---------------------------------------------------------------------- Use WSUS to deploy 3rd party patches Public BETA http://secunia.com/vulnerability_scanning/corporate/wsus_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Perforce Server Multiple Vulnerabilities SECUNIA ADVISORY ID: SA38816 VERIFY ADVISORY: http://secunia.com/advisories/38816/ DESCRIPTION: Some vulnerabilities and a weakness have been reported in Perforce Server, which can be exploited by malicious, local users to disclose potentially sensitive information and by malicious people to bypass certain security restrictions or to cause a DoS (Denial of Service). 1) An error in the processing of certain packets can be exploited to cause the Perforce server process "p4s.exe" to crash by sending a specially crafted packet to port 1666/TCP. 2) An error in the processing of certain packets can be exploited to cause an infinite loop in the "p4s.exe" process by sending a specially crafted packet to port 1666/TCP. These vulnerabilities are related to: SA36580 3) An error in the processing of password change requests can be exploited to perform an unauthorised change a user's password. 4) Journal and log files are stored world-readable and in clear text. 5) An error in the handling of sockets can be exploited to hijack the application's socket and e.g. gain sensitive information. SOLUTION: Restrict network access to the affected service. PROVIDED AND/OR DISCOVERED BY: 1, 2) Reportedly modules for VulnDisco Pack. 3-5) McAfee, including Stuart McClure, Shanit Gupta, Carric Dooley, Vitaly Zaytsev, Xiao Bo Chen, Kris Kaspersky, Michael Spohn, and Ryan Permeh. ORIGINAL ADVISORY: Intevydis: http://intevydis.blogspot.com/2010/03/perforce.html McAfee: http://resources.mcafee.com/forms/Aurora_VDTRG_WP OTHER REFERENCES: SA36580: http://secunia.com/advisories/36580/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------