Moab Authentication Bypass (insecure message signing) [CVE-2014-5376]

##[Moab Authentication Bypass (insecure message signing) : CVE-2014-5376]##

Software: Moab
Affected Versions: Dependent on configuration, can affect all versions of Moab including Moab 8
CVE Reference: CVE-2014-5376
Author: John Fitzpatrick, Luke Jennings MWR Labs (http://labs.mwrinfosecurity.com/)
Severity: High Risk
Vendor: Adaptive Computing
Vendor Response: Provided additional guidance in 7.2.9 release notes (MOAB-7480)


##[Description]
Moab provides two methods to authenticate messages sent by users (e.g. job submissions). The default scheme which is widely used is insecure and can be circumvented in order to impersonate other users and perform operations on their behalf.


##[Impact]

It is possible to exploit this issue remotely in order to perform any operation on the server from the perspective of any user role. Examples include submitting jobs as arbitrary users (including as root), as well as reconfiguring the Moab server itself.

Moab User Impersonation [CVE-2014-5375]

##[Moab User Impersonation : CVE-2014-5375]##

Software: Moab
Affected Versions: All current versions of Moab. However, the impact is limited in Moab 7.2.9 and Moab 8.
CVE Reference: CVE-2014-5375
Author: John Fitzpatrick, Luke Jennings MWR Labs (http://labs.mwrinfosecurity.com/)
Severity: High Risk
Vendor: Adaptive Computing
Vendor Response: Updates in Moab 7.2.9 and Moab 8 provide some mitigations


##[Description]

It is possible to submit jobs to Moab as arbitrary users due to insufficient authentication checks during the submission of a job to the Moab server.


##[Impact]
Users are able to submit jobs as arbitrary users. In environments that permit it this could allow job execution as root.


##[Cause]

Moab does not sufficiently validate the job submissions against its intended user ID values.

[SECURITY] [DSA 3037-1] icedove security update

Debian Security Advisory DSA-3037-1                   security@debian.org
http://www.debian.org/security/                         Yves-Alexis Perez
September 26, 2014                     http://www.debian.org/security/faq
- ------------------------------------------------------------
-------------

Package        : icedove
CVE ID         : CVE-2014-1568

Antoine Delignat-Lavaud from Inria discovered an issue in the way NSS (the
Mozilla Network Security Service library, embedded in Wheezy's Icedove),
was parsing ASN.1 data used in signatures, making it vulnerable to a
signature forgery attack.

An attacker could craft ASN.1 data to forge RSA certificates with a valid
certification chain to a trusted CA.

For the stable distribution (wheezy), this problem has been fixed in
version 24.8.1esr-1~deb7u1.

For the testing distribution (jessie) and unstable distribution (sid),
Icedove uses the system NSS library, handled in DSA 3033-1.

We recommend that you upgrade your icedove packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org

[SECURITY] [DSA 3038-1] libvirt security update

Debian Security Advisory DSA-3038-1                   security@debian.org
http://www.debian.org/security/                      Salvatore Bonaccorso
September 27, 2014                     http://www.debian.org/security/faq
- ------------------------------------------------------------
-------------

Package        : libvirt
CVE ID         : CVE-2014-0179 CVE-2014-3633
Debian Bug     : 762203

Several vulnerabilities were discovered in Libvirt, a virtualisation
abstraction library. The Common Vulnerabilities and Exposures project
identifies the following problems:

CVE-2014-0179

    Richard Jones and Daniel P. Berrange found that libvirt passes the
    XML_PARSE_NOENT flag when parsing XML documents using the libxml2
    library, in which case all XML entities in the parsed documents are
    expanded. A user able to force libvirtd to parse an XML document
    with an entity pointing to a special file that blocks on read access
    could use this flaw to cause libvirtd to hang indefinitely,
    resulting in a denial of service on the system.

[slackware-security] mozilla-firefox (SSA:2014-271-01)

[slackware-security]  mozilla-firefox (SSA:2014-271-01)

New mozilla-firefox packages are available for Slackware 14.1 and -current to
fix security issues.


Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/mozilla-firefox-24.8.1esr-i486-1_
slack14.1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
  (* Security fix *)
+--------------------------+


Where to find the new packages:
+-----------------------------+

Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project!  :-)

Also see the "Get Slack" section on http://slackware.com for
additional mirror sites near you.

Moab Authentication Bypass [CVE-2014-5300]

##[Moab Authentication Bypass : CVE-2014-5300]##

Software: Moab
Affected Versions: All versions prior to Moab 7.2.9 and Moab 8
CVE Reference: CVE-2014-5300
Author: John Fitzpatrick, MWR Labs (http://labs.mwrinfosecurity.com/)
Severity: High Risk
Vendor: Adaptive Computing
Vendor Response: Resolved in Moab 7.2.9 and Moab 8


##[Description]

It is possible to bypass authentication within Moab in order to impersonate and run commands/operations as arbitrary users. The issue is believed to affect all versions of Moab prior to versions 7.2.9 and Moab 8.


##[Impact]

Successful exploitation could lead to remote code execution.