Информационная безопасность
[RU] switch to English


Обратный путь в каталогах архиватора ark
Опубликовано:10 октября 2011 г.
Источник:
SecurityVulns ID:11951
Тип:локальная
Уровень опасности:
4/10
Описание:Обратный путь в каталогах при извлечении архива.
CVE:CVE-2011-2725 (Directory traversal vulnerability in Ark 4.7.x and earlier allows remote attackers to delete and force the display of arbitrary files via .. (dot dot) sequences in a zip file.)
Оригинальный текстdocumentTim Brown, Medium severity flaw with Ark (10.10.2011)

Подмена интерфейса в нескольких приложениях
Опубликовано:10 октября 2011 г.
Источник:
SecurityVulns ID:11952
Тип:библиотека
Уровень опасности:
3/10
Описание:Использование класса QLabel библиотеки Qt для отображения критичной информации позволяет подмену интерфейса.
CVE:CVE-2011-3367 (Arora, possibly 0.11 and other versions, does not use a certain font when rendering certificate fields in a security dialog, which allows remote attackers to spoof the common name (CN) of a certificate via rich text.)
 CVE-2011-3366 (Rekonq 0.7.0 and earlier does not use a certain font when rendering certificate fields in a security dialog, which allows remote attackers to spoof the common name (CN) of a certificate via rich text.)
 CVE-2011-3365 (The KDE SSL Wrapper (KSSL) API in KDE SC 4.6.0 through 4.7.1, and possibly earlier versions, does not use a certain font when rendering certificate fields in a security dialog, which allows remote attackers to spoof the common name (CN) of a certificate via rich text.)
Оригинальный текстdocumentTim Brown, Low severity flaw in various applications including KSSL, Rekonq, Arora, Psi IM (10.10.2011)

Уязвимости безопасности в Google Chrome
Опубликовано:10 октября 2011 г.
Источник:
SecurityVulns ID:11953
Тип:клиент
Уровень опасности:
6/10
Описание:Повреждения памяти при работе с функциями WebKit
Затронутые продукты:GOOGLE : Chrome 14.0
Оригинальный текстdocumentVUPEN Security Research, VUPEN Security Research - Google Chrome WebKit Engine Ruby Tag Stale Pointer Vulnerability (10.10.2011)
 documentVUPEN Security Research, VUPEN Security Research - Google Chrome WebKit Engine Child Tag Deletion Stale Pointer Vulnerability (10.10.2011)

Многочисленные уязвимости безопасности в Anatomy Keyview
Опубликовано:10 октября 2011 г.
Источник:
SecurityVulns ID:11954
Тип:библиотека
Уровень опасности:
6/10
Описание:Повреждения памяти, переполнение буфера, целочисленное переполнение.
Затронутые продукты:ANATOMY : Keyview 7.4
 ANATOMY : Keyview 9.2
 ANATOMY : Keyview 10.13
CVE:CVE-2011-0339
 CVE-2011-0338
 CVE-2011-0337
Оригинальный текстdocumentSECUNIA, Secunia Research: Autonomy Keyview Ichitaro QLST Integer Overflow Vulnerability (10.10.2011)
 documentSECUNIA, Secunia Research: Autonomy Keyview Ichitaro Text Parsing Buffer Overflow (10.10.2011)
 documentSECUNIA, Secunia Research: Autonomy Keyview Ichitaro Object Reconstruction Logic Vulnerability (10.10.2011)

Уязвимости безопасности в nntp-сервере cyrus-imapd
Опубликовано:10 октября 2011 г.
Источник:
SecurityVulns ID:11955
Тип:удаленная
Уровень опасности:
6/10
Описание:Переполнение буфера, обход аутентификации.
Затронутые продукты:CYRUS : cyrus-imapd 2.3
 CYRUS : cyrus-imapd 2.4
CVE:CVE-2011-3372 (imap/nntpd.c in the NNTP server (nntpd) for Cyrus IMAPd 2.4.x before 2.4.12 allows remote attackers to bypass authentication by sending an AUTHINFO USER command without sending an additional AUTHINFO PASS command.)
 CVE-2011-3208 (Stack-based buffer overflow in the split_wildmats function in nntpd.c in nntpd in Cyrus IMAP Server before 2.3.17 and 2.4.x before 2.4.11 allows remote attackers to execute arbitrary code via a crafted NNTP command.)
Оригинальный текстdocumentSECUNIA, Secunia Research: Cyrus IMAPd NTTP Authentication Bypass Vulnerability (10.10.2011)
 documentDEBIAN, [SECURITY] [DSA 2318-1] cyrus-imapd-2.2 security update (10.10.2011)

Многочисленные уязвимости в rpm
Опубликовано:10 октября 2011 г.
Источник:
SecurityVulns ID:11956
Тип:локальная
Уровень опасности:
3/10
Описание:Многочисленные уязвимости при разборе заголовка RPM-файла.
Затронутые продукты:REDHAT : rpm 4.4
CVE:CVE-2011-3378 (RPM 4.4.x through 4.9.x, probably before 4.9.1.2, allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via an rpm package with crafted headers and offsets that are not properly handled when a package is queried or installed, related to (1) the regionSwab function, (2) the headerLoad function, and (3) multiple functions in rpmio/rpmpgp.c.)
Оригинальный текстdocumentMANDRIVA, [ MDVSA-2011:143 ] rpm (10.10.2011)

Многочисленные уязвимости безопасности в quagga routed
Опубликовано:10 октября 2011 г.
Источник:
SecurityVulns ID:11957
Тип:удаленная
Уровень опасности:
6/10
Описание:Многочисленные повреждения памяти при разборе OSPF и BGP
Затронутые продукты:QUAGGA : quagga 0.99
CVE:CVE-2012-1820 (The bgp_capability_orf function in bgpd in Quagga 0.99.20.1 and earlier allows remote attackers to cause a denial of service (assertion failure and daemon exit) by leveraging a BGP peering relationship and sending a malformed Outbound Route Filtering (ORF) capability TLV in an OPEN message.)
 CVE-2012-0255 (The BGP implementation in bgpd in Quagga before 0.99.20.1 does not properly use message buffers for OPEN messages, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a message associated with a malformed Four-octet AS Number Capability (aka AS4 capability).)
 CVE-2012-0250 (Buffer overflow in the OSPFv2 implementation in ospfd in Quagga before 0.99.20.1 allows remote attackers to cause a denial of service (daemon crash) via a Link State Update (aka LS Update) packet containing a network-LSA link-state advertisement for which the data-structure length is smaller than the value in the Length header field.)
 CVE-2012-0249 (Buffer overflow in the ospf_ls_upd_list_lsa function in ospf_packet.c in the OSPFv2 implementation in ospfd in Quagga before 0.99.20.1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a Link State Update (aka LS Update) packet that is smaller than the length specified in its header.)
 CVE-2011-3327 (Heap-based buffer overflow in the ecommunity_ecom2str function in bgp_ecommunity.c in bgpd in Quagga before 0.99.19 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code by sending a crafted BGP UPDATE message over IPv4.)
 CVE-2011-3326 (The ospf_flood function in ospf_flood.c in ospfd in Quagga before 0.99.19 allows remote attackers to cause a denial of service (daemon crash) via an invalid Link State Advertisement (LSA) type in an IPv4 Link State Update message.)
 CVE-2011-3325 (ospf_packet.c in ospfd in Quagga before 0.99.19 allows remote attackers to cause a denial of service (daemon crash) via (1) a 0x0a type field in an IPv4 packet header or (2) a truncated IPv4 Hello packet.)
 CVE-2011-3324 (The ospf6_lsa_is_changed function in ospf6_lsa.c in the OSPFv3 implementation in ospf6d in Quagga before 0.99.19 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via trailing zero values in the Link State Advertisement (LSA) header list of an IPv6 Database Description message.)
 CVE-2011-3323 (The OSPFv3 implementation in ospf6d in Quagga before 0.99.19 allows remote attackers to cause a denial of service (out-of-bounds memory access and daemon crash) via a Link State Update message with an invalid IPv6 prefix length.)
Оригинальный текстdocumentDEBIAN, [SECURITY] [DSA 2316-1] quagga security update (10.10.2011)

Многочисленные уязвимости безопасности в OpenOffice
Опубликовано:10 октября 2011 г.
Источник:
SecurityVulns ID:11958
Тип:клиент
Уровень опасности:
5/10
Описание:Многочисленные повреждения памяти при импорте файлов .doc
Затронутые продукты:OPENOFFICE : OpenOffice 2.4
 OPENOFFICE : OpenOffice 3.2
CVE:CVE-2011-2713 (oowriter in OpenOffice.org 3.3.0 and LibreOffice before 3.4.3 allows user-assisted remote attackers to cause a denial of service (crash) via a crafted DOC file that triggers an out-of-bounds read in the DOC sprm parser.)
Оригинальный текстdocumentDEBIAN, [SECURITY] [DSA 2315-1] openoffice.org security update (10.10.2011)

Многочисленные уязвимости безопасности в Cisco ASA / Cisco FSM
Опубликовано:10 октября 2011 г.
Источник:
SecurityVulns ID:11959
Тип:удаленная
Уровень опасности:
7/10
Описание:Многочисленные уязвимости при разборе MSN, Sun RPC, ILS, обход аутентификации в TACACS+.
Затронутые продукты:CISCO : Cisco 7600
 CISCO : Cisco Catalyst 6500
 CISCO : Cisco ASA 5500
CVE:CVE-2011-3304 (Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco Catalyst 6500 series devices, with software 7.2 before 7.2(5.3), 8.0 before 8.0(5.25), 8.1 before 8.1(2.50), 8.2 before 8.2(5.11), 8.3 before 8.3(2.23), 8.4 before 8.4(2), and 8.5 before 8.5(1.1) allow remote attackers to cause a denial of service (device reload) via crafted MSN Instant Messenger traffic, aka Bug ID CSCtl67486.)
 CVE-2011-3303 (Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco Catalyst 6500 series devices, with software 7.0 before 7.0(8.13), 7.1 and 7.2 before 7.2(5.4), 8.0 before 8.0(5.25), 8.1 before 8.1(2.50), 8.2 before 8.2(5.6), 8.3 before 8.3(2.23), 8.4 before 8.4(2.7), and 8.5 before 8.5(1.1) and Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(21), 3.2 before 3.2(22), 4.0 before 4.0(16), and 4.1 before 4.1(7) allow remote attackers to cause a denial of service (device reload) via malformed ILS traffic, aka Bug IDs CSCtq57697 and CSCtq57802.)
 CVE-2011-3302 (Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco Catalyst 6500 series devices, with software 7.0 before 7.0(8.13), 7.1 and 7.2 before 7.2(5.4), 8.0 before 8.0(5.25), 8.1 and 8.2 before 8.2(5.11), 8.3 before 8.3(2.23), 8.4 before 8.4(2.6), and 8.5 before 8.5(1.1) and Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(21), 3.2 before 3.2(22), 4.0 before 4.0(16), and 4.1 before 4.1(7) allow remote attackers to cause a denial of service (device reload) via crafted SunRPC traffic, aka Bug IDs CSCto92398 and CSCtq09989.)
 CVE-2011-3301 (Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco Catalyst 6500 series devices, with software 7.0 before 7.0(8.13), 7.1 and 7.2 before 7.2(5.4), 8.0 before 8.0(5.25), 8.1 and 8.2 before 8.2(5.11), 8.3 before 8.3(2.23), 8.4 before 8.4(2.6), and 8.5 before 8.5(1.1) and Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(21), 3.2 before 3.2(22), 4.0 before 4.0(16), and 4.1 before 4.1(7) allow remote attackers to cause a denial of service (device reload) via crafted SunRPC traffic, aka Bug IDs CSCtq06062 and CSCtq09986.)
 CVE-2011-3300 (Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco Catalyst 6500 series devices, with software 7.0 before 7.0(8.13), 7.1 and 7.2 before 7.2(5.4), 8.0 before 8.0(5.25), 8.1 and 8.2 before 8.2(5.11), 8.3 before 8.3(2.23), 8.4 before 8.4(2.6), and 8.5 before 8.5(1.1) and Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(21), 3.2 before 3.2(22), 4.0 before 4.0(16), and 4.1 before 4.1(7) allow remote attackers to cause a denial of service (device reload) via crafted SunRPC traffic, aka Bug IDs CSCtq06065 and CSCtq09978.)
 CVE-2011-3299 (Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco Catalyst 6500 series devices, with software 7.0 before 7.0(8.13), 7.1 and 7.2 before 7.2(5.4), 8.0 before 8.0(5.25), 8.1 and 8.2 before 8.2(5.11), 8.3 before 8.3(2.23), 8.4 before 8.4(2.6), and 8.5 before 8.5(1.1) and Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(21), 3.2 before 3.2(22), 4.0 before 4.0(16), and 4.1 before 4.1(7) allow remote attackers to cause a denial of service (device reload) via crafted SunRPC traffic, aka Bug IDs CSCto92380 and CSCtq09972.)
 CVE-2011-3298 (Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco Catalyst 6500 series devices, with software 7.0 before 7.0(8.13), 7.1 and 7.2 before 7.2(5.3), 8.0 before 8.0(5.24), 8.1 before 8.1(2.50), 8.2 before 8.2(5), 8.3 before 8.3(2.18), 8.4 before 8.4(1.10), and 8.5 before 8.5(1.1) and Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(21), 3.2 before 3.2(22), 4.0 before 4.0(16), and 4.1 before 4.1(7) allow remote attackers to bypass authentication via a crafted TACACS+ reply, aka Bug IDs CSCto40365 and CSCto74274.)
 CVE-2011-3297 (Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(21), 3.2 before 3.2(22), 4.0 before 4.0(16), and 4.1 before 4.1(7), when certain authentication configurations are used, allows remote attackers to cause a denial of service (module crash) by making many authentication requests for network access, aka Bug ID CSCtn15697.)
 CVE-2011-3296 (Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(21), 3.2 before 3.2(22), 4.0 before 4.0(16), and 4.1 before 4.1(7), when IPv6 is used, allows remote attackers to cause a denial of service (memory corruption and module crash or hang) via vectors that trigger syslog message 302015, aka Bug ID CSCti83875.)
Оригинальный текстdocumentCISCO, Cisco Security Advisory: Multiple Vulnerabilities in Cisco Firewall Services Module (10.10.2011)
 documentCISCO, Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module (10.10.2011)

Обратный путь в каталогах Cisco Network Admission Control Manager
Опубликовано:10 октября 2011 г.
Источник:
SecurityVulns ID:11960
Тип:удаленная
Уровень опасности:
5/10
Описание:Обратный путь в каталогах через HTTPS.
Затронутые продукты:CISCO : Cisco Network Admission Control Manager 4.8
CVE:CVE-2011-3305 (Directory traversal vulnerability in Cisco Network Admission Control (NAC) Manager 4.8.x allows remote attackers to read arbitrary files via crafted traffic to TCP port 443, aka Bug ID CSCtq10755.)
Оригинальный текстdocumentCISCO, Cisco Security Advisory: Directory Traversal Vulnerability in Cisco Network Admission Control Manager (10.10.2011)

Переполнение буфера в VMWare
Опубликовано:10 октября 2011 г.
Источник:
SecurityVulns ID:11961
Тип:локальная
Уровень опасности:
5/10
Описание:Переполнение буфера при импорте файловой системы UDF.
Затронутые продукты:VMWARE : VMware Workstation 7.1
 VMWARE : VMware Player 3.1
 VMWARE : VMware Fusion 3.1
CVE:CVE-2011-3868 (Buffer overflow in VMware Workstation 7.x before 7.1.5, VMware Player 3.x before 3.1.5, VMware Fusion 3.1.x before 3.1.3, and VMware AMS allows remote attackers to execute arbitrary code via a crafted UDF filesystem in an ISO image.)
Оригинальный текстdocumentVMWARE, VMSA-2011-0011 VMware hosted products address remote code execution vulnerability (10.10.2011)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород