Информационная безопасность
[RU] switch to English


Уязвимости безопасности в библиотеке openjpeg
дополнено с 16 июля 2012 г.
Опубликовано:2 марта 2013 г.
Источник:
SecurityVulns ID:12476
Тип:библиотека
Уровень опасности:
6/10
Описание:Уязвимости при кодировании и декодировании jpeg
Затронутые продукты:OPENJPEG : OpenJPEG 1.3
CVE:CVE-2012-3535 (Heap-based buffer overflow in OpenJPEG 1.5.0 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted JPEG2000 file.)
 CVE-2012-3358 (Multiple heap-based buffer overflows in the j2k_read_sot function in j2k.c in OpenJPEG 1.5 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted (1) tile number or (2) tile length in a JPEG 2000 image file.)
 CVE-2009-5030 (The tcd_free_encode function in tcd.c in OpenJPEG 1.3 through 1.5 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted tile information in a Gray16 TIFF image, which causes insufficient memory to be allocated and leads to an "invalid free.")
Оригинальный текстdocumentMANDRIVA, [ MDVSA-2012:104 ] openjpeg (16.07.2012)

Повреждение памяти в War FTP Daemon
Опубликовано:2 марта 2013 г.
Источник:
SecurityVulns ID:12919
Тип:удаленная
Уровень опасности:
5/10
Описание:Повреждение памяти при ведении журнала.
Затронутые продукты:WARFTPD : War FTP Daemon 1.82
Оригинальный текстdocumentJarle Aase, Denial of Service vulnerability in War FTP Daemon 1.82 (02.03.2013)

Переполнение буфера в cfingerd
Опубликовано:2 марта 2013 г.
Источник:
SecurityVulns ID:12911
Тип:удаленная
Уровень опасности:
6/10
Описание:Переполнение буфера при разборе запроса.
Затронутые продукты:CFINGERD : cfingerd 1.4
CVE:CVE-2013-1049 (Buffer overflow in the RFC1413 (ident) client in cfingerd 1.4.3-3 allows remote IDENT servers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted response.)
Оригинальный текстdocumentDEBIAN, [SECURITY] [DSA 2635-1] cfingerd security update (02.03.2013)

Обход защиты в RSA Authentication Agent
Опубликовано:2 марта 2013 г.
Источник:
SecurityVulns ID:12912
Тип:локальная
Уровень опасности:
4/10
Описание:В некоторых случаях вместо полной аутентификации происходит только запрос PIN-кода.
Затронутые продукты:EMC : RSA Authentication Agent 7.1
CVE:CVE-2013-0931 (EMC RSA Authentication Agent 7.1.x before 7.1.2 on Windows does not enforce the Quick PIN Unlock timeout feature, which allows physically proximate attackers to bypass the passcode requirement for a screensaved session by entering a PIN after timeout expiration.)
Оригинальный текстdocumentEMC, ESA-2013-012: RSA® Authentication Agent 7.1.1 for Microsoft Windows® Access Control Vulnerability (02.03.2013)

Уязвимости безопасности в PHP
Опубликовано:2 марта 2013 г.
Источник:
SecurityVulns ID:12914
Тип:удаленная
Уровень опасности:
5/10
Описание:Обход защиты safe_dir и выполнение окда при работе с SOAP.
Затронутые продукты:PHP : PHP 5.3
CVE:CVE-2013-1643 (The SOAP parser in PHP before 5.3.22 and 5.4.x before 5.4.13 allows remote attackers to read arbitrary files via a SOAP WSDL file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue in the soap_xmlParseFile and soap_xmlParseMemory functions.)
 CVE-2013-1635 (ext/soap/soap.c in PHP before 5.3.22 and 5.4.x before 5.4.13 does not validate the relationship between the soap.wsdl_cache_dir directive and the open_basedir directive, which allows remote attackers to bypass intended access restrictions by triggering the creation of cached SOAP WSDL files in an arbitrary directory.)
Оригинальный текстdocumentMANDRIVA, [ MDVSA-2013:016 ] php (02.03.2013)

Повышение привилегий в dbus-glib
Опубликовано:2 марта 2013 г.
Источник:
SecurityVulns ID:12915
Тип:локальная
Уровень опасности:
5/10
Описание:Повышение привилегий через сигнал NameOwnerChanged
Затронутые продукты:DBUS : dbus-glib 0.100
CVE:CVE-2013-0292 (The dbus_g_proxy_manager_filter function in dbus-gproxy in Dbus-glib before 0.100.1 does not properly verify the sender of NameOwnerChanged signals, which allows local users to gain privileges via a spoofed signal.)
Оригинальный текстdocumentUBUNTU, [USN-1753-1] DBus-GLib vulnerability (02.03.2013)

Уязвимости безопасности в OpenSSL / PolarSSL / GnuTLS
дополнено с 14 февраля 2013 г.
Опубликовано:2 марта 2013 г.
Источник:
SecurityVulns ID:12887
Тип:библиотека
Уровень опасности:
6/10
Описание:Тайминг-атаки, DoS.
Затронутые продукты:OPENSSL : OpenSSL 1.0
 POLARSSL : PolarSSL 1.2
 GNU : gnutls 2.12
CVE:CVE-2013-1622 (** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is not a security issue. Further investigation showed that, because of RFC noncompliance, no version or configuration of the product had the vulnerability previously associated with this ID. Notes: none.)
 CVE-2013-1621 (Array index error in the SSL module in PolarSSL before 1.2.5 might allow remote attackers to cause a denial of service via vectors involving a crafted padding-length value during validation of CBC padding in a TLS session, a different vulnerability than CVE-2013-0169.)
 CVE-2013-1619 (The TLS implementation in GnuTLS before 2.12.23, 3.0.x before 3.0.28, and 3.1.x before 3.1.7 does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169.)
 CVE-2013-0169 (The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the "Lucky Thirteen" issue.)
 CVE-2013-0166 (OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1d does not properly perform signature verification for OCSP responses, which allows remote OCSP servers to cause a denial of service (NULL pointer dereference and application crash) via an invalid key.)
Оригинальный текстdocumentUBUNTU, [USN-1752-1] GnuTLS vulnerability (02.03.2013)
 documentDEBIAN, [SECURITY] [DSA 2622-1] polarssl security update (14.02.2013)

Уязвимости безопасности в ядре Linux
дополнено с 14 февраля 2013 г.
Опубликовано:2 марта 2013 г.
Источник:
SecurityVulns ID:12888
Тип:локальная
Уровень опасности:
5/10
Описание:Повышение привилегий, утечка информации.
Затронутые продукты:LINUX : kernel 2.6
 LINUX : kernel 3.4
CVE:CVE-2013-1763 (Array index error in the __sock_diag_rcv_msg function in net/core/sock_diag.c in the Linux kernel before 3.7.10 allows local users to gain privileges via a large family value in a Netlink message.)
 CVE-2013-0871 (Race condition in the ptrace functionality in the Linux kernel before 3.7.5 allows local users to gain privileges via a PTRACE_SETREGS ptrace system call in a crafted application, as demonstrated by ptrace_death.)
 CVE-2013-0231 (The pciback_enable_msi function in the PCI backend driver (drivers/xen/pciback/conf_space_capability_msi.c) in Xen for the Linux kernel 2.6.18 and 3.8 allows guest OS users with PCI device access to cause a denial of service via a large number of kernel log messages. NOTE: some of these details are obtained from third party information.)
 CVE-2013-0190 (The xen_failsafe_callback function in Xen for the Linux kernel 2.6.23 and other versions, when running a 32-bit PVOPS guest, allows local users to cause a denial of service (guest crash) by triggering an iret fault, leading to use of an incorrect stack pointer and stack corruption.)
 CVE-2012-4508 (Race condition in fs/ext4/extents.c in the Linux kernel before 3.4.16 allows local users to obtain sensitive information from a deleted file by reading an extent that was not properly marked as uninitialized.)
 CVE-2012-2669 (The main function in tools/hv/hv_kvp_daemon.c in hypervkvpd, as distributed in the Linux kernel before 3.4.5, does not validate the origin of Netlink messages, which allows local users to spoof Netlink communication via a crafted connector message.)
Оригинальный текстdocumentUBUNTU, [USN-1750-1] Linux kernel vulnerabilities (02.03.2013)
 documentUBUNTU, [USN-1739-1] Linux kernel vulnerability (24.02.2013)
 documentUBUNTU, [USN-1720-1] Linux kernel vulnerabilities (14.02.2013)

Уязвимости безопасности в Apache
Опубликовано:2 марта 2013 г.
Источник:
SecurityVulns ID:12917
Тип:удаленная
Уровень опасности:
6/10
Описание:Межсайтовый скриптинг в mod_info, mod_status, mod_imagemap, mod_ldap, mod_proxy_ftp, mod_proxy_balancer
Затронутые продукты:APACHE : Apache 2.2
 APACHE : Apache 2.4
CVE:CVE-2012-4558 (Multiple cross-site scripting (XSS) vulnerabilities in the balancer_handler function in the manager interface in mod_proxy_balancer.c in the mod_proxy_balancer module in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via a crafted string.)
 CVE-2012-3499 (Multiple cross-site scripting (XSS) vulnerabilities in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving hostnames and URIs in the (1) mod_imagemap, (2) mod_info, (3) mod_ldap, (4) mod_proxy_ftp, and (5) mod_status modules.)
Оригинальный текстdocumentMANDRIVA, [ MDVSA-2013:015 ] apache (02.03.2013)

Повреждение памяти в Transmission
Опубликовано:2 марта 2013 г.
Источник:
SecurityVulns ID:12918
Тип:удаленная
Уровень опасности:
5/10
Описание:Повреждение памяти при разборе пакетов micro transport
Затронутые продукты:TRANSMISSION : Transmission 2.61
CVE:CVE-2012-6129 (Stack-based buffer overflow in utp.cpp in libutp, as used in Transmission before 2.74 and possibly other products, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted "micro transport protocol packets.")
Оригинальный текстdocumentUBUNTU, [USN-1747-1] Transmission vulnerability (02.03.2013)

Многочисленные уязвимости безопасности в Microsoft Windows
дополнено с 14 февраля 2013 г.
Опубликовано:2 марта 2013 г.
Источник:
SecurityVulns ID:12882
Тип:библиотека
Уровень опасности:
8/10
Описание:Повреждение памяти в Quartz.dll, повышение привилегий в .Net, многочисленные кратковременные условия в ядре, повышение привилегий в CSRSS, DoS через TCP/IP.
Затронутые продукты:MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
 MICROSOFT : Windows 7
 MICROSOFT : Windows 8
 MICROSOFT : Windows 2012 Server
CVE:CVE-2013-1313 (Object Linking and Embedding (OLE) Automation in Microsoft Windows XP SP3 does not properly allocate memory, which allows remote attackers to execute arbitrary code via a crafted RTF document, aka "OLE Automation Remote Code Execution Vulnerability.")
 CVE-2013-1280 (The kernel in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle objects in memory, which allows local users to gain privileges via a crafted application, aka "Windows Kernel Reference Count Vulnerability.")
 CVE-2013-1279 (Race condition in the kernel in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application that leverages incorrect handling of objects in memory, aka "Kernel Race Condition Vulnerability," a different vulnerability than CVE-2013-1278.)
 CVE-2013-1278 (Race condition in the kernel in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application that leverages incorrect handling of objects in memory, aka "Kernel Race Condition Vulnerability," a different vulnerability than CVE-2013-1279.)
 CVE-2013-1267 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges, and consequently read the contents of arbitrary kernel memory locations, via a crafted application, a different vulnerability than other CVEs listed in MS13-016.)
 CVE-2013-1266 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges, and consequently read the contents of arbitrary kernel memory locations, via a crafted application, a different vulnerability than other CVEs listed in MS13-016.)
 CVE-2013-1265 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges, and consequently read the contents of arbitrary kernel memory locations, via a crafted application, a different vulnerability than other CVEs listed in MS13-016.)
 CVE-2013-1264 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges, and consequently read the contents of arbitrary kernel memory locations, via a crafted application, a different vulnerability than other CVEs listed in MS13-016.)
 CVE-2013-1263 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges, and consequently read the contents of arbitrary kernel memory locations, via a crafted application, a different vulnerability than other CVEs listed in MS13-016.)
 CVE-2013-1262 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges, and consequently read the contents of arbitrary kernel memory locations, via a crafted application, a different vulnerability than other CVEs listed in MS13-016.)
 CVE-2013-1261 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges, and consequently read the contents of arbitrary kernel memory locations, via a crafted application, a different vulnerability than other CVEs listed in MS13-016.)
 CVE-2013-1260 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges, and consequently read the contents of arbitrary kernel memory locations, via a crafted application, a different vulnerability than other CVEs listed in MS13-016.)
 CVE-2013-1259 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges, and consequently read the contents of arbitrary kernel memory locations, via a crafted application, a different vulnerability than other CVEs listed in MS13-016.)
 CVE-2013-1258 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges, and consequently read the contents of arbitrary kernel memory locations, via a crafted application, a different vulnerability than other CVEs listed in MS13-016.)
 CVE-2013-0077 (Quartz.dll in DirectShow in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP2, and Server 2008 SP2 allows remote attackers to execute arbitrary code via crafted media content in (1) a media file, (2) a media stream, or (3) a Microsoft Office document, aka "Media Decompression Vulnerability.")
 CVE-2013-0076 (The Client/Server Run-time Subsystem (CSRSS) in Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1 does not properly handle objects in memory, which allows local users to gain privileges via a crafted application, aka "Reference Count Vulnerability.")
 CVE-2013-0075 (The TCP/IP implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allows remote attackers to cause a denial of service (reboot) via a crafted packet that terminates a TCP connection, aka "TCP FIN WAIT Vulnerability.")
 CVE-2013-0073 (The Windows Forms (aka WinForms) component in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly restrict the privileges of a callback function during object creation, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP) or (2) a crafted .NET Framework application, aka "WinForms Callback Elevation Vulnerability.")
Оригинальный текстdocumentVUPEN Security Research, VUPEN Security Research - Microsoft Windows OLE Automation Code Execution Vulnerability (02.03.2013)
Файлы:Microsoft Security Bulletin MS13-011 - Critical Vulnerability in Media Decompression Could Allow Remote Code Execution (2780091)
 Microsoft Security Bulletin MS13-015 - Important Vulnerability in .NET Framework Could Allow Elevation of Privilege (2800277)
 Microsoft Security Bulletin MS13-016 - Important Vulnerabilities in Windows Kernel-Mode Driver Could Allow Elevation of Privilege (2778344)
 Microsoft Security Bulletin MS13-017 - Important Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (2799494)
 Microsoft Security Bulletin MS13-018 - Important Vulnerability in TCP/IP Could Allow Denial of Service (2790655)
 Microsoft Security Bulletin MS13-019 - Important Vulnerability in Windows Client/Server Run-time Subsystem (CSRSS) Could Allow Elevation of Privilege
 Microsoft Security Bulletin MS13-020 - Critical Vulnerability in OLE Automation Could Allow Remote Code Execution (2802968)

Обход защиты в sudo
дополнено с 2 марта 2013 г.
Опубликовано:10 марта 2013 г.
Источник:
SecurityVulns ID:12913
Тип:локальная
Уровень опасности:
5/10
Описание:Возможно обойти запрос пароля через манипуляцию с таймстампами, при некоторых условиях возможен перехват идентификатора сеанса.
Затронутые продукты:SUDO : sudo 1.8
CVE:CVE-2013-1776 (sudo 1.3.5 through 1.7.10 and 1.8.0 through 1.8.5, when the tty_tickets option is enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another terminal via vectors related to connecting to a standard input, output, and error file descriptors of another terminal. NOTE: this is one of three closely-related vulnerabilities that were originally assigned CVE-2013-1776, but they have been SPLIT because of different affected versions.)
 CVE-2013-1775 (sudo 1.6.0 through 1.7.10p6 and sudo 1.8.0 through 1.8.6p6 allows local users or physically-proximate attackers to bypass intended time restrictions and retain privileges without re-authenticating by setting the system clock and sudo user timestamp to the epoch.)
Оригинальный текстdocumentUBUNTU, [USN-1754-1] Sudo vulnerability (02.03.2013)

Несанкционированный доступ к D-Link DIR-645
дополнено с 2 марта 2013 г.
Опубликовано:12 августа 2013 г.
Источник:
SecurityVulns ID:12916
Тип:удаленная
Уровень опасности:
5/10
Описание:Возможно получить пароль администратора без авторизации, межсайтовый скриптинг, переполнение буфера.
Затронутые продукты:DLINK : D-Link DIR-645
Оригинальный текстdocumentRoberto Paleari, Multiple vulnerabilities on D-Link DIR-645 devices (12.08.2013)
 documentRoberto Paleari, Unauthenticated remote access to D-Link DIR-645 devices (02.03.2013)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород