and dedicated platforms. Qube has infrastructure in London, Zurich and New York, and was also the most reliable hosting company during

August.

 Comment 

58 queries. 9 mb Memory usage. 0.707 seconds.