SECUNIA ADVISORY ID: SA38846

VERIFY ADVISORY: http://secunia.com/advisories/38846/

CRITICALITY: Moderately Critical

DESCRIPTION: rPath has issued an update for gzip. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system. Read More...

From the PHPBB Group:

We are sorry to announce the immediate release of phpBB 3.0.7-PL1 to address a security issue which was introduced in 3.0.7, unfortunately the issue wasn't noticed during testing and has only surfaced a week after the release of 3.0.7.

We promised working feeds for phpBB 3.0.7. Sadly, we were not able to deliver on that promise - a critical bug in the permission handling for feeds slipped past. To all people who already have updated to 3.0.7, it is of critical importance to update to 3.0.7-PL1. Otherwise, it is possible for users to bypass permission settings under the following circumstances:

- Feeds are enabled
- Any of the posts or topics feeds are enabled
- The unauthorised user - or one of the groups they are a member of - has forum permissions set on a private forum
- If you have excluded a forum from the list of forums that provide feeds, it is unaffected

The fix for the issue is a single line change inside of feed.php, line 525 has changed from:

$forum_ids = array_keys($auth->acl_getf('f_read'));

to:

$forum_ids = array_keys($auth->acl_getf('f_read', true));

SECUNIA ADVISORY ID: SA38435

VERIFY ADVISORY: http://secunia.com/advisories/38435/

CRITICAL: Moderately Critical

DESCRIPTION: Tielei Wang has discovered a vulnerability in Google Picasa, which can be exploited by malicious people to potentially compromise a user's system. Successful exploitation may allow execution of arbitrary code.
 Read More...

papamike writes:  

System: WinXP

I doubt that many of you out there have even heard of this threat, but it's real and it's out there to destroy your day. And to keep thing interesting there are varing versions of IS2010. I will brag and tell you that since 1995 I have never had a virus on any of my computers. But, while visiting a website that I frequent in the evening hours to watch old movies, IS2010 jumped all over my computer.

Now if you read up on the threat you will find that it's identified as a Rogue Virus. That is something that sends out fake alerts to get you to usually purchase a virus removal software program to remove the "fake" virus. BE AWARE these programs usually do nothing. Actually I found a website a few minutes ago that offers a program that rids your computer of this threat. You download the program, it scans your system showing threats then informs you that you will need to purchase the software to cleanup the problems. Go here to learn more: http://www.virusremovalguru.com/?p=258

What makes IS2010 so dangerous is that it loads a small executable onto your system which downloads fake alerts in rapid succession and it also changes your wallpaper, freezes your desktop, and prevents you from changing the wallpaper that has been changed to one of theirs which tells you that your system is infected. And each time you reboot it loads everything again until the .exe file is destroyed.

The .exe file is automatically triggered and downloads other viruses, trojans, rogue software, and a rootkit all in such a way that your virus scanning software can't keep up. The user possibly gets extremely taken away by how fast things are happening. Your desktop is frozen you can't download anything except download the program that they claim will solve all of your problems. DO NOT download or purchase it.

Here's what I did to get rid of this thing.
 Read More...

SECUNIA ADVISORY ID: SA38545

VERIFY ADVISORY: http://secunia.com/advisories/38545/

Critical: Highly Critical

DESCRIPTION: Some vulnerabilities have been reported in Google Chrome, which can be exploited by malicious people to disclose sensitive information, manipulate certain data, or potentially compromise a user's system. The vulnerabilities are reported in versions prior to 4.0.249.89.  Read More...

Southern writes:  

World's first inter-protocol exploit, but not the last

Underscoring a little-known web vulnerability, hackers are exploiting a weakness in the Mozilla Firefox browser to wreak havoc on Freenode and other networks that cater to users of internet relay chat.

Using a piece of javascript embedded into a web link, the hackers force users of the open-source browser to join IRC networks and flood channels with diatribes that include the same internet address. As IRC users with Firefox follow the link, their browsers are also forced to spam the channels, giving the attack a viral quality that has has caused major disruptions for almost a month.

"Huge numbers of users of the Freenode network ended up getting banned themselves because they would click the link and then they would join the network and flood the network," one of the hackers, who goes by the moniker Weev, told The Register. "We get this huge rollover effect."

Register