Blog Moved to http://blog.sharpesecurity.com

This blog has moved to http://blog.sharpesecurity.com. Please update your links and RSS feeds accordingly.


email: david @ sharpesecurity.com
website: www.sharpesecurity.com
Twitter: twitter.com/sharpesecurity

SAP BusinessObjects Security Patch Released

SAP has released a security patch for certain versions of SAP BusinessObjects for the Axis2 component. According to the US-CERT write-up:

... anyone with access to the Axis2 port can gain full access to the machine via arbitrary remote code execution. This requires the attacker to upload a malicious web service and to restart the instance of Tomcat. This issue may apply to other products and vendors that embed the Axis2 component. The username is "admin" and the password is "axis2", this is also the default for standalone Axis2 installations.

For further details please refer to the links below. An exploit is currently available for this.


References:
http://www.kb.cert.org/vuls/id/989719
http://spl0it.org/files/talks/source_barcelona10/Hacking%20SAP%20BusinessObjects.pdf?bcsi_scan_896CC636179ADAAE=0&bcsi_scan_filename=Hacking%20SAP%20BusinessObjects.pdf
https://websmp230.sap-ag.de/sap/support/notes/1432881 (requires login)


email: david @ sharpesecurity.com
website: www.sharpesecurity.com
Twitter: twitter.com/sharpesecurity

BlackBerry Attachment Service PDF Distiller Remote Buffer Overflow Vulnerability

RIM has published a bulletin announcing a possible remotely exploitable issue with their Blackberry Attachment Service PDF Distiller. There is no known publicly available exploit code at this time (as of 13 Oct 2010).


References:
http://www.blackberry.com/btsc/search.do?cmd=displayKC&docType=kc&externalId=KB24547#


email: david @ sharpesecurity.com
website: www.sharpesecurity.com
Twitter: twitter.com/sharpesecurity

Oracle October 2010 Patches Released

Oracle has released its October 2010 set of patch. There are 85 total security fixes. 29 of those are for Java.

Several of these fixes address remotely exploitable vulnerabilities. For details please refer to the links below.


References:
http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html (for Java-related patches)
http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html



email: david @ sharpesecurity.com
website: www.sharpesecurity.com
Twitter: twitter.com/sharpesecurity

New Adobe Reader 9.4 and 8.2.5 Versions Released

Adobe has released versions 9.4 and 8.2.5 of their Acrobat and Reader products. These versions contain fixes for several vulnerabilities - one of which is being actively exploited in the wild.


References:
http://www.adobe.com/support/security/bulletins/apsb10-21.html


email: david @ sharpesecurity.com
website: www.sharpesecurity.com
Twitter: twitter.com/sharpesecurity

Hex-Rays Version 1.4 x86 and ARM Decompilers Released

Hex-Rays has released version 1.4 of their x86 and ARM decompilers. The major update is that the decompilers can now be used on the Linux and Apple Mac OS X platforms now. See the link below for a list of all of the fixes and updates.

References:
http://www.hex-rays.com/news1.shtml#101001


email: david @ sharpesecurity.com
website: www.sharpesecurity.com
Twitter: twitter.com/sharpesecurity

IDA Pro 6.0 Released

Hex-Rays has released IDA Pro 6.0. The major change is that the GUI for MS Windows, Linux, and Mac OS X are all the same now (Qt framework-based). A complete list of fixes and updates is at the link below.

References:
http://www.hex-rays.com/idapro/60/index.html


email: david @ sharpesecurity.com
website: www.sharpesecurity.com
Twitter: twitter.com/sharpesecurity