Информационная безопасность
[RU] switch to English


Уязвимости безопасности в Openswan / Strongswan
дополнено с 7 апреля 2014 г.
Опубликовано:7 мая 2014 г.
Источник:
SecurityVulns ID:13670
Тип:удаленная
Уровень опасности:
7/10
Описание:Переполнение буфера, DoS, обход защиты.
Затронутые продукты:OPENSWAN : Openswan 2.6
 STRONGSWAN : strongSwan 5.1
CVE:CVE-2014-2891 (strongSwan before 5.1.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a crafted ID_DER_ASN1_DN ID payload.)
 CVE-2014-2338 (IKEv2 in strongSwan 4.0.7 before 5.1.3 allows remote attackers to bypass authentication by rekeying an IKE_SA during (1) initiation or (2) re-authentication, which triggers the IKE_SA state to be set to established.)
 CVE-2013-6466 (Openswan 2.6.39 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon restart) via IKEv2 packets that lack expected payloads.)
 CVE-2013-2053 (Buffer overflow in the atodn function in Openswan before 2.6.39, when Opportunistic Encryption is enabled and an RSA key is being used, allows remote attackers to cause a denial of service (pluto IKE daemon crash) and possibly execute arbitrary code via crafted DNS TXT records. NOTE: this might be the same vulnerability as CVE-2013-2052 and CVE-2013-2054.)
Оригинальный текстdocumentDEBIAN, [SECURITY] [DSA 2922-1] strongswan security update (07.05.2014)
 documentDEBIAN, [SECURITY] [DSA 2903-1] strongswan security update (04.05.2014)
 documentDEBIAN, [SECURITY] [DSA 2893-1] openswan security update (07.04.2014)

Многочисленные уязвимости безопасности в Apache Struts
дополнено с 2 мая 2014 г.
Опубликовано:7 мая 2014 г.
Источник:
SecurityVulns ID:13701
Тип:удаленная
Уровень опасности:
6/10
Описание:Несколько уязвимостей ClassLoader потенциально ведущих к выполнению кода.
Затронутые продукты:APACHE : Struts 2.3
 APACHE : Struts 1.3
CVE:CVE-2014-0114 (The ActionForm object in Apache Struts 1.x through 1.3.10 allows remote attackers to "manipulate" the ClassLoader and execute arbitrary code via the class parameter, which is passed to the getClass method.)
 CVE-2014-0112 (ParametersInterceptor in Apache Struts before 2.3.16.2 does not properly restrict access to the getClass method, which allows remote attackers to "manipulate" the ClassLoader and execute arbitrary code via a crafted request. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-0094.)
 CVE-2014-0094 (The ParametersInterceptor in Apache Struts before 2.3.16.1 allows remote attackers to "manipulate" the ClassLoader via the class parameter, which is passed to the getClass method.)
Оригинальный текстdocumentAPACHE, [ANN] Struts 2.3.16.3 GA release available - security fix (07.05.2014)
 documentAPACHE, [ANN][SECURITY] Struts 1 - CVE-2014-0114 -Mitigation Advice Available, Possible RCE Impact (02.05.2014)
 documentAPACHE, [ANN][SECURITY] ClassLoader manipulation issue confirmed for Struts 1 - CVE-2014-0114 (02.05.2014)
 documentAPACHE, [ANN] Struts 2.3.16.2 GA release available - security fix (02.05.2014)

Многочисленные уязвимости безопасности в OpenStack
Опубликовано:7 мая 2014 г.
Источник:
SecurityVulns ID:13750
Тип:удаленная
Уровень опасности:
5/10
Описание:Выполнение кода в Glance, несанционированный доступ в Neutron и Swift, межсайтовый скриптинг в Horizon, утечка информации в Quantum / Cinder / Oslo.
Затронутые продукты:OPENSTACK : Cinder 2012.2
 OPENSTACK : Horizon 2013.2
 OPENSTACK : Glance 2013.2
 OPENSTACK : Neutron 2013.2
 OPENSTACK : Swift 1.10
 OPENSTACK : Oslo 2013.2
 OPENSTACK : Quantum 2012.2
CVE:CVE-2014-0162 (The Sheepdog backend in OpenStack Image Registry and Delivery Service (Glance) 2013.2 before 2013.2.4 and icehouse before icehouse-rc2 allows remote authenticated users with permission to insert or modify an image to execute arbitrary commands via a crafted location.)
 CVE-2014-0157 (Cross-site scripting (XSS) vulnerability in the Horizon Orchestration dashboard in OpenStack Dashboard (aka Horizon) 2013.2 before 2013.2.4 and icehouse before icehouse-rc2 allows remote attackers to inject arbitrary web script or HTML via the description field of a Heat template.)
 CVE-2014-0056 (The l3-agent in OpenStack Neutron 2012.2 before 2013.2.3 does not check the tenant id when creating ports, which allows remote authenticated users to plug ports into the routers of arbitrary tenants via the device id in a port-create command.)
 CVE-2014-0006 (The TempURL middleware in OpenStack Object Storage (Swift) 1.4.6 through 1.8.0, 1.9.0 through 1.10.0, and 1.11.0 allows remote attackers to obtain secret URLs by leveraging an object name and a timing side-channel attack.)
 CVE-2013-6491 (The python-qpid client (common/rpc/impl_qpid.py) in OpenStack Oslo before 2013.2 does not enforce SSL connections when qpid_protocol is set to ssl, which allows remote attackers to obtain sensitive information by sniffing the network.)
Оригинальный текстdocumentUBUNTU, [USN-2208-2] OpenStack Quantum vulnerability (07.05.2014)
 documentUBUNTU, [USN-2208-1] OpenStack Cinder vulnerability (07.05.2014)
 documentUBUNTU, [USN-2193-1] OpenStack Glance vulnerability (07.05.2014)
 documentUBUNTU, [USN-2194-1] OpenStack Neutron vulnerability (07.05.2014)
 documentUBUNTU, [USN-2206-1] OpenStack Horizon vulnerability (07.05.2014)
 documentUBUNTU, [USN-2207-1] OpenStack Swift vulnerability (07.05.2014)

Обход защиты в Cyberduck
Опубликовано:7 мая 2014 г.
Источник:
SecurityVulns ID:13751
Тип:m-i-t-m
Уровень опасности:
5/10
Описание:Некорректная проверка корневых сертификатов для FTP-SSL.
Затронутые продукты:CYBERDUCK : Cyberduck 4.4
CVE:CVE-2014-2845
Оригинальный текстdocumentMicha.Borrmann_(at)_SySS.de, CVE-2014-2845 - Cyberduck (Windows): Failure validating some certificates (using FTP-SSL) with untrusted root certificate authority (07.05.2014)

Уязвимости безопасности в Citrix Netscaler
Опубликовано:7 мая 2014 г.
Источник:
SecurityVulns ID:13752
Тип:удаленная
Уровень опасности:
5/10
Описание:Слабая реализация протокола Диффи-Хелмана, отсутствие проверки сертификата.
Затронутые продукты:CITRIX : NetScaler Application Delivery Controller 10.1
CVE:CVE-2014-2882 (Unspecified vulnerability in the management GUI in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 9.3-66.5 and 10.x before 10.1-122.17 has unspecified impact and vectors, related to certificate validation.)
 CVE-2014-2881 (Unspecified vulnerability in the Diffie-Hellman key agreement implementation in the management GUI Java applet in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 9.3-66.5 and 10.x before 10.1-122.17 has unknown impact and vectors.)
Оригинальный текстdocumentadvisories_(at)_portcullis-security.com, CVE-2014-2882 - Lack of SSL Certificate Validation in Citrix Netscaler (07.05.2014)
 documentadvisories_(at)_portcullis-security.com, CVE-2014-2881 - Poor Quality Implementation of Diffie-Hellman Key Exchange in Citrix Netscaler (07.05.2014)

Уязвимости безопасности в IBM AIX
Опубликовано:7 мая 2014 г.
Источник:
SecurityVulns ID:13753
Тип:локальная
Уровень опасности:
5/10
Описание:Утечка информации и DoS через ptrace.
CVE:CVE-2014-0930 (The ptrace system call in IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.2.x, allows local users to cause a denial of service (system crash) or obtain sensitive information from kernel memory via a crafted PT_LDINFO operation.)
Оригинальный текстdocumentadvisories_(at)_portcullis-security.com, CVE-2014-0930 - Kernel Memory Leak And Denial Of Service Condition in IBM AIX (07.05.2014)

DoS через libxml2
Опубликовано:7 мая 2014 г.
Источник:
SecurityVulns ID:13754
Тип:библиотека
Уровень опасности:
5/10
Описание:Исчерпание ресурсов при разборе XML.
CVE:CVE-2014-0191 (Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 11.1.1.7.0, 12.1.2.0, and 12.1.3.0 allows remote attackers to affect availability via unknown vectors related to Web Listener, a different vulnerability than CVE-2013-0338, CVE-2013-2877, and CVE-2015-0386.)
Оригинальный текстdocumentStefan Cornelius, [oss-security] CVE-2014-0191 libxml2: external parameter entity loaded when entity substitution is disabled (07.05.2014)

Уязвимости безопасности в libvirt
Опубликовано:7 мая 2014 г.
Источник:
SecurityVulns ID:13755
Тип:библиотека
Уровень опасности:
5/10
Описание:DoS, проблема символьных линков.
CVE:CVE-2013-7336 (The qemuMigrationWaitForSpice function in qemu/qemu_migration.c in libvirt before 1.1.3 does not properly enter a monitor when performing seamless SPICE migration, which allows local users to cause a denial of service (NULL pointer dereference and libvirtd crash) by causing domblkstat to be called at the same time as the qemuMonitorGetSpiceMigrationStatus function.)
 CVE-2013-6456 (The LXC driver (lxc/lxc_driver.c) in libvirt 1.0.1 through 1.2.1 allows local users to (1) delete arbitrary host devices via the virDomainDeviceDettach API and a symlink attack on /dev in the container; (2) create arbitrary nodes (mknod) via the virDomainDeviceAttach API and a symlink attack on /dev in the container; and cause a denial of service (shutdown or reboot host OS) via the (3) virDomainShutdown or (4) virDomainReboot API and a symlink attack on /dev/initctl in the container, related to "paths under /proc/$PID/root" and the virInitctlSetRunLevel function.)
Оригинальный текстdocumentUBUNTU, [USN-2209-1] libvirt vulnerabilities (07.05.2014)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород