Информационная безопасность
[RU] switch to English


Уязвимости безопасности в Novell Netware
дополнено с 9 января 2012 г.
Опубликовано:11 января 2012 г.
Источник:
SecurityVulns ID:12127
Тип:удаленная
Уровень опасности:
5/10
Описание:Переполнения буфера в RPC-службах на портах TCP/32778, UDP/32778, UDP/32779, UDP/2039.
Затронутые продукты:NOVELL : Netware 6.5
Оригинальный текстdocumentZDI, ZDI-12-011 : Novell Netware XNFS caller_name xdrDecodeString Remote Code Execution Vulnerability (11.01.2012)
 documentZDI, ZDI-12-006 : Novell Netware XNFS.NLM NFS Rename Remote Code Execution Vulnerability (09.01.2012)
 documentZDI, ZDI-12-007 : Novell Netware XNFS.NLM STAT Notify Remote Code Execution Vulnerability (09.01.2012)

Несанкционированный доступ к принтерам HP LaserJet P3015
дополнено с 9 января 2012 г.
Опубликовано:11 января 2012 г.
Источник:
SecurityVulns ID:12130
Тип:удаленная
Уровень опасности:
5/10
Описание:Обратный путь в каталогах Web-сервера
Затронутые продукты:HP : LaserJet P3015
CVE:CVE-2011-4785 (Directory traversal vulnerability in the HP-ChaiSOE/1.0 web server on the HP LaserJet P3015 printer with firmware before 07.080.3, LaserJet 4650 printer with firmware 07.006.0, and LaserJet 2430 printer with firmware 08.113.0_I35128 allows remote attackers to read arbitrary files via unspecified vectors, a different vulnerability than CVE-2008-4419.)
 CVE-2011-4161 (The default configuration of the HP CM8060 Color MFP with Edgeline; Color LaserJet 3xxx, 4xxx, 5550, 9500, CMxxxx, CPxxxx, and Enterprise CPxxxx; Digital Sender 9200c and 9250c; LaserJet 4xxx, 5200, 90xx, Mxxxx, and Pxxxx; and LaserJet Enterprise 500 color M551, 600, M4555 MFP, and P3015 enables the Remote Firmware Update (RFU) setting, which allows remote attackers to execute arbitrary code by using a session on TCP port 9100 to upload a crafted firmware update.)
Оригинальный текстdocumentddivulnalert_(at)_ddifrontline.com, DDIVRT-2011-37 HP JetDirect Device Page Directory Traversal (CVE-2011-4785) (11.01.2012)
 documentHP, [security bulletin] HPSBPI02733 SSRT100646 rev.1 - Certain HP LaserJet Printers, Remote Unauthorized Access to Files (09.01.2012)

Повышение привилегий в Apache
Опубликовано:11 января 2012 г.
Источник:
SecurityVulns ID:12139
Тип:локальная
Уровень опасности:
5/10
Описание:Повышение привилегий через SetEnvIf в сочетании с заголовками HTTP-запроса.
Затронутые продукты:APACHE : Apache 2.0
 APACHE : Apache 2.2
CVE:CVE-2011-3607 (Integer overflow in the ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif module is enabled, allows local users to gain privileges via a .htaccess file with a crafted SetEnvIf directive, in conjunction with a crafted HTTP request header, leading to a heap-based buffer overflow.)

Зацикливание ответов в PowerDNS
Опубликовано:11 января 2012 г.
Источник:
SecurityVulns ID:12140
Тип:удаленная
Уровень опасности:
6/10
Описание:Резолвер отвечает на ответ, что дает возможность DoS-атаки.
Затронутые продукты:POWERDNS : PowerDNS 2.9
CVE:CVE-2012-0206 (common_startup.cc in PowerDNS (aka pdns) Authoritative Server before 2.9.22.5 and 3.x before 3.0.1 allows remote attackers to cause a denial of service (packet loop) via a crafted UDP DNS response.)
Оригинальный текстdocumentDEBIAN, [SECURITY] [DSA 2385-1] pdns security update (11.01.2012)

Повреждения памяти в Citrix Provisioning Services
Опубликовано:11 января 2012 г.
Источник:
SecurityVulns ID:12141
Тип:удаленная
Уровень опасности:
6/10
Описание:Многочисленные повреждения памяти.
Оригинальный текстdocumentZDI, ZDI-12-010 : Citrix Provisioning Services Stream Service 0x40020006 Remote Code Execution Vulnerability (11.01.2012)
 documentZDI, ZDI-12-009 : Citrix Provisioning Services Stream Service 0x40020000 Remote Code Execution Vulnerability (11.01.2012)
 documentZDI, ZDI-12-008 : Citrix Provisioning Services streamprocess.exe vDisk Name Parsing Remote Code Execution Vulnerability (11.01.2012)

Несанкционированный доступ ко внутренней сети через Apache mod_proxy
дополнено с 12 октября 2011 г.
Опубликовано:11 января 2012 г.
Источник:
SecurityVulns ID:11968
Тип:удаленная
Уровень опасности:
6/10
Описание:Некорректно обрабатываются URI со знаком @
Затронутые продукты:APACHE : Apache 1.3
 APACHE : Apache 2.0
 APACHE : Apache 2.2
CVE:CVE-2011-4317 (The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21, when the Revision 1179239 patch is in place, does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an @ (at sign) character and a : (colon) character in invalid positions. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-3368.)
 CVE-2011-3368 (The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an initial @ (at sign) character.)
Оригинальный текстdocumentMANDRIVA, [ MDVSA-2011:144 ] apache (12.10.2011)

Межсайтовый скриптинг в библиотеке Microsoft AntiXSS
дополнено с 11 января 2012 г.
Опубликовано:20 января 2012 г.
Источник:
SecurityVulns ID:12138
Тип:библиотека
Уровень опасности:
5/10
Описание:Межсайтовый скриптинг при парсинге HTML.
Затронутые продукты:MICROSOFT : AntiXSS 4.0
CVE:CVE-2012-0007 (The Microsoft Anti-Cross Site Scripting (AntiXSS) Library 3.x and 4.0 does not properly evaluate characters after the detection of a Cascading Style Sheets (CSS) escaped character, which allows remote attackers to conduct cross-site scripting (XSS) attacks via HTML input, aka "AntiXSS Library Bypass Vulnerability.")
Оригинальный текстdocumentadic_(at)_il.ibm.com, Microsoft Anti-XSS Library Bypass (MS12-007) (20.01.2012)
Файлы:Microsoft Security Bulletin MS12-007 - Important Vulnerability in AntiXSS Library Could Allow Information Disclosure (2607664)

Многочисленные уязвимости безопасности в Microsoft Windows
дополнено с 11 января 2012 г.
Опубликовано:21 января 2012 г.
Источник:
SecurityVulns ID:12137
Тип:клиент
Уровень опасности:
7/10
Описание:Обход защиты SafeSEH, выполнение кода через Windows Object Packager, повышение привилегий через CSRSS, повреждения памяти в DirectShow / Windows Media, выполнение кода в Windows Packager, утечка информации в SSL/TLS.
Затронутые продукты:MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
 MICROSOFT : Windows 7
CVE:CVE-2012-0013 (Incomplete blacklist vulnerability in the Windows Packager configuration in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted ClickOnce application in a Microsoft Office document, related to .application files, aka "Assembly Execution Vulnerability.")
 CVE-2012-0009 (Untrusted search path vulnerability in the Windows Object Packager configuration in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows local users to gain privileges via a Trojan horse executable file in the current working directory, as demonstrated by a directory that contains a file with an embedded packaged object, aka "Object Packager Insecure Executable Launching Vulnerability.")
 CVE-2012-0005 (The Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP2, and Server 2008 SP2, when a Chinese, Japanese, or Korean system locale is used, can access uninitialized memory during the processing of Unicode characters, which allows local users to gain privileges via a crafted application, aka "CSRSS Elevation of Privilege Vulnerability.")
 CVE-2012-0004 (Unspecified vulnerability in DirectShow in DirectX in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted media file, related to Quartz.dll, Qdvd.dll, closed captioning, and the Line21 DirectShow filter, aka "DirectShow Remote Code Execution Vulnerability.")
 CVE-2012-0003 (Unspecified vulnerability in winmm.dll in Windows Multimedia Library in Windows Media Player (WMP) in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP2, and Server 2008 SP2 allows remote attackers to execute arbitrary code via a crafted MIDI file, aka "MIDI Remote Code Execution Vulnerability.")
 CVE-2012-0001 (The kernel in Microsoft Windows XP SP2, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly load structured exception handling tables, which allows context-dependent attackers to bypass the SafeSEH security feature by leveraging a Visual C++ .NET 2003 application, aka "Windows Kernel SafeSEH Bypass Vulnerability.")
 CVE-2011-3389 (The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a "BEAST" attack.)
Оригинальный текстdocumentAkita Software Security, Office arbitrary ClickOnce application execution vulnerability (21.01.2012)
Файлы:Microsoft Security Bulletin MS12-001 - Important Vulnerability in Windows Kernel Could Allow Security Feature Bypass (2644615)
 Microsoft Security Bulletin MS12-002 - Important Vulnerability in Windows Object Packager Could Allow Remote Code Execution (2603381)
 Microsoft Security Bulletin MS12-003 - Important Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (2646524)
 Microsoft Security Bulletin MS12-004 - Critical Vulnerabilities in Windows Media Could Allow Remote Code Execution (2636391)
 Microsoft Security Bulletin MS12-005 - Important Vulnerability in Microsoft Windows Could Allow Remote Code Execution (2584146)
 Microsoft Security Bulletin MS12-006 - Important Vulnerability in SSL/TLS Could Allow Information Disclosure (2643584)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород