Информационная безопасность
[RU] switch to English


Выполнение кода в HP TippingPoint Security Management System / TippingPoint Virtual Security Management System
Опубликовано:11 мая 2015 г.
Источник:
SecurityVulns ID:14464
Тип:удаленная
Уровень опасности:
6/10
Описание:Выполнение кода через web-интерфейс.
Затронутые продукты:HP : TippingPoint Security Management System 4.2
 HP : TippingPoint Virtual Security Management System 4.2
CVE:CVE-2015-2117 (HP TippingPoint Security Management System (SMS) and TippingPoint Virtual Security Management System (vSMS) before 4.1 patch 3 and 4.2 before patch 1 do not require authentication for JBoss RMI requests, which allows remote attackers to execute arbitrary code by (1) uploading this code within an archive or (2) instantiating a class.)
Оригинальный текстdocumentHP, [security bulletin] HPSBGN03308 rev.1 - HP TippingPoint Security Management System (SMS) and TippingPoint Virtual Security Management System (vSMS), Remote Code Execution (11.05.2015)

Отраженная атака в Filezilla FTP server
Опубликовано:11 мая 2015 г.
Источник:
SecurityVulns ID:14461
Тип:удаленная
Уровень опасности:
5/10
Описание:Не ограничен IP адрес DATA-соединения.
Затронутые продукты:FILEZILLA : Filezilla FTP server 0.9
Оригинальный текстdocumentAmit Klein, Advisory: Filezilla FTP server is vulnerable to FTP PORT bounce (11.05.2015)

XXE в библиотеке Apache libbatik
Опубликовано:11 мая 2015 г.
Источник:
SecurityVulns ID:14475
Тип:библиотека
Уровень опасности:
5/10
Описание:XXE при разборе SVG.
Затронутые продукты:APACHE : batik 1.7
CVE:CVE-2015-0250 (XML external entity (XXE) vulnerability in the SVG to (1) PNG and (2) JPG conversion classes in Apache Batik 1.x before 1.8 allows remote attackers to read arbitrary files or cause a denial of service via a crafted SVG file.)
Оригинальный текстdocumentUBUNTU, [USN-2548-1] Batik vulnerability (11.05.2015)

Раскрытие информации в HP Capture and Route
Опубликовано:11 мая 2015 г.
Источник:
SecurityVulns ID:14457
Тип:удаленная
Уровень опасности:
5/10
Затронутые продукты:HP : HP Capture and Route 1.3
CVE:CVE-2015-2115 (Unspecified vulnerability in HP Capture and Route Software (HPCR) 1.3 before Patch 7, 1.3 FP1 before Patch 1, and 1.4 before Patch 1 allows remote authenticated users to obtain sensitive information via unknown vectors.)
Оригинальный текстdocumentHP, [security bulletin] HPSBPI03315 rev.1 - HP Capture and Route Software, Remote Information Disclosure (11.05.2015)

Межсайтовый скриптинг в SonicWall SonicOS
Опубликовано:11 мая 2015 г.
Источник:
SecurityVulns ID:14463
Тип:удаленная
Уровень опасности:
5/10
Затронутые продукты:SONICWALL : SonicOS 7.5
Оригинальный текстdocumentVulnerability Lab, SonicWall SonicOS 7.5.0.12 & 6.x - Client Side Cross Site Scripting Vulnerability (11.05.2015)

Многочисленные уязвимости безопасности в HP Data Protector
Опубликовано:11 мая 2015 г.
Источник:
SecurityVulns ID:14465
Тип:удаленная
Уровень опасности:
5/10
Описание:DoS, повышение привилегий, выполнение кода.
Затронутые продукты:HP : HP Storage Data Protector 7.03
CVE:CVE-2015-2116 (Unspecified vulnerability in HP Storage Data Protector 7.x before 7.03 build 107 allows remote authenticated users to execute arbitrary code or cause a denial of service via unknown vectors.)
Оригинальный текстdocumentHP, [security bulletin] HPSBMU03321 rev.1 - HP Data Protector, Remote Increase of Privilege, Denial of Service (DoS), Execution of Arbitrary Code (11.05.2015)

Целочисленное переполнение в dcraw / libraw
Опубликовано:11 мая 2015 г.
Источник:
SecurityVulns ID:14468
Тип:библиотека
Уровень опасности:
6/10
Описание:Целочисленное переполнение в ljpeg_start().
Затронутые продукты:LIBRAW : libraw 0.16
 DCRAW : dcraw 7.0
Оригинальный текстdocumentAndrea Barisani, [oCERT-2015-006] dcraw input sanitization errors (11.05.2015)

Раскрытие информации в Network Virtualization for HP LoadRunner and Performance Center
Опубликовано:11 мая 2015 г.
Источник:
SecurityVulns ID:14472
Тип:удаленная
Уровень опасности:
5/10
Затронутые продукты:HP : Network Virtualization for HP LoadRunner and Performance Center 11.52
CVE:CVE-2015-2121 (HP Network Virtualization for LoadRunner and Performance Center 8.61 and 11.52 allows remote attackers to read arbitrary files via a crafted filename in a URL to the (1) HttpServlet or (2) NetworkEditorController component, aka ZDI-CAN-2569.)
Оригинальный текстdocumentHP, [security bulletin] HPSBGN03328 rev.1 - Network Virtualization for HP LoadRunner and Performance Center, Remote Information Disclosure (11.05.2015)

Обход аутентификации в HP Operations Orchestration
Опубликовано:11 мая 2015 г.
Источник:
SecurityVulns ID:14467
Тип:удаленная
Уровень опасности:
5/10
CVE:CVE-2015-2109 (Unspecified vulnerability in HP Operations Orchestration 10.x allows remote attackers to bypass authentication, and obtain sensitive information or modify data, via unknown vectors.)
Оригинальный текстdocumentHP, [security bulletin] HPSBMU03292 rev.1 - HP Operations Orchestration Authentication Bypass (11.05.2015)

DoS против suricata
Опубликовано:11 мая 2015 г.
Источник:
SecurityVulns ID:14471
Тип:удаленная
Уровень опасности:
5/10
Описание:Отказ при разборе сертификата SSL.
Затронутые продукты:SURICATA : suricata 2.0
CVE:CVE-2015-0971 (The DER parser in Suricata before 2.0.8 allows remote attackers to cause a denial of service (crash) via vectors related to SSL/TLS certificates.)
Оригинальный текстdocumentDEBIAN, [SECURITY] [DSA 3254-1] suricata security update (11.05.2015)

Недостаточная проверка сертификата в squid
Опубликовано:11 мая 2015 г.
Источник:
SecurityVulns ID:14454
Тип:m-i-t-m
Уровень опасности:
5/10
Описание:Недостаточная проверка серверного сертификата.
Затронутые продукты:SQUID : squid 3.4
CVE:CVE-2015-3455 (Squid 3.2.x before 3.2.14, 3.3.x before 3.3.14, 3.4.x before 3.4.13, and 3.5.x before 3.5.4, when configured with client-first SSL-bump, does not properly validate the domain or hostname fields of X.509 certificates, which allows man-in-the-middle attackers to spoof SSL servers via a valid certificate.)
Оригинальный текстdocumentMANDRIVA, [ MDVSA-2015:230 ] squid (11.05.2015)

Выполнение кода в Cisco UCS Central
Опубликовано:11 мая 2015 г.
Источник:
SecurityVulns ID:14460
Тип:удаленная
Уровень опасности:
5/10
Описание:Выполнение кода через Web-интерфейс.
Затронутые продукты:CISCO : UCS Central Software 1.2
CVE:CVE-2015-0701 (Cisco UCS Central Software before 1.3(1a) allows remote attackers to execute arbitrary commands via a crafted HTTP request, aka Bug ID CSCut46961.)
Файлы:Cisco Security Advisory Cisco UCS Central Software Arbitrary Command Execution Vulnerability

downgrade-атаки в zeromq3 / libzmq
Опубликовано:11 мая 2015 г.
Источник:
SecurityVulns ID:14469
Тип:библиотека
Уровень опасности:
5/10
Описание:Возможна атака на понижение версии протокола.
Затронутые продукты:ZEROMQ : zeromq3 4.0
Оригинальный текстdocumentDEBIAN, [SECURITY] [DSA 3255-1] zeromq3 security update (11.05.2015)

Обход аутентификации в проекторах InFocus
Опубликовано:11 мая 2015 г.
Источник:
SecurityVulns ID:14458
Тип:удаленная
Уровень опасности:
5/10
Описание:Несколько способов обхода аутентификации.
Затронутые продукты:INFOCUS : InFocus IN3128HD
CVE:CVE-2014-8384 (The InFocus IN3128HD projector with firmware 0.26 does not restrict access to cgi-bin/webctrl.cgi.elf, which allows remote attackers to modify the DHCP server and device IP configuration, reboot the device, change the device name, and have other unspecified impact via a crafted request.)
 CVE-2014-8383 (The InFocus IN3128HD projector with firmware 0.26 allows remote attackers to bypass authentication via a direct request to main.html.)
Оригинальный текстdocumentCORE SECURITY TECHNOLOGIES ADVISORIES, [CORE-2015-0008] - InFocus IN3128HD Projector Multiple Vulnerabilities (11.05.2015)

Многочисленные уязвимости безопасности в HP Integrated Lights-Out
Опубликовано:11 мая 2015 г.
Источник:
SecurityVulns ID:14466
Тип:удаленная
Уровень опасности:
6/10
Описание:DoS, повышение привилегий, выполнение кода, обход ограничений.
Затронутые продукты:HP : iLO 4
 HP : iLO 2
 HP : iLO 3
CVE:CVE-2015-2106 (Unspecified vulnerability in HP Integrated Lights-Out (iLO) firmware 2 before 2.27, 3 before 1.82, and 4 before 2.10 allows remote attackers to bypass intended access restrictions or cause a denial of service via unknown vectors.)
 CVE-2014-7876 (Unspecified vulnerability in HP Integrated Lights-Out (iLO) firmware 2 before 2.27 and 4 before 2.03 and iLO Chassis Management (CM) firmware before 1.30 allows remote attackers to gain privileges, execute arbitrary code, or cause a denial of service via unknown vectors.)
Оригинальный текстdocumentHP, [security bulletin] HPSBHF03151 rev.1 - HP Integrated Lights-Out 2 and 4 (iLO 2, iLO 4), Chassis Management (iLO CM), Remote Denial of Service, Remote Execution of Code, Elevation of Privilege (11.05.2015)

Уязвимости безопасности в libicu
Опубликовано:11 мая 2015 г.
Источник:
SecurityVulns ID:14455
Тип:библиотека
Уровень опасности:
8/10
Описание:Переполнение буфера, целочисленное переполнение.
Затронутые продукты:ICU : libicu 55
CVE:CVE-2014-8147 (The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) before 55.1 uses an integer data type that is inconsistent with a header file, which allows remote attackers to cause a denial of service (incorrect malloc followed by invalid free) or possibly execute arbitrary code via crafted text.)
 CVE-2014-8146 (The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) before 55.1 does not properly track directionally isolated pieces of text, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly execute arbitrary code via crafted text.)
Оригинальный текстdocumentPedro Ribeiro, [CVE-2014-8146/8147] - ICU heap and integer overflows / I-C-U-FAIL (11.05.2015)

DoS против HP SDN VAN Controller
Опубликовано:11 мая 2015 г.
Источник:
SecurityVulns ID:14470
Тип:удаленная
Уровень опасности:
5/10
Затронутые продукты:HP : HP SDN VAN Controller 2.5
CVE:CVE-2015-2122 (The REST layer on HP SDN VAN Controller devices 2.5 and earlier allows remote attackers to cause a denial of service via network traffic to the REST port.)
 CVE-2014-0050 (MultipartStream.java in Apache Commons FileUpload before 1.3.1, as used in Apache Tomcat, JBoss Web, and other products, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted Content-Type header that bypasses a loop's intended exit conditions.)
Оригинальный текстdocumentHP, [security bulletin] HPSBGN03329 rev.1 - HP SDN VAN Controller, Remote Denial of Service (DoS), Distributed Denial of Service (DDoS) (11.05.2015)

Уязвимости безопасности в mono
Опубликовано:11 мая 2015 г.
Источник:
SecurityVulns ID:14474
Тип:библиотека
Уровень опасности:
6/10
Описание:Различные уязвимости связанные с TLS.
Затронутые продукты:MONO : mono 3.2
CVE:CVE-2015-2320
 CVE-2015-2319
 CVE-2015-2318
Оригинальный текстdocumentDEBIAN, [SECURITY] [DSA 3202-1] mono security update (11.05.2015)

Обход аутентификации в антивирусных продуктах BullGuard
дополнено с 10 мая 2015 г.
Опубликовано:11 мая 2015 г.
Источник:
SecurityVulns ID:14453
Тип:локальная
Уровень опасности:
6/10
Описание:Ограничения доступа проверяются в клиентском приложении.
Оригинальный текстdocumentmatthias.deeg_(at)_syss.de, [SYSS-2015-019] BullGuard Antivirus - Authentication Bypass (10.05.2015)
 documentmatthias.deeg_(at)_syss.de, [SYSS-2015-018] BullGuard Premium Protection - Authentication Bypass (10.05.2015)
 documentmatthias.deeg_(at)_syss.de, [SYSS-2015-017] BullGuard Internet Security - Authentication Bypass (10.05.2015)

Сброс пароля в EMC RSA Identity Management and Governance
Опубликовано:11 мая 2015 г.
Источник:
SecurityVulns ID:14456
Тип:удаленная
Уровень опасности:
5/10
Описание:Слабая процедура сброса пароля.
Затронутые продукты:RSA : Identity Management and Governance 6.9
CVE:CVE-2015-0532 (EMC RSA Identity Management and Governance (IMG) 6.9 before P04 and 6.9.1 before P01 does not properly restrict password resets, which allows remote attackers to obtain access via crafted use of the reset process for an arbitrary valid account name, as demonstrated by a privileged account.)
Оригинальный текстdocumentEMC, ESA-2015-078: RSA® Identity Management and Governance (IMG) Insecure Password Reset Vulnerability (11.05.2015)

Раскрытие информации в F5 BIG-IQ
Опубликовано:11 мая 2015 г.
Источник:
SecurityVulns ID:14459
Тип:удаленная
Уровень опасности:
5/10
Описание:Раскрытие информации о пользователях.
Затронутые продукты:F5 : BIG-IQ 0.0
Оригинальный текстdocumentjplopezy_(at)_gmail.com, F5 BIG-IQ Enumeration of users and Information Disclosure (11.05.2015)

Cводка уязвимостей безопасности в Web-приложениях (PHP, ASP, JSP, CGI, Perl)
Опубликовано:11 мая 2015 г.
Источник:
SecurityVulns ID:14473
Тип:удаленная
Уровень опасности:
5/10
Описание:Инъекции PHP, инъекции SQL, обратный путь в каталогах, межсайтовый скриптинг, модификация файлов, утечка информации и т.д.
Затронутые продукты:WORDPRESS : Ultimate Profile Builder 2.3
 WORDPRESS : Twenty Fifteen 4.2
 MANAGEENGINE : Asset Explorer 6.1
 EPICOR : CRS Retail Store 3.2
 PFSENSE : pfSense 2.2
 WORDPRESS : Ultimate Product Catalogue 3.1
 VBULLETIN : vBulletin 4.2
 FRONTRANGE : FrontRange DSM 7.2
 DJANGO : django 1.7
 NTOP : ntop 4.1
 WING : Wing FTP Server Admin 4.4
 WORDPRESS : embed-articles 7.0
 WORDPRESS : Simple Ads Manager 2.6
 WORDPRESS : AB Google Map Travel 3.4
 JQUERY : jqueryui 1.10
 MANAGEENGINE : Device Expert 5.9
 WORDPRESS : Add Link to Facebook 1.215
 WORDPRESS : WP Statistics 9.1
 WORDPRESS : videowhisper-video-presentation 3.31
 WORDPRESS : videowhisper-video-conference-integration 4.91
 OVERCOFEE : Instant 2.0
 PLIGG : Pligg CMS 2.0
 WORDPRESS : Ad Buttons 2.3
 WORDPRESS : ClickBank Ads 1.7
 WORDPRESS : Ad Inserter 1.5
 WORDPRESS : eShop 6.3
 WORDPRESS : TheCartPress 1.3
 WORDPRESS : Wordpress 4.2
 ALIENVAULT : Alienvault OSSIM/USM 5.0
 TORNADO : Tornado Content Management System 2015 Q2
 NODEJS : nodejs 0.10
 SQLBUDDY : Sqlbuddy 1.3
 PRIMCORE : Pimcore 3.0
 DRUPAL : drupal 7.32
CVE:CVE-2015-3440 (Cross-site scripting (XSS) vulnerability in wp-includes/wp-db.php in WordPress before 4.2.1 allows remote attackers to inject arbitrary web script or HTML via a long comment that is improperly stored because of limitations on the MySQL TEXT data type.)
 CVE-2015-3439 (Cross-site scripting (XSS) vulnerability in the Ephox (formerly Moxiecode) plupload.flash.swf shim 2.1.2 in Plupload, as used in WordPress 3.9.x, 4.0.x, and 4.1.x before 4.1.2 and other products, allows remote attackers to execute same-origin JavaScript functions via the target parameter, as demonstrated by executing a certain click function, related to _init.as and _fireEvent.as.)
 CVE-2015-3438 (Multiple cross-site scripting (XSS) vulnerabilities in WordPress before 4.1.2, when MySQL is used without strict mode, allow remote attackers to inject arbitrary web script or HTML via a (1) four-byte UTF-8 character or (2) invalid character that reaches the database layer, as demonstrated by a crafted character in a comment.)
 CVE-2015-3429 (Cross-site scripting (XSS) vulnerability in example.html in Genericons before 3.3.1, as used in WordPress before 4.2.2, allows remote attackers to inject arbitrary web script or HTML via a fragment identifier.)
 CVE-2015-3421
 CVE-2015-3302
 CVE-2015-3301 (Directory traversal vulnerability in the TheCartPress eCommerce Shopping Cart (aka The Professional WordPress eCommerce Plugin) plugin for WordPress before 1.3.9.3 allows remote administrators to read arbitrary files via a .. (dot dot) in the tcp_box_path parameter in the checkout_editor_settings page to wp-admin/admin.php.)
 CVE-2015-3300 (Multiple cross-site scripting (XSS) vulnerabilities in the TheCartPress eCommerce Shopping Cart (aka The Professional WordPress eCommerce Plugin) plugin for WordPress before 1.3.9.3 allow remote attackers to inject arbitrary web script or HTML via the (1) billing_firstname, (2) billing_lastname, (3) billing_company, (4) billing_tax_id_number, (5) billing_city, (6) billing_street, (7) billing_street_2, (8) billing_postcode, (9) billing_telephone_1, (10) billing_telephone_2, (11) billing_fax, (12) shipping_firstname, (13) shipping_lastname, (14) shipping_company, (15) shipping_tax_id_number, (16) shipping_city, (17) shipping_street, (18) shipping_street_2, (19) shipping_postcode, (20) shipping_telephone_1, (21) shipping_telephone_2, (22) shipping_fax to shopping-cart/checkout/; (23) search_by parameter in the admin/AddressesList.php page to wp-admin/admin.php; (24) address_id, (25) address_name, (26) firstname, (27) lastname, (28) street, (29) city, (30) postcode, or (31) email parameter in the admin/AddressEd)
 CVE-2015-2825 (Unrestricted file upload vulnerability in sam-ajax-admin.php in the Simple Ads Manager plugin before 2.5.96 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in the directory specified by the path parameter.)
 CVE-2015-2824 (Multiple SQL injection vulnerabilities in the Simple Ads Manager plugin before 2.7.97 for WordPress allow remote attackers to execute arbitrary SQL commands via a (1) hits[][] parameter in a sam_hits action to sam-ajax.php; the (2) cstr parameter in a load_posts action to sam-ajax-admin.php; the (3) searchTerm parameter in a load_combo_data action to sam-ajax-admin.php; or the (4) subscriber, (5) contributor, (6) author, (7) editor, (8) admin, or (9) sadmin parameter in a load_users action to sam-ajax-admin.php.)
 CVE-2015-2755 (Multiple cross-site request forgery (CSRF) vulnerabilities in the AB Google Map Travel (AB-MAP) plugin before 4.0 for WordPress allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) lat (Latitude), (2) long (Longitude), (3) map_width, (4) map_height, or (5) zoom (Map Zoom) parameter in the ab_map_options page to wp-admin/admin.php.)
 CVE-2015-2317 (The utils.http.is_safe_url function in Django before 1.4.20, 1.5.x, 1.6.x before 1.6.11, 1.7.x before 1.7.7, and 1.8.x before 1.8c1 does not properly validate URLs, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a control character in a URL, as demonstrated by a \x08javascript: URL.)
 CVE-2015-2316 (The utils.html.strip_tags function in Django 1.6.x before 1.6.11, 1.7.x before 1.7.7, and 1.8.x before 1.8c1, when using certain versions of Python, allows remote attackers to cause a denial of service (infinite loop) by increasing the length of the input string.)
 CVE-2015-2295 (Cross-site request forgery (CSRF) vulnerability in system_firmware_restorefullbackup.php in the WebGUI in pfSense before 2.2.1 allows remote attackers to hijack the authentication of administrators for requests that delete arbitrary files via the deletefile parameter.)
 CVE-2015-2294 (Multiple cross-site scripting (XSS) vulnerabilities in the WebGUI in pfSense before 2.2.1 allow remote attackers to inject arbitrary web script or HTML via the (1) zone parameter to status_captiveportal.php; (2) if or (3) dragtable parameter to firewall_rules.php; (4) queue parameter in an add action to firewall_shaper.php; (5) id parameter in an edit action to services_unbound_acls.php; or (6) filterlogentries_time, (7) filterlogentries_sourceipaddress, (8) filterlogentries_sourceport, (9) filterlogentries_destinationipaddress, (10) filterlogentries_interfaces, (11) filterlogentries_destinationport, (12) filterlogentries_protocolflags, or (13) filterlogentries_qty parameter to diag_logs_filter.php.)
 CVE-2015-2210
 CVE-2015-0278 (libuv before 0.10.34 does not properly drop group privileges, which allows context-dependent attackers to gain privileges via unspecified vectors.)
 CVE-2014-4165 (Cross-site scripting (XSS) vulnerability in ntop allows remote attackers to inject arbitrary web script or HTML via the title parameter in a list action to plugins/rrdPlugin.)
 CVE-2010-5312 (Cross-site scripting (XSS) vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title option.)
Оригинальный текстdocumentjoelvarghese7_(at)_gmail.com, Pligg CMS 2.0.2 - Stored XSS (11.05.2015)
 documentHigh-Tech Bridge Security Research, Arbitrary file deletion and multiple XSS vulnerabilities in pfSense (11.05.2015)
 documentUBUNTU, [USN-2539-1] Django vulnerabilities (11.05.2015)
 documentFilippo Cavallarin, DokuWiki persistent Cross Site Scripting (11.05.2015)
 documentkingkaustubh_(at)_me.com, Reflected XSS Vulnerability in XSS In Manage Engine Device Expert (11.05.2015)
 documentkingkaustubh_(at)_me.com, Stored XSS Vulnerability In Manage Engine Device Expert (11.05.2015)
 documentkingkaustubh_(at)_me.com, CSRF to add admin user Vulnerability In Manage Engine Device Expert (11.05.2015)
 documentkingkaustubh_(at)_me.com, Cross-Site Request Forgery (CSRF) Vulnerability in ManageEngine Network Configuration (11.05.2015)
 documentDEBIAN, [SECURITY] [DSA 3200-1] drupal7 security update (11.05.2015)
 documentBHG Security Center, vBulletin 4.x.x 'visitormessage.php' Remote Code Injection Vulnerability (11.05.2015)
 documentSteevee a.k.a Stefanus, Instant v2.0 SQL Injection Vulnerability (11.05.2015)
 documentLuca Ercoli, Remote File Upload Vulnerability in WordPress Ultimate Product Catalogue Plugin (11.05.2015)
 documentapparitionsec_(at)_gmail.com, CSRF & XSS Wing FTP Server Admin <= v4.4.5 (11.05.2015)
 documentMANDRIVA, [ MDVSA-2015:216 ] ntop (11.05.2015)
 documentmatthias.deeg_(at)_syss.de, [SYSS-2014-007] FrontRange DSM - Multiple Vulnerabilities (11.05.2015)
 documentwebmaster_(at)_josephzeng.com, Code Injection in Epicor Retail Store 3.2.03.01.008 (11.05.2015)
 documentDEBIAN, [SECURITY] [DSA 3249-1] jqueryui security update (11.05.2015)
 documentMANDRIVA, [ MDVSA-2015:228 ] nodejs (11.05.2015)
 documentVulnerability Lab, TORNADO Computer Trading CMS - SQL Injection Vulnerability (11.05.2015)
 documentkingkaustubh_(at)_me.com, CSRF/XSS In Manage Engine Asset Explorer (11.05.2015)
 documentPeter Lapp, Alienvault OSSIM/USM Multiple Vulnerabilities (11.05.2015)
 documentkingkaustubh_(at)_me.com, CSRF/Stored XSS Vulnerability in AB Google Map Travel (AB-MAP) Wordpress Plugin (11.05.2015)
 documentkingkaustubh_(at)_me.com, CVE-2015-2755 WordPress AB Google Map Travel CSRF / XSS (11.05.2015)
 documentitas.team_(at)_itas.vn, Wordpress plugin Simple Ads Manager - Arbitrary File Upload (11.05.2015)
 documentitas.team_(at)_itas.vn, Wordpress plugin Simple Ads Manager - Multiple SQL Injection (11.05.2015)
 documentitas.team_(at)_itas.vn, Wordpress plugin Simple Ads Manager - SQL Injection (11.05.2015)
 documentlarry0_(at)_me.com, Remote file upload vulnerability in videowhisper-video-conference-integration wordpress plugin v4.91.8 (11.05.2015)
 documentlarry0_(at)_me.com, Remote file upload vulnerability in wordpress plugin videowhisper-video-presentation v3.31.17 (11.05.2015)
 documentkingkaustubh_(at)_me.com, Wordpress WP Statistics persistent cross site scripting (11.05.2015)
 documentkumarrohit2255_(at)_gmail.com, Stored Cross Site Scripting Vulnerability in Add Link to Facebook WordPress Plugin (11.05.2015)
 documentJouko Pynnonen, WordPress 4.2 stored XSS (11.05.2015)
 documentDEBIAN, [SECURITY] [DSA 3250-1] wordpress security update (11.05.2015)
 documentHigh-Tech Bridge Security Research, Multiple Vulnerabilities in TheCartPress WordPress plugin (11.05.2015)
 documentHigh-Tech Bridge Security Research, Arbitrary Variable Overwrite in eShop WordPress Plugin (11.05.2015)
 documentkingkaustubh_(at)_me.com, CSRF/XSS In Embed ArticlesWordpress Plugin (11.05.2015)
 documentkingkaustubh_(at)_me.com, CSRF/XSSIn Ad_InSerter Wordpress (11.05.2015)
 documentkingkaustubh_(at)_me.com, CSRF/XSS In ClickBank ads Wordpress Plugin (11.05.2015)
 documentkingkaustubh_(at)_me.com, CSRF/XSS In Ultimate Profile Builder by CMSLive Wordpress Plugin (11.05.2015)
 documentOnur Yilmaz, Wordpress Twenty Fifteen Theme - DOM XSS Vulnerability - CVE-2015-3429 (11.05.2015)
 documentkingkaustubh_(at)_me.com, CSRF/XSS In Ad_Button Wordpress (11.05.2015)
 documentkingkaustubh_(at)_me.com, CSRF/XSS in embed-articles Wordpress Plugin (11.05.2015)
 documentVulnerability Lab, Pimcore v3.0.5 CMS - Multiple Web Vulnerabilities (11.05.2015)
 documentapparitionsec_(at)_gmail.com, Sqlbuddy Directory Traversal Read Arbitrary Files Vulnerability (11.05.2015)
 documenthyp3rlinx_(at)_altervista.org, Sqlbuddy Path Traversal Vulnerability (11.05.2015)

Уязвимости безопасности в Apache Tomcat
дополнено с 11 мая 2015 г.
Опубликовано:17 мая 2015 г.
Источник:
SecurityVulns ID:14462
Тип:библиотека
Уровень опасности:
5/10
Описание:Исчерпание ресурсов, обход ограничений.
Затронутые продукты:APACHE : Tomcat 8.0
CVE:CVE-2014-7810 (The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider the possibility of an accessible interface implemented by an inaccessible class, which allows attackers to bypass a SecurityManager protection mechanism via a web application that leverages use of incorrect privileges during EL evaluation.)
 CVE-2014-0230 (Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle cases where an HTTP response occurs before finishing the reading of an entire request body, which allows remote attackers to cause a denial of service (memory consumption) via a series of aborted upload attempts.)
Оригинальный текстdocumentAPACHE, [SECURITY] CVE-2014-7810: Apache Tomcat Security Manager Bypass (17.05.2015)
 documentAPACHE, [SECURITY] CVE-2014-0230: Apache Tomcat DoS (11.05.2015)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород