Executive Summary

Summary
Title raptor security update
Informations
Name RHSA-2012:0410 First vendor Publication 2012-03-22
Vendor RedHat Last vendor Modification 2012-03-22
Severity (Vendor) Important Revision 01

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:P/I:N/A:N)
Cvss Base Score 4.3 Attack Range Network
Cvss Impact Score 2.9 Attack Complexity Medium
Cvss Expoit Score 8.6 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Problem Description:

Updated raptor packages that fix one security issue are now available for Red Hat Enterprise Linux 6.

The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64

3. Description:

Raptor provides parsers for Resource Description Framework (RDF) files.

An XML External Entity expansion flaw was found in the way Raptor processed RDF files. If an application linked against Raptor were to open a specially-crafted RDF file, it could possibly allow a remote attacker to obtain a copy of an arbitrary local file that the user running the application had access to. A bug in the way Raptor handled external entities could cause that application to crash or, possibly, execute arbitrary code with the privileges of the user running the application. (CVE-2012-0037)

Red Hat would like to thank Timothy D. Morgan of VSR for reporting this issue.

All Raptor users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. All running applications linked against Raptor must be restarted for this update to take effect.

4. Solution:

Before applying this update, make sure all previously-released errata relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258

5. Bugs fixed (http://bugzilla.redhat.com/):

791296 - CVE-2012-0037 raptor: XML External Entity (XXE) attack via RDF files

Original Source

Url : https://rhn.redhat.com/errata/RHSA-2012-0410.html

CWE : Common Weakness Enumeration

idName
CWE-200Information Exposure

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:21474
 
Oval ID: oval:org.mitre.oval:def:21474
Title: RHSA-2012:0411: openoffice.org security update (Important)
Description: Redland Raptor (aka libraptor) before 2.0.7, as used by OpenOffice 3.3 and 3.4 Beta, LibreOffice before 3.4.6 and 3.5.x before 3.5.1, and other products, allows user-assisted remote attackers to read arbitrary files via a crafted XML external entity (XXE) declaration and reference in an RDF document.
Family: unix Class: patch
Reference(s): RHSA-2012:0411-01
CESA-2012:0411
CVE-2012-0037
Version: 4
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Product(s): openoffice.org
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21328
 
Oval ID: oval:org.mitre.oval:def:21328
Title: RHSA-2012:0410: raptor security update (Important)
Description: Redland Raptor (aka libraptor) before 2.0.7, as used by OpenOffice 3.3 and 3.4 Beta, LibreOffice before 3.4.6 and 3.5.x before 3.5.1, and other products, allows user-assisted remote attackers to read arbitrary files via a crafted XML external entity (XXE) declaration and reference in an RDF document.
Family: unix Class: patch
Reference(s): RHSA-2012:0410-01
CESA-2012:0410
CVE-2012-0037
Version: 4
Platform(s): Red Hat Enterprise Linux 6
CentOS Linux 6
Product(s): raptor
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21265
 
Oval ID: oval:org.mitre.oval:def:21265
Title: USN-1901-1 -- raptor2 vulnerability
Description: Applications using Raptor could be made to expose sensitive information or run programs as your login if they opened a specially crafted file.
Family: unix Class: patch
Reference(s): USN-1901-1
CVE-2012-0037
Version: 5
Platform(s): Ubuntu 12.04
Product(s): raptor2
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16854
 
Oval ID: oval:org.mitre.oval:def:16854
Title: USN-1480-1 -- Raptor vulnerability
Description: Applications using Raptor could be made to expose sensitive information or run programs as your login if they opened a specially crafted file.
Family: unix Class: patch
Reference(s): usn-1480-1
CVE-2012-0037
Version: 7
Platform(s): Ubuntu 12.04
Ubuntu 11.04
Ubuntu 11.10
Ubuntu 10.04
Product(s): raptor
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15215
 
Oval ID: oval:org.mitre.oval:def:15215
Title: DSA-2438-1 raptor -- programming error
Description: It was discovered that Raptor, a RDF parser and serializer library, allows file inclusion through XML entities, resulting in information disclosure.
Family: unix Class: patch
Reference(s): DSA-2438-1
CVE-2012-0037
Version: 5
Platform(s): Debian GNU/Linux 6.0
Debian GNU/kFreeBSD 6.0
Product(s): raptor
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23828
 
Oval ID: oval:org.mitre.oval:def:23828
Title: ELSA-2012:0410: raptor security update (Important)
Description: Redland Raptor (aka libraptor) before 2.0.7, as used by OpenOffice 3.3 and 3.4 Beta, LibreOffice before 3.4.6 and 3.5.x before 3.5.1, and other products, allows user-assisted remote attackers to read arbitrary files via a crafted XML external entity (XXE) declaration and reference in an RDF document.
Family: unix Class: patch
Reference(s): ELSA-2012:0410-01
CVE-2012-0037
Version: 6
Platform(s): Oracle Linux 6
Product(s): raptor
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23158
 
Oval ID: oval:org.mitre.oval:def:23158
Title: ELSA-2012:0411: openoffice.org security update (Important)
Description: Redland Raptor (aka libraptor) before 2.0.7, as used by OpenOffice 3.3 and 3.4 Beta, LibreOffice before 3.4.6 and 3.5.x before 3.5.1, and other products, allows user-assisted remote attackers to read arbitrary files via a crafted XML external entity (XXE) declaration and reference in an RDF document.
Family: unix Class: patch
Reference(s): ELSA-2012:0411-01
CVE-2012-0037
Version: 6
Platform(s): Oracle Linux 5
Product(s): openoffice.org
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application2
Application10
Application1

OpenVAS Exploits

DateDescription
2012-09-26Name : Gentoo Security Advisory GLSA 201209-05 (libreoffice)
File : nvt/glsa_201209_05.nasl
2012-08-30Name : Fedora Update for raptor FEDORA-2012-10591
File : nvt/gb_fedora_2012_10591_raptor_fc17.nasl
2012-08-30Name : Fedora Update for raptor2 FEDORA-2012-4629
File : nvt/gb_fedora_2012_4629_raptor2_fc17.nasl
2012-08-03Name : Fedora Update for raptor FEDORA-2012-10590
File : nvt/gb_fedora_2012_10590_raptor_fc16.nasl
2012-08-03Name : Mandriva Update for raptor MDVSA-2012:061 (raptor)
File : nvt/gb_mandriva_MDVSA_2012_061.nasl
2012-08-03Name : Mandriva Update for libreoffice MDVSA-2012:063 (libreoffice)
File : nvt/gb_mandriva_MDVSA_2012_063.nasl
2012-07-30Name : CentOS Update for raptor CESA-2012:0410 centos6
File : nvt/gb_CESA-2012_0410_raptor_centos6.nasl
2012-07-30Name : CentOS Update for openoffice.org-base CESA-2012:0411 centos5
File : nvt/gb_CESA-2012_0411_openoffice.org-base_centos5.nasl
2012-07-09Name : RedHat Update for raptor RHSA-2012:0410-01
File : nvt/gb_RHSA-2012_0410-01_raptor.nasl
2012-06-19Name : Ubuntu Update for raptor USN-1480-1
File : nvt/gb_ubuntu_USN_1480_1.nasl
2012-04-30Name : FreeBSD Ports: raptor2
File : nvt/freebsd_raptor2.nasl
2012-04-30Name : Debian Security Advisory DSA 2438-1 (raptor)
File : nvt/deb_2438_1.nasl
2012-04-13Name : Fedora Update for raptor2 FEDORA-2012-4663
File : nvt/gb_fedora_2012_4663_raptor2_fc16.nasl

Nessus® Vulnerability Scanner

DateDescription
2014-06-13Name : The remote openSUSE host is missing a security update.
File : openSUSE-2012-183.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : openSUSE-2012-187.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2012-0410.nasl - Type : ACT_GATHER_INFO
2013-07-09Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1901-1.nasl - Type : ACT_GATHER_INFO
2012-12-14Name : The remote host has an application installed that is affected by multiple vul...
File : lotus_symphony_3_0_1_fp2.nasl - Type : ACT_GATHER_INFO
2012-09-25Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201209-05.nasl - Type : ACT_GATHER_INFO
2012-09-06Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2012-063.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20120322_openoffice_org_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20120322_raptor_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-07-31Name : The remote Fedora host is missing a security update.
File : fedora_2012-10590.nasl - Type : ACT_GATHER_INFO
2012-07-31Name : The remote Fedora host is missing a security update.
File : fedora_2012-10591.nasl - Type : ACT_GATHER_INFO
2012-06-19Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1480-1.nasl - Type : ACT_GATHER_INFO
2012-04-23Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2012-061.nasl - Type : ACT_GATHER_INFO
2012-04-13Name : The remote Fedora host is missing a security update.
File : fedora_2012-4663.nasl - Type : ACT_GATHER_INFO
2012-04-12Name : The remote host is running an application affected by a data leakage vulnerab...
File : openoffice_2012_0037.nasl - Type : ACT_GATHER_INFO
2012-04-12Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_libreoffice-345-120316.nasl - Type : ACT_GATHER_INFO
2012-04-12Name : The remote host is running an application affected by a data leakage vulnerab...
File : libreoffice_351.nasl - Type : ACT_GATHER_INFO
2012-04-12Name : The remote host is running an application affected by a data leakage vulnerab...
File : macosx_libreoffice_351.nasl - Type : ACT_GATHER_INFO
2012-04-12Name : The remote Fedora host is missing a security update.
File : fedora_2012-4629.nasl - Type : ACT_GATHER_INFO
2012-04-03Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_libreoffice-345-8022.nasl - Type : ACT_GATHER_INFO
2012-03-26Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_libraptor-devel-120217.nasl - Type : ACT_GATHER_INFO
2012-03-26Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_60f81af3769011e1942300235a5f2c9a.nasl - Type : ACT_GATHER_INFO
2012-03-26Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2012-0410.nasl - Type : ACT_GATHER_INFO
2012-03-26Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2012-0411.nasl - Type : ACT_GATHER_INFO
2012-03-23Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2438.nasl - Type : ACT_GATHER_INFO
2012-03-23Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-0410.nasl - Type : ACT_GATHER_INFO
2012-03-23Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-0411.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
DateInformations
2014-02-17 11:55:48
  • Multiple Updates
2013-04-19 13:22:04
  • Multiple Updates