Информационная безопасность
[RU] switch to English


Cводка уязвимостей безопасности в Web-приложениях (PHP, ASP, JSP, CGI, Perl)
Опубликовано:1 декабря 2014 г.
Источник:
SecurityVulns ID:14113
Тип:удаленная
Уровень опасности:
5/10
Описание:Инъекции PHP, инъекции SQL, обратный путь в каталогах, межсайтовый скриптинг, модификация файлов, утечка информации и т.д.
Затронутые продукты:DRUPAL : Drupal 7.14
 ZEND : Zend Framework 1.12
 MODX : MODX Revolution 2.2
 PHPMYADMIN : phpmyadmin 4.2
 MOJOLICIOUS : Mojolicious 5.47
 PLACK : Plack 0.988
 WORDPRESS : wordpress 3.9
 TULEAP : Tuleap 0.9
 XEPAN : xEpan
 REVSLIDER : Revslider 3.0
 REVSLIDER : Showbiz Pro 1.7
 KDE : kde-runtime 4.8
 WORDPRESS : WP-DB-Backup 2.2
 PHPSMARTY : php-smarty 3.1
 WORDPRESS : SP Client Document Manager 2.4
 WORDPRESS : CM Download Manager 2.0
 DOLIBARR : Dolibarr ERP & CRM 3.5
 JOOMLA : Simple Email Form 1.8
 GOGS : gogs 0.5
 PHPMEMCACHEDADMI : phpMemcachedAdmin 1.2
 FLOWPLAYER : Flowplayer 3.2
 WORDPRESS : Wordpress bulletproof-security 0.51
 WORDPRESS : Wordfence Firewall 5.1
 FORMALMS : Forma Lms 1.2
 HELPDEZK : HelpDezk 1.0
 OPMANAGER : OpManager 11.4
 PASSWORDMANAGERP : Password Manager Pro 7.1
 APACHE : Qpid 0.30
 TYPO3 : ke_dompdf 0.0
 TYPO3 : ke_questionnaire 2.5
CVE:CVE-2014-9039 (wp-login.php in WordPress before 3.7.5, 3.8.x before 3.8.5, 3.9.x before 3.9.3, and 4.x before 4.0.1 might allow remote attackers to reset passwords by leveraging access to an e-mail account that received a password-reset message.)
 CVE-2014-9038 (wp-includes/http.php in WordPress before 3.7.5, 3.8.x before 3.8.5, 3.9.x before 3.9.3, and 4.x before 4.0.1 allows remote attackers to conduct server-side request forgery (SSRF) attacks by referring to a 127.0.0.0/8 resource.)
 CVE-2014-9037 (WordPress before 3.7.5, 3.8.x before 3.8.5, 3.9.x before 3.9.3, and 4.x before 4.0.1 might allow remote attackers to obtain access to an account idle since 2008 by leveraging an improper PHP dynamic type comparison for an MD5 hash.)
 CVE-2014-9036 (Cross-site scripting (XSS) vulnerability in WordPress before 3.7.5, 3.8.x before 3.8.5, 3.9.x before 3.9.3, and 4.x before 4.0.1 allows remote attackers to inject arbitrary web script or HTML via a crafted Cascading Style Sheets (CSS) token sequence in a post.)
 CVE-2014-9035 (Cross-site scripting (XSS) vulnerability in Press This in WordPress before 3.7.5, 3.8.x before 3.8.5, 3.9.x before 3.9.3, and 4.x before 4.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.)
 CVE-2014-9034 (wp-includes/class-phpass.php in WordPress before 3.7.5, 3.8.x before 3.8.5, 3.9.x before 3.9.3, and 4.x before 4.0.1 allows remote attackers to cause a denial of service (CPU consumption) via a long password that is improperly handled during hashing, a similar issue to CVE-2014-9016.)
 CVE-2014-9033 (Cross-site request forgery (CSRF) vulnerability in wp-login.php in WordPress 3.7.4, 3.8.4, 3.9.2, and 4.0 allows remote attackers to hijack the authentication of arbitrary users for requests that reset passwords.)
 CVE-2014-9032 (Cross-site scripting (XSS) vulnerability in the media-playlists feature in WordPress before 3.9.x before 3.9.3 and 4.x before 4.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.)
 CVE-2014-9031 (Cross-site scripting (XSS) vulnerability in the wptexturize function in WordPress before 3.7.5, 3.8.x before 3.8.5, and 3.9.x before 3.9.3 allows remote attackers to inject arbitrary web script or HTML via crafted use of shortcode brackets in a text field, as demonstrated by a comment or a post.)
 CVE-2014-9016 (The password hashing API in Drupal 7.x before 7.34 and the Secure Password Hashes (aka phpass) module 6.x-2.x before 6.x-2.1 for Drupal allows remote attackers to cause a denial of service (CPU and memory consumption) via a crafted request.)
 CVE-2014-9015 (Drupal 6.x before 6.34 and 7.x before 7.34 allows remote attackers to hijack sessions via a crafted request, as demonstrated by a crafted request to a server that supports both HTTP and HTTPS sessions.)
 CVE-2014-8961 (Directory traversal vulnerability in libraries/error_report.lib.php in the error-reporting feature in phpMyAdmin 4.1.x before 4.1.14.7 and 4.2.x before 4.2.12 allows remote authenticated users to obtain potentially sensitive information about a file's line count via a crafted parameter.)
 CVE-2014-8960 (Cross-site scripting (XSS) vulnerability in libraries/error_report.lib.php in the error-reporting feature in phpMyAdmin 4.1.x before 4.1.14.7 and 4.2.x before 4.2.12 allows remote authenticated users to inject arbitrary web script or HTML via a crafted filename.)
 CVE-2014-8959 (Directory traversal vulnerability in libraries/gis/GIS_Factory.class.php in the GIS editor in phpMyAdmin 4.0.x before 4.0.10.6, 4.1.x before 4.1.14.7, and 4.2.x before 4.2.12 allows remote authenticated users to include and execute arbitrary local files via a crafted geometry-type parameter.)
 CVE-2014-8958 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.6, 4.1.x before 4.1.14.7, and 4.2.x before 4.2.12 allow remote authenticated users to inject arbitrary web script or HTML via a crafted (1) database, (2) table, or (3) column name that is improperly handled during rendering of the table browse page; a crafted ENUM value that is improperly handled during rendering of the (4) table print view or (5) zoom search page; or (6) a crafted pma_fontsize cookie that is improperly handled during rendering of the home page.)
 CVE-2014-8877 (The alterSearchQuery function in lib/controllers/CmdownloadController.php in the CreativeMinds CM Downloads Manager plugin before 2.0.4 for WordPress allows remote attackers to execute arbitrary PHP code via the CMDsearch parameter to cmdownloads/, which is processed by the PHP create_function function.)
 CVE-2014-8749 (Server-side request forgery (SSRF) vulnerability in admin/htaccess/bpsunlock.php in the BulletProof Security plugin before .51.1 for WordPress allows remote attackers to trigger outbound requests that authenticate to arbitrary databases via the dbhost parameter.)
 CVE-2014-8732 (Cross-site scripting (XSS) vulnerability in phpMemcachedAdmin 1.2.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.)
 CVE-2014-8731
 CVE-2014-8683 (Cross-site scripting (XSS) vulnerability in models/issue.go in Gogs (aka Go Git Service) 0.3.1-9 through 0.5.x before 0.5.8 allows remote attackers to inject arbitrary web script or HTML via the text parameter to api/v1/markdown.)
 CVE-2014-8682 (Multiple SQL injection vulnerabilities in Gogs (aka Go Git Service) 0.3.1-9 through 0.5.x before 0.5.6.1105 Beta allow remote attackers to execute arbitrary SQL commands via the q parameter to (1) api/v1/repos/search, which is not properly handled in models/repo.go, or (2) api/v1/users/search, which is not properly handled in models/user.go.)
 CVE-2014-8600 (Multiple cross-site scripting (XSS) vulnerabilities in KDE-Runtime 4.14.3 and earlier, kwebkitpart 1.3.4 and earlier, and kio-extras 5.1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via a crafted URI using the (1) zip, (2) trash, (3) tar, (4) thumbnail, (5) smtps, (6) smtp, (7) smb, (8) remote, (9) recentdocuments, (10) nntps, (11) nntp, (12) network, (13) mbox, (14) ldaps, (15) ldap, (16) fonts, (17) file, (18) desktop, (19) cgi, (20) bookmarks, or (21) ar scheme, which is not properly handled in an error message.)
 CVE-2014-8539 (Cross-site scripting (XSS) vulnerability in Simple Email Form 1.8.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the mod_simpleemailform_field2_1 parameter to index.php.)
 CVE-2014-8499 (Multiple SQL injection vulnerabilities in ManageEngine Password Manager Pro (PMP) and Password Manager Pro Managed Service Providers (MSP) edition before 7.1 build 7105 allow remote authenticated users to execute arbitrary SQL commands via the SEARCH_ALL parameter to (1) SQLAdvancedALSearchResult.cc or (2) AdvancedSearchResult.cc.)
 CVE-2014-8498 (SQL injection vulnerability in BulkEditSearchResult.cc in ManageEngine Password Manager Pro (PMP) and Password Manager Pro Managed Service Providers (MSP) edition before 7.1 build 7105 allows remote authenticated users to execute arbitrary SQL commands via the SEARCH_ALL parameter.)
 CVE-2014-8429 (Cross-site request forgery (CSRF) vulnerability in Xavoc Technocrats xEpan CMS 1.0.4.1, 1.0.4, 1.0.1, and earlier allows remote attackers to hijack the authentication of administrators for requests that create new administrative accounts via a crafted request to the owner/users page.)
 CVE-2014-8350 (Smarty before 3.1.21 allows remote attackers to bypass the secure mode restrictions and execute arbitrary PHP code as demonstrated by "{literal}<{/literal}script language=php>" in a template.)
 CVE-2014-8337
 CVE-2014-8088 (The (1) Zend_Ldap class in Zend before 1.12.9 and (2) Zend\Ldap component in Zend 2.x before 2.2.8 and 2.3.x before 2.3.3 allows remote attackers to bypass authentication via a password starting with a null byte, which triggers an unauthenticated bind.)
 CVE-2014-7959 (SQL injection vulnerability in admin/htaccess/bpsunlock.php in the BulletProof Security plugin before .51.1 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the tableprefix parameter.)
 CVE-2014-7958 (Cross-site scripting (XSS) vulnerability in admin/htaccess/bpsunlock.php in the BulletProof Security plugin before .51.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the dbhost parameter.)
 CVE-2014-7868 (Multiple SQL injection vulnerabilities in ZOHO ManageEngine OpManager 11.3 and 11.4, IT360 10.3 and 10.4, and Social IT Plus 11.0 allow remote attackers or remote authenticated users to execute arbitrary SQL commands via the (1) OPM_BVNAME parameter in a Delete operation to the APMBVHandler servlet or (2) query parameter in a compare operation to the DataComparisonServlet servlet.)
 CVE-2014-7866 (Multiple directory traversal vulnerabilities in ZOHO ManageEngine OpManager 8 (build 88xx) through 11.4, IT360 10.3 and 10.4, and Social IT Plus 11.0 allow remote attackers or remote authenticated users to write and execute arbitrary files via a .. (dot dot) in the (1) fileName parameter to the MigrateLEEData servlet or (2) zipFileName parameter in a downloadFileFromProbe operation to the MigrateCentralData servlet.)
 CVE-2014-7137 (Multiple SQL injection vulnerabilities in Dolibarr ERP/CRM before 3.6.1 allow remote authenticated users to execute arbitrary SQL commands via the (1) contactid parameter in an addcontact action, (2) ligne parameter in a swapstatut action, or (3) project_ref parameter to projet/tasks/contact.php; (4) lineid parameter in a deletecontact action, (5) ligne parameter in a swapstatut action, or (6) ref parameter to projet/contact.php; (7) id parameter to compta/bank/fiche.php, (8) contact/info.php, (9) holiday/index.php, (10) product/stock/fiche.php, (11) product/stock/info.php, or (12) in an edit action to product/stock/fiche.php; (13) productid parameter in an addline action to product/stock/massstockmove.php; (14) project_ref parameter to projet/tasks/note.php; (15) ref parameter to element.php, (16) ganttview.php, (17) note.php, or (18) tasks.php in projet/; (19) sall or (20) sref parameter to comm/mailing/liste.php; (21) search_bon, (22) search_ligne, (23) search_societe, or (24) search_code parameter to com)
 CVE-2014-6039
 CVE-2014-6038
 CVE-2014-5269 (Plack::App::File in Plack before 1.0031 removes trailing slash characters from paths, which allows remote attackers to bypass the whitelist of generated files and obtain sensitive information via a crafted path, related to Plack::Middleware::Static.)
 CVE-2014-5257 (Multiple cross-site scripting (XSS) vulnerabilities in Forma Lms before 1.2.1 p01 allow remote attackers to inject arbitrary web script or HTML via the (1) id_custom parameter in an amanmenu request or (2) id_game parameter in an alms/games/edit request to appCore/index.php.)
 CVE-2014-3629 (XML external entity (XXE) vulnerability in the XML Exchange module in Apache Qpid 0.30 allows remote attackers to cause outgoing HTTP connections via a crafted message.)
 CVE-2012-4437 (Cross-site scripting (XSS) vulnerability in the SmartyException class in Smarty (aka smarty-php) before 3.1.12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors that trigger a Smarty exception.)
Оригинальный текстdocumentjohn_(at)_secureli.com, WordPress <=4.0 Denial of Service Exploit (CVE-2014-9034) (01.12.2014)
 documentRedTeam Pentesting, [RT-SA-2014-007] Remote Code Execution in TYPO3 Extension ke_dompdf (01.12.2014)
 documentRedTeam Pentesting, [RT-SA-2014-009] Information Disclosure in TYPO3 Extension ke_questionnaire (01.12.2014)
 documentVulnerability Lab, BookFresh - Persistent Clients Invite Vulnerability (01.12.2014)
 documentGordon Sim, CVE-2014-3629: Apache Qpid's qpidd can be induced to make http requests (01.12.2014)
 documentPedro Ribeiro, [The ManageOwnage series, part VIII]: Remote code execution and blind SQLi in OpManager, Social IT and IT360 (01.12.2014)
 documentlarry0_(at)_me.com, XCloner Wordpress/Joomla! backup Plugin v3.1.1 (Wordpress) v3.5.1 (Joomla!) Vulnerabilities (01.12.2014)
 documentmdgh9_(at)_yahoo.com, [CVE-2014-8338] Cross Site Scripting (XSS) vulnerability in videowhisper (01.12.2014)
 documentPedro Ribeiro, [The ManageOwnage Series, part VI]: 0day database info and superuser credential disclosure in EventLog Analyser (01.12.2014)
 documentHigh-Tech Bridge Security Research, Arbitrary File Upload in HelpDEZk (01.12.2014)
 documentHigh-Tech Bridge Security Research, Two Reflected Cross-Site Scripting (XSS) Vulnerabilities in Forma Lms (01.12.2014)
 documentbhati.contact_(at)_gmail.com, WordPress Wordfence Firewall 5.1.2 Cross Site Scripting (01.12.2014)
 documentPietro Oliva, Wordpress bulletproof-security <=.51 multiple vulnerabilities (01.12.2014)
 documentadvisories_(at)_appcheck-ng.com, [Appcheck-NG] Unpatched Vulnerabilities in Magento E-Commerce Platform (01.12.2014)
 documentsubs_(at)_itguard.info, Reflected Cross-Site Scripting (XSS) in Flash Version of Flowplayer (01.12.2014)
 documentiedb.team_(at)_gmail.com, Modx CMS CSRF Bypass & XSS Vulnerabilities (01.12.2014)
 documentiedb.team_(at)_gmail.com, Ahrareandeysheh CMS Cross-Site Scripting Vulnerability (01.12.2014)
 documentcert_(at)_it.nrw.de, CVE-2014-8731 - RCE in phpMemcachedAdmin <=1.2.2 (01.12.2014)
 documentcert_(at)_it.nrw.de, CVE-2014-8732 (01.12.2014)
 documenttschmid_(at)_ernw.de, CVE-2014-8682 Multiple Unauthenticated SQL Injections in Gogs (01.12.2014)
 documenttschmid_(at)_ernw.de, CVE-2014-8683 XSS in Gogs Markdown Renderer (01.12.2014)
 documentHigh-Tech Bridge Security Research, Reflected Cross-Site Scripting (XSS) in Simple Email Form Joomla Extension (01.12.2014)
 documentadvisories_(at)_portcullis-security.com, CVE-2014-7137 - Multiple SQL Injections in Dolibarr ERP & CRM (01.12.2014)
 documentMANDRIVA, [ MDVSA-2014:216 ] php-ZendFramework (01.12.2014)
 documentphi.n.le_(at)_itas.vn, CVE-2014-8877 - Code Injection in Wordpress CM Download Manager plugin (01.12.2014)
 documentDEBIAN, [SECURITY] [DSA 3075-1] drupal7 security update (01.12.2014)
 documentJouko Pynnonen, WordPress 3 persistent script injection (01.12.2014)
 documentthai.q.dang_(at)_itas.vn, Multiple SQL Injection in SP Client Document Manager plugin (01.12.2014)
 documentlarry0_(at)_me.com, [ MDVSA-2014:221 ] php-smarty (01.12.2014)
 documentlarry0_(at)_me.com, Exploit for stealing backups on WP sites with WP-DB-Backup v2.2.4 plugin (01.12.2014)
 documentUBUNTU, [USN-2414-1] KDE-Runtime vulnerability (01.12.2014)
 documentsimo_(at)_morxploit.com, Slider Revolution/Showbiz Pro shell upload exploit (01.12.2014)
 documentMANDRIVA, [ MDVSA-2014:228 ] phpmyadmin (01.12.2014)
 documentHigh-Tech Bridge Security Research, Сross-Site Request Forgery (CSRF) in xEpan (01.12.2014)
 documentEgidio Romano, [KIS-2014-13] Tuleap <= 7.6-4 (register.php) PHP Object Injection Vulnerability (01.12.2014)
 documentMANDRIVA, [ MDVSA-2014:233 ] wordpress (01.12.2014)
 documentMANDRIVA, [ MDVSA-2014:235 ] perl-Plack (01.12.2014)
 documentMANDRIVA, [ MDVSA-2014:237 ] perl-Mojolicious (01.12.2014)

Переполнение буфера в sniffit
Опубликовано:1 декабря 2014 г.
Источник:
SecurityVulns ID:14114
Тип:удаленная
Уровень опасности:
4/10
Описание:Переполнение буфера в файле конфигурации.
Затронутые продукты:SNIFFIT : sniffit 0.3
CVE:CVE-2014-5439
Оригинальный текстdocumentHector Marco, CVE-2014-5439 - Root shell on Sniffit [with exploit] (01.12.2014)

Обход аутентификации в HP-UX
Опубликовано:1 декабря 2014 г.
Источник:
SecurityVulns ID:14115
Тип:удаленная
Уровень опасности:
6/10
Описание:Обход аутентификации libpam_updbe в HP-UX.
Затронутые продукты:HP : HP-UX 11.11
 HP : HP-UX 11.23
 HP : HP-UX 11.31
CVE:CVE-2014-7879 (HP HP-UX B.11.11, B.11.23, and B.11.31, when the PAM configuration includes libpam_updbe, allows remote authenticated users to bypass authentication, and consequently execute arbitrary code, via unspecified vectors.)
Оригинальный текстdocumentHP, [security bulletin] HPSBUX03166 SSRT101489 rev.1 - HP-UX running PAM libpam_updbe, Remote Authentication Bypass (01.12.2014)

Повышение привилегий в Codemeter
Опубликовано:1 декабря 2014 г.
Источник:
SecurityVulns ID:14117
Тип:локальная
Уровень опасности:
5/10
Описание:Слабые привилегии сервиса.
Затронутые продукты:WIBU : CodeMeter 5.19
CVE:CVE-2014-8419 (Wibu-Systems CodeMeter Runtime before 5.20 uses weak permissions (read and write access for all users) for codemeter.exe, which allows local users to gain privileges via a Trojan horse file.)
Оригинальный текстdocumentajs_(at)_swordshield.com, CVE-2014-8419 - CodeMeter Weak Service Permissions (01.12.2014)

Многочисленные уязвимости безопасности в Oxide
Опубликовано:1 декабря 2014 г.
Источник:
SecurityVulns ID:14118
Тип:библиотека
Уровень опасности:
5/10
Описание:Многочисленные повреждения памяти.
Затронутые продукты:QT : oxide-qt 1.3
CVE:CVE-2014-7910 (Multiple unspecified vulnerabilities in Google Chrome before 39.0.2171.65 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.)
 CVE-2014-7909 (effects/SkDashPathEffect.cpp in Skia, as used in Google Chrome before 39.0.2171.65, computes a hash key using uninitialized integer values, which might allow remote attackers to cause a denial of service by rendering crafted data.)
 CVE-2014-7908 (Multiple integer overflows in the CheckMov function in media/base/container_names.cc in Google Chrome before 39.0.2171.65 allow remote attackers to cause a denial of service or possibly have unspecified other impact via a large atom in (1) MPEG-4 or (2) QuickTime .mov data.)
 CVE-2014-7907 (Multiple use-after-free vulnerabilities in modules/screen_orientation/ScreenOrientationController.cpp in Blink, as used in Google Chrome before 39.0.2171.65, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger improper handling of a detached frame, related to the (1) lock and (2) unlock methods.)
 CVE-2014-7904 (Buffer overflow in Skia, as used in Google Chrome before 39.0.2171.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.)
Оригинальный текстdocumentUBUNTU, [USN-2410-1] Oxide vulnerabilities (01.12.2014)

Переполнение буфера в Advantech WebAccess
Опубликовано:1 декабря 2014 г.
Источник:
SecurityVulns ID:14119
Тип:удаленная
Уровень опасности:
5/10
Описание:Переполнение буфера в ActiveX.
CVE:CVE-2014-8388 (Stack-based buffer overflow in Advantech WebAccess, formerly BroadWin WebAccess, before 8.0 allows remote attackers to execute arbitrary code via a crafted ip_address parameter in an HTML document.)
Оригинальный текстdocumentCORE SECURITY TECHNOLOGIES ADVISORIES, [CORE-2014-0010] - Advantech WebAccess Stack-based Buffer Overflow (01.12.2014)

Выполнение кода в Advantech EKI-6340
Опубликовано:1 декабря 2014 г.
Источник:
SecurityVulns ID:14120
Тип:удаленная
Уровень опасности:
5/10
Описание:Инъекция shell-команд в веб-интерфейсе.
Затронутые продукты:ADVANTECH : Advantech EKI-6340
CVE:CVE-2014-8387 (cgi/utility.cgi in Advantech EKI-6340 2.05 Wi-Fi Mesh Access Point allows remote authenticated users to execute arbitrary commands via shell metacharacters in the pinghost parameter to ping.cgi.)
Оригинальный текстdocumentCORE SECURITY TECHNOLOGIES ADVISORIES, [CORE-2014-0009] - Advantech EKI-6340 Command Injection (01.12.2014)

Переполнение буфера в Advantech AdamView
Опубликовано:1 декабря 2014 г.
Источник:
SecurityVulns ID:14121
Тип:локальная
Уровень опасности:
4/10
Описание:Переполнение буфера при разборе файлов .gni
Затронутые продукты:ADVANTECH : AdamView 4.3
CVE:CVE-2014-8386 (Multiple stack-based buffer overflows in Advantech AdamView 4.3 and earlier allow remote attackers to execute arbitrary code via a crafted (1) display properties or (2) conditional bitmap parameter in a GNI file.)
Оригинальный текстdocumentCORE SECURITY TECHNOLOGIES ADVISORIES, [CORE-2014-0008] - Advantech AdamView Buffer Overflow (01.12.2014)

Отсутствие проверки SSL-сертификата в Prey Anti-theft
Опубликовано:1 декабря 2014 г.
Источник:
SecurityVulns ID:14122
Тип:m-i-t-m
Уровень опасности:
4/10
Оригинальный текстdocumentPrograma STIC, Prey Anti-Theft for Android missing SSL certificate validation [STIC-2014-0731] (01.12.2014)

Отсутствие проверки SSL-сертификата в MercadoLibre
Опубликовано:1 декабря 2014 г.
Источник:
SecurityVulns ID:14123
Тип:удаленная
Уровень опасности:
5/10
Затронутые продукты:MERCADOLIBRE : MercadoLibre 3.8
CVE:CVE-2014-5658 (The MercadoLibre (aka com.mercadolibre) application 3.8.7 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.)
Оригинальный текстdocumentPrograma STIC, Missing SSL certificate validation in MercadoLibre app for Android [STIC-2014-0211] (01.12.2014)

Многочисленные уязвимости безопасности в приложениях OpenStack
Опубликовано:1 декабря 2014 г.
Источник:
SecurityVulns ID:14124
Тип:библиотека
Уровень опасности:
6/10
Описание:Утечка информации в OpenStack Cinder, утечка информации в Keystone, утечка информации и обход ограничений в Nova, обход ограничений в Neutron.
Затронутые продукты:OPENSTACK : Cinder 2014.1
 OPENSTACK : Nova 2014.1
 OPENSTACK : Neutron 2014.1
 OPENSTACK : Keystone 2014.1
 OPENSTACK : Trove 2014.1
 OPENSTACK : Neutron 2014.2
CVE:CVE-2014-7230 (The processutils.execute function in OpenStack oslo-incubator, Cinder, Nova, and Trove before 2013.2.4 and 2014.1 before 2014.1.3 allows local users to obtain passwords from commands that cause a ProcessExecutionError by reading the log.)
 CVE-2014-7230 (The processutils.execute function in OpenStack oslo-incubator, Cinder, Nova, and Trove before 2013.2.4 and 2014.1 before 2014.1.3 allows local users to obtain passwords from commands that cause a ProcessExecutionError by reading the log.)
 CVE-2014-6414 (OpenStack Neutron before 2014.2.4 and 2014.1 before 2014.1.2 allows remote authenticated users to set admin network attributes to default values via unspecified vectors.)
 CVE-2014-3641 (The (1) GlusterFS and (2) Linux Smbfs drivers in OpenStack Cinder before 2014.1.3 allows remote authenticated users to obtain file data from the Cinder-volume host by cloning and attaching a volume with a crafted qcow2 header.)
 CVE-2014-3621 (The catalog url replacement in OpenStack Identity (Keystone) before 2013.2.3 and 2014.1 before 2014.1.2.1 allows remote authenticated users to read sensitive configuration options via a crafted endpoint, as demonstrated by "$(admin_token)" in the publicurl endpoint field.)
 CVE-2014-3608 (The VMWare driver in OpenStack Compute (Nova) before 2014.1.3 allows remote authenticated users to bypass the quota limit and cause a denial of service (resource consumption) by putting the VM into the rescue state, suspending it, which puts into an ERROR state, and then deleting the image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2573.)
Оригинальный текстdocumentUBUNTU, [USN-2408-1] OpenStack Neutron vulnerability (01.12.2014)
 documentUBUNTU, [USN-2407-1] OpenStack Nova vulnerabilities (01.12.2014)
 documentUBUNTU, [USN-2406-1] OpenStack Keystone vulnerability (01.12.2014)
 documentUBUNTU, [USN-2405-1] OpenStack Cinder vulnerabilities (01.12.2014)

Обход ограничений в HP Helion Cloud Development Platform
Опубликовано:1 декабря 2014 г.
Источник:
SecurityVulns ID:14125
Тип:библиотека
Уровень опасности:
5/10
Описание:Один ключ используется в разных инсталляциях.
Затронутые продукты:HP : Helion Cloud Development Platform 1.0
CVE:CVE-2014-7878 (The Application Lifecycle Service (ALS) in HP Helion Cloud Development Platform 1.0, when a virtual machine is derived from the Seed Node image, uses the same security keys across different customers' installations, which allows remote attackers to execute arbitrary code by leveraging these keys for a connection.)
Оригинальный текстdocumentHP, [security bulletin] HPSBMU03190 rev.1 - HP Helion Cloud Development Platform Community and Commercial Editions, Remote Unauthenticated Access (01.12.2014)

Повышение привилегий в KDE Clock KCM
Опубликовано:1 декабря 2014 г.
Источник:
SecurityVulns ID:14126
Тип:локальная
Уровень опасности:
5/10
Затронутые продукты:KDE : kde-workspace 4.8
CVE:CVE-2014-8651 (The KDE Clock KCM policykit helper in kde-workspace before 4.11.14 and plasma-desktop before 5.1.1 allows local users to gain privileges via a crafted ntpUtility (ntp utility name) argument.)
Оригинальный текстdocumentUBUNTU, [USN-2402-1] KDE workspace vulnerabilities (01.12.2014)

Повреждение памяти в KDE Konversation / Quassel IRC
Опубликовано:1 декабря 2014 г.
Источник:
SecurityVulns ID:14127
Тип:клиент
Уровень опасности:
5/10
Описание:Повреждение памяти при получении шифрованного сообщения.
Затронутые продукты:KDE : Konversation 1.4
 QUASSEL : Quassel IRC 0.10
CVE:CVE-2014-8483 (The blowfishECB function in core/cipher.cpp in Quassel IRC 0.10.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a malformed string.)
Оригинальный текстdocumentUBUNTU, [USN-2401-1] Konversation vulnerability (01.12.2014)

Отсутствие проверки SSL-сертификата в PicsArt Photo Studio
Опубликовано:1 декабря 2014 г.
Источник:
SecurityVulns ID:14128
Тип:m-i-t-m
Уровень опасности:
5/10
Затронутые продукты:PICSART : PicsArt Photo Studio 4.6
CVE:CVE-2014-5674 (The PicsArt - Photo Studio (aka com.picsart.studio) application 4.5.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.)
Оригинальный текстdocumentPrograma STIC, Insecure management of login credentials in PicsArt Photo Studio for Android [STIC-2014-0426] (01.12.2014)

DoS против mutt
Опубликовано:1 декабря 2014 г.
Источник:
SecurityVulns ID:14130
Тип:удаленная
Уровень опасности:
5/10
Описание:Отказ при разборе заголовков.
Затронутые продукты:MUTT : mutt 1.5
CVE:CVE-2014-9116 (The write_one_header function in mutt 1.5.23 does not properly handle newline characters at the beginning of a header, which allows remote attackers to cause a denial of service (crash) via a header with an empty body, which triggers a heap-based buffer overflow in the mutt_substrdup function.)
Оригинальный текстdocumentDEBIAN, [SECURITY] [DSA 3083-1] mutt security update (01.12.2014)

Утечка информации в EntryPass N5200
Опубликовано:1 декабря 2014 г.
Источник:
SecurityVulns ID:14131
Тип:удаленная
Уровень опасности:
4/10
Описание:Утечка содержимого памяти.
Затронутые продукты:ENTRYPASS : EntryPass N5200
CVE:CVE-2014-8868 (EntryPass N5200 Active Network Control Panel does not properly restrict access, which allows remote attackers to obtain the administrator username and password, and possibly other sensitive information, via a request to /4.)
Оригинальный текстdocumentRedTeam Pentesting, [RT-SA-2014-011] EntryPass N5200 Credentials Disclosure (01.12.2014)

Межсайтовый скриптинг в Alcatel Lucent 1830 Photonic Service Switch
Опубликовано:1 декабря 2014 г.
Источник:
SecurityVulns ID:14132
Тип:удаленная
Уровень опасности:
4/10
Описание:XSS в веб-интерфейсе.
Затронутые продукты:ALCATEL : Alcatel Lucent 1830
CVE:CVE-2014-3809
Оригинальный текстdocumentStephan.Rickauer_(at)_swisscom.com, CVE-2014-3809: Reflected XSS in Alcatel Lucent 1830 PSS-32/16/4 (01.12.2014)

Уязвимости безопасности в NetFlow Analyzer
Опубликовано:1 декабря 2014 г.
Источник:
SecurityVulns ID:14133
Тип:удаленная
Уровень опасности:
5/10
Описание:Обратный путь в каталогах.
Затронутые продукты:MANAGEENGINE : NetFlow Analyzer 9.9
CVE:CVE-2014-5446 (Directory traversal vulnerability in the DisplayChartPDF servlet in ZOHO ManageEngine Netflow Analyzer 8.6 through 10.2 and IT360 10.3 allows remote attackers and remote authenticated users to read arbitrary files via a .. (dot dot) in the filename parameter.)
 CVE-2014-5445 (Multiple absolute path traversal vulnerabilities in ZOHO ManageEngine Netflow Analyzer 8.6 through 10.2 and IT360 10.3 allow remote attackers or remote authenticated users to read arbitrary files via a full pathname in the schFilePath parameter to the (1) CSVServlet or (2) CReportPDFServlet servlet.)
Оригинальный текстdocumentPedro Ribeiro, [The ManageOwnage Series, part IX]: 0-day arbitrary file download in NetFlow Analyzer and IT360 (01.12.2014)

Многочисленные уязвимости безопасности в Docker
дополнено с 1 декабря 2014 г.
Опубликовано:22 декабря 2014 г.
Источник:
SecurityVulns ID:14116
Тип:локальная
Уровень опасности:
5/10
Описание:Проблема символьных линков, обратный путь в каталогах, повышение привилегий.
Затронутые продукты:DOCKER : Docker 1.3
CVE:CVE-2014-9358 (Docker before 1.3.3 does not properly validate image IDs, which allows remote attackers to conduct path traversal attacks and spoof repositories via a crafted image in a (1) "docker load" operation or (2) "registry communications.")
 CVE-2014-9357 (Docker 1.3.2 allows remote attackers to execute arbitrary code with root privileges via a crafted (1) image or (2) build in a Dockerfile in an LZMA (.xz) archive, related to the chroot for archive extraction.)
 CVE-2014-9356
 CVE-2014-5277 (Docker before 1.3.1 and docker-py before 0.5.3 fall back to HTTP when the HTTPS connection to the registry fails, which allows man-in-the-middle attackers to conduct downgrade attacks and obtain authentication and image data by leveraging a network position between the client and the registry to block HTTPS traffic.)
Оригинальный текстdocumentDOCKER, Docker 1.3.3 - Security Advisory [11 Dec 2014] (22.12.2014)
 documentDOCKER, Docker 1.3.2 - Security Advisory [24 Nov 2014] (01.12.2014)

Уязвимости безопасности в D-Link DCS-2103
дополнено с 1 декабря 2014 г.
Опубликовано:25 октября 2015 г.
Источник:
SecurityVulns ID:14129
Тип:удаленная
Уровень опасности:
4/10
Описание:Обратный путь в каталогах, утечка информации, XSS, CSRF.
Затронутые продукты:DLINK : D-Link DCS-2103
Оригинальный текстdocumentMustLive, AoF ana CSRF vulnerabilities in D-Link DCS-2103 (25.10.2015)
 documentMustLive, CSRF and XSS vulnerabilities in D-Link DCS-2103 (24.08.2015)
 documentMustLive, BF and XSS vulnerabilities in D-Link DCS-2103 (29.12.2014)
 documentMustLive, Vulnerabilities in D-Link DCS-2103 (01.12.2014)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород