Информационная безопасность
[RU] switch to English


Обход защиты в GRUB 2
Опубликовано:10 декабря 2009 г.
Источник:
SecurityVulns ID:10461
Тип:локальная
Уровень опасности:
5/10
Описание:Некорректно проверяется пароль на загрузку, что позволяет загрузиться, подобрав первый символ пароля.
Затронутые продукты:GNU : GRUB 2 1.97
CVE:CVE-2009-4128 (GNU GRand Unified Bootloader (GRUB) 2 1.97 only compares the submitted portion of a password with the actual password, which makes it easier for physically proximate attackers to conduct brute force attacks and bypass authentication by submitting a password whose length is 1.)
Оригинальный текстdocumentUBUNTU, [USN-868-1] GRUB 2 vulnerability (10.12.2009)

Межсайтовый скриптинг в CA Service Desk
Опубликовано:10 декабря 2009 г.
Источник:
SecurityVulns ID:10463
Тип:удаленная
Уровень опасности:
5/10
Описание:CGI webengine и freeaccess.spl уязвимы к межсайтовому скриптингу.
Затронутые продукты:CA : CA Service Desk 12.1
CVE:CVE-2009-4149 (Cross-site scripting (XSS) vulnerability in the web interface in CA Service Desk 12.1 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter.)
Оригинальный текстdocumentCA, CA20091208-01: Security Notice for CA Service Desk (10.12.2009)

Многочисленные уязвимости безопасности в HP OpenView NNM
дополнено с 9 декабря 2009 г.
Опубликовано:10 декабря 2009 г.
Источник:
SecurityVulns ID:10460
Тип:удаленная
Уровень опасности:
5/10
Описание:Многочисленные уязвимости в различных CGI.
Затронутые продукты:HP : OpenView Network Node Manager 7.51
CVE:CVE-2009-4181 (Stack-based buffer overflow in ovwebsnmpsrv.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via vectors involving the sel and arg parameters to jovgraph.exe.)
 CVE-2009-4180 (Stack-based buffer overflow in snmpviewer.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long HTTP Host header.)
 CVE-2009-4179 (Stack-based buffer overflow in ovalarm.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long HTTP Accept-Language header in an OVABverbose action.)
 CVE-2009-4178 (Heap-based buffer overflow in OvWebHelp.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long Topic parameter.)
 CVE-2009-4177 (Buffer overflow in webappmon.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long HTTP Host header.)
 CVE-2009-4176 (Multiple heap-based buffer overflows in ovsessionmgr.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allow remote attackers to execute arbitrary code via a long (1) userid or (2) passwd parameter to ovlogin.exe.)
 CVE-2009-3849 (Multiple stack-based buffer overflows in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allow remote attackers to execute arbitrary code via (1) a long Template parameter to nnmRptConfig.exe, related to the strcat function; or (2) a long Oid parameter to snmp.exe.)
 CVE-2009-3848 (Stack-based buffer overflow in nnmRptConfig.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long Template parameter, related to the vsprintf function.)
 CVE-2009-3846 (Multiple heap-based buffer overflows in ovlogin.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allow remote attackers to execute arbitrary code via a long (1) userid or (2) passwd parameter.)
 CVE-2009-3845 (The port-3443 HTTP server in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary commands via shell metacharacters in the hostname parameter to unspecified Perl scripts.)
 CVE-2009-0898 (Stack-based buffer overflow in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a crafted HTTP request.)
Оригинальный текстdocumentHP, [security bulletin] HPSBMA02483 SSRT090257 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code (10.12.2009)
 documentZDI, TPTI-09-13: HP OpenView NNM snmpviewer.exe CGI Host Header Stack Overflow Vulnerability (10.12.2009)
 documentZDI, TPTI-09-12: HP OpenView NNM ovalarm.exe CGI Accept-Language Stack Overflow Vulnerability (09.12.2009)
 documentZDI, TPTI-09-10: HP OpenView NNM webappmon.exe CGI Host Header Buffer Overflow Vulnerability (09.12.2009)
 documentZDI, TPTI-09-09: HP OpenView NNM ovsessionmgr.exe userid/passwd Heap Overflow Vulnerability (09.12.2009)
 documentZDI, TPTI-09-08: HP OpenView NNM ovlogin.exe CGI userid/passwd Heap Overflow Vulnerability (09.12.2009)
 documentZDI, ZDI-09-095: Hewlett-Packard OpenView NNM Snmp.exe Oid Variable Buffer Overflow Vulnerability (09.12.2009)
 documentZDI, ZDI-09-097: Hewlett-Packard OpenView NNM nnmRptConfig.exe Template Variable strcat Overflow Vulnerability (09.12.2009)
 documentZDI, ZDI-09-096: Hewlett-Packard OpenView NNM nnmRptConfig.exe Template Variable vsprintf Overflow Vulnerability (09.12.2009)
 documentZDI, ZDI-09-094: Hewlett-Packard OpenView NNM Multiple Command Injection Vulnerabilities (09.12.2009)

Многочисленные уязвимости безопасности в кодеках Intel Indeo в Microsoft Windows
дополнено с 9 декабря 2009 г.
Опубликовано:10 декабря 2009 г.
Источник:
SecurityVulns ID:10456
Тип:библиотека
Уровень опасности:
8/10
Описание:Многочисленные уязвимости при разборе видео файлов.
Затронутые продукты:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
Оригинальный текстdocumentIDEFENSE, iDefense Security Advisory 12.08.09: Microsoft Windows Indeo32 Codec Parsing Heap Corruption Vulnerability (10.12.2009)
 documentMICROSOFT, Microsoft Security Advisory (954157) Security Enhancements for the Indeo Codec (09.12.2009)
 documentliubing, Fortinet Advisory: Fortinet Discovers Vulnerability in Indeo Codec (09.12.2009)
 documentZDI, ZDI-09-090: Microsoft Windows Intel Indeo Codec Parsing Stack Overflow Vulnerability (09.12.2009)
 documentZDI, ZDI-09-089: Microsoft Windows Intel Indeo Codec Parsing Heap Overflow Vulnerability (09.12.2009)
Файлы:Microsoft Security Advisory (954157) Security Enhancements for the Indeo Codec

Многочисленные уязвимости безопасности в Microsoft Internet Explorer
дополнено с 9 декабря 2009 г.
Опубликовано:10 декабря 2009 г.
Источник:
SecurityVulns ID:10453
Тип:клиент
Уровень опасности:
9/10
Описание:Многочисленные повреждения памяти, выполнение кода.
Затронутые продукты:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
 MICROSOFT : Windows 7
CVE:CVE-2009-3674 (Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a different vulnerability than CVE-2009-3671.)
 CVE-2009-3673 (Microsoft Internet Explorer 7 and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability.")
 CVE-2009-3672 (Microsoft Internet Explorer 6 and 7 does not properly handle objects in memory that (1) were not properly initialized or (2) are deleted, which allows remote attackers to execute arbitrary code via vectors involving a call to the getElementsByTagName method for the STYLE tag name, selection of the single element in the returned list, and a change to the outerHTML property of this element, related to Cascading Style Sheets (CSS) and mshtml.dll, aka "HTML Object Memory Corruption Vulnerability." NOTE: some of these details are obtained from third party information. NOTE: this issue was originally assigned CVE-2009-4054, but Microsoft assigned a duplicate identifier of CVE-2009-3672. CVE consumers should use this identifier instead of CVE-2009-4054.)
 CVE-2009-3671 (Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a different vulnerability than CVE-2009-3674.)
 CVE-2009-2493 (The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not properly restrict use of OleLoadFromStream in instantiating objects from data streams, which allows remote attackers to execute arbitrary code via a crafted HTML document with an ATL (1) component or (2) control, related to ATL headers and bypassing security policies, aka "ATL COM Initialization Vulnerability.")
Оригинальный текстdocumentIDEFENSE, iDefense Security Advisory 12.08.09: Microsoft Internet Explorer HTML Layout Engine Uninitialized Memory Vulnerability (10.12.2009)
 documentZDI, ZDI-09-088: Microsoft Internet Explorer IFrame Attributes Circular Reference Dangling Pointer Vulnerability (09.12.2009)
 documentZDI, ZDI-09-087: Microsoft Internet Explorer CSS Race Condition Code Execution Vulnerability (09.12.2009)
 documentZDI, ZDI-09-086: Microsoft Internet Explorer XHTML DOM Manipulation Memory Corruption Vulnerability (09.12.2009)
 documentMICROSOFT, Microsoft Security Bulletin MS09-072 - Critical Cumulative Security Update for Internet Explorer (976325) (09.12.2009)
Файлы:Microsoft Security Bulletin MS09-072 - Critical Cumulative Security Update for Internet Explorer (976325)

Повреждение памяти в Microsoft Wordpad / Office Text Converters
дополнено с 9 декабря 2009 г.
Опубликовано:10 декабря 2009 г.
Источник:
SecurityVulns ID:10454
Тип:клиент
Уровень опасности:
6/10
Описание:Повреждение памяти при обработке документов Office 97
Затронутые продукты:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Office XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Office 2003
CVE:CVE-2009-2506 (Integer overflow in the text converters in Microsoft Office Word 2002 SP3 and 2003 SP3; Works 8.5; Office Converter Pack; and WordPad in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via a DOC file with an invalid number of property names in the DocumentSummaryInformation stream, which triggers a heap-based buffer overflow.)
Оригинальный текстdocumentIDEFENSE, iDefense Security Advisory 12.08.09: Microsoft WordPad Word97 Converter Integer Overflow Vulnerability (10.12.2009)
 documentMICROSOFT, Microsoft Security Bulletin MS09-073 - Important Vulnerability in WordPad and Office Text Converters Could Allow Remote Code Execution (975539) (09.12.2009)
Файлы:Microsoft Security Bulletin MS09-073 - Important Vulnerability in WordPad and Office Text Converters Could Allow Remote Code Execution (975539)

Несанкционрованный доступ к продуктам Symantec Veritas
дополнено с 10 декабря 2009 г.
Опубликовано:15 декабря 2009 г.
Источник:
SecurityVulns ID:10462
Тип:удаленная
Уровень опасности:
7/10
Описание:Обход аутентификации в службе VRTSweb.exe по порту TCP/14300 позволяет выполнение кода.
Затронутые продукты:HP : HP-UX 11.23
 HP : HP-UX 11.31
 SYMANTEC : Backup Exec Continuous Protection Server 12.5
 SYMANTEC : Veritas NetBackup Operations Manager 6.5
 SYMANTEC : Veritas Backup Reporter 6.6
 SYMANTEC : Veritas Storage Foundation 3.5
 SYMANTEC : Veritas Storage Foundation for Windows High Availability 5.1
 SYMANTEC : Veritas Storage Foundation for High Availability 3.5
 SYMANTEC : Veritas Storage Foundation for Oracle 5.0
 SYMANTEC : Veritas Storage Foundation for DB2 5.0
 SYMANTEC : Veritas Storage Foundation for Sybase 5.0
 SYMANTEC : Veritas Storage Foundation for Oracle Real Application Cluster 5.0
 SYMANTEC : Veritas Storage Foundation Manager 1.1
 SYMANTEC : Veritas Storage Foundation Manager 2.0
 SYMANTEC : Veritas Cluster Server 5.0
 SYMANTEC : Veritas Cluster Server One 2.0
 SYMANTEC : Veritas Application Director 1.1
 SYMANTEC : Veritas Cluster Server Management Console 5.5
 SYMANTEC : Veritas Storage Foundation Cluster File System 5.0
 SYMANTEC : Veritas Storage Foundation Cluster File System for Oracle RAC 5.0
 SYMANTEC : Veritas Command Central Storage 5.1
 SYMANTEC : Veritas Command Central Enterprise Reporter 5.1
 SYMANTEC : Veritas Command Central Storage Change Manager 5.1
 SYMANTEC : Veritas MicroMeasure 5.0
 SYMANTEC : VRTSweb 5.0
CVE:CVE-2009-3027 (VRTSweb.exe in VRTSweb in Symantec Backup Exec Continuous Protection Server (CPS) 11d, 12.0, and 12.5; Veritas NetBackup Operations Manager (NOM) 6.0 GA through 6.5.5; Veritas Backup Reporter (VBR) 6.0 GA through 6.6; Veritas Storage Foundation (SF) 3.5; Veritas Storage Foundation for Windows High Availability (SFWHA) 4.3MP2, 5.0, 5.0RP1a, 5.0RP2, 5.1, and 5.1AP1; Veritas Storage Foundation for High Availability (SFHA) 3.5; Veritas Storage Foundation for Oracle (SFO) 4.1, 5.0, and 5.0.1; Veritas Storage Foundation for DB2 4.1 and 5.0; Veritas Storage Foundation for Sybase 4.1 and 5.0; Veritas Storage Foundation for Oracle Real Application Cluster (SFRAC) 3.5, 4.0, 4.1, and 5.0; Veritas Storage Foundation Manager (SFM) 1.0, 1.0 MP1, 1.1, 1.1.1Ux, 1.1.1Win, and 2.0; Veritas Cluster Server (VCS) 3.5, 4.0, 4.1, and 5.0; Veritas Cluster Server One (VCSOne) 2.0, 2.0.1, and 2.0.2; Veritas Application Director (VAD) 1.1 and 1.1 Platform Expansion; Veritas Cluster Server Management Console (VCSMC) 5.1, 5.5, and 5.5.1)
Оригинальный текстdocumentHP, [security bulletin] HPSBUX02480 SSRT090253 rev.1 - HP-UX Running VRTSweb, Remote Execution of Arbitrary Code, Increase of Privilege (15.12.2009)
 documentZDI, ZDI-09-098: Symantec Multiple Products VRTSweb.exe Remote Code Execution Vulnerability (10.12.2009)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород