Adobe, Google and other Patch Tuesday patches
Adobe
Adobe published two advisories today:
(Correction: APSB13-25 was released last month, and I have removed it from this diary. Instead, APSB13-27 was added below)
APSB13-26: Security Updates for Flash Player
This update affects the Windows, OS X as well as the Linux version of Adobe Flash Player 11.9 (11.2 for Linux) , as well as Adobe Air 3.9. The Flashplayer vulnerability is assigned a priority of "1" on Windows and OS X which indicates an exploit has been sighted in the wild and Adobe recommends patch "as soon as possible" (72 hrs).
Vulnerabilities that are covered by this patch: CVE-2013-5329, CVE-2013-5330.
APSB13-27: Hotfix for Coldfusion
This hotfix affects Coldfusion 9 as well as 10. Adobe assigned it a priority of 1 for Coldfusion 10 and 2 for Coldfusion 9.x . The hotfix patches two vulnerabilities:
1 - A reflective XSS vulnerability in Coldfusion 9/10 (CVE-2013-5326)
2 - An authentication bypass problem in Coldfusion 10 (CVE-2013-5328)
The second vulnerability which allows unauthorized remote read access is probably the reason this hotfix is rated "1" for Coldfusion 10.
Google released a new version of Chrome today: Chrome 31. The update includes 25 security fixes. Not exactly a security fix, but still interesting: Chrome 31 improves the SSL ciphers by adding support for the AES-GCM ciphers.
------
Johannes B. Ullrich, Ph.D.
SANS Technology Institute
Twitter
Network Monitoring and Threat Detection In-Depth | Singapore | Nov 18th - Nov 23rd 2024 |
Comments
ASPB13-25 was released last month and Reader 11.0.05 was released on Oct 8th
http://www.adobe.com/support/security/bulletins/apsb13-25.html
??
Anonymous
Nov 12th 2013
1 decade ago
Anonymous
Nov 12th 2013
1 decade ago
I went to :https://www.adobe.com/support/security/bulletins/apsb13-26.html
clicked on the top link and I get: http://get.adobe.com/flashplayer/
looking in Flagfox I see it is a Ukraine IP: 192.150.16.58
I then went to the top Domain in Adobe then to the downloads page and I get the same thing.
openDNS is my DNS resolver
Since when did Adobe start hosting the Flash downloads in the Ukraine? I'm thinking it could be bogus.
I just refreshed it twice now it shows as USA based Apache NOT JRun in Ukraine....odd stuff
Anonymous
Nov 12th 2013
1 decade ago
Anonymous
Nov 12th 2013
1 decade ago
Anonymous
Nov 12th 2013
1 decade ago
I looked at www.arin.net/whois -- that /24 is allocated to ADOBE, as is 192.150.15.0/24 and 192.150.17.0/24
Using NSLOOKUP with the '-debug' option shows a TTL of about 30 seconds for the result, either:
Name: get.wip4.adobe.com
Address: 192.150.16.58
Aliases: get.adobe.com
or:
Name: get.wip4.adobe.com
Address: 193.104.215.66
Aliases: get.adobe.com
i.e., somewhere in Texas or somewhere in Europe.
Round-robin load-balancing by Adobe's DNS-servers ?
adobe.com
nameserver = adobe-dns-03.adobe.com
ttl = 1955 (32 mins 35 secs)
nameserver = adobe-dns-05.adobe.com
ttl = 1955 (32 mins 35 secs)
nameserver = adobe-dns-04.adobe.com
ttl = 1955 (32 mins 35 secs)
nameserver = adobe-dns-02.adobe.com
ttl = 1955 (32 mins 35 secs)
nameserver = adobe-dns-01.adobe.com
ttl = 1955 (32 mins 35 secs)
Comments?
Anonymous
Nov 14th 2013
1 decade ago