Информационная безопасность
[RU] switch to English


Многочисленные уязвимости безопасности в IP-камерах TRENDnet / Digicom / iPUX / ZoneNet / AirLink101
Опубликовано:11 июня 2011 г.
Источник:
SecurityVulns ID:11724
Тип:удаленная
Уровень опасности:
5/10
Описание:Недокументированная учетная запись productmaker:ftvsbannedcode имеет доступ к веб-интрефейсу, различные уязвимости позволяют получить полный административный доступ.
Оригинальный текстdocumentroberto.paleari_(at)_emaze.net, Multiple vulnerabilities in several IP camera products (11.06.2011)

Многочисленные уязвимости безопасности в Novell iPrint
Опубликовано:11 июня 2011 г.
Источник:
SecurityVulns ID:11725
Тип:клиент
Уровень опасности:
6/10
Описание:Выполнение кода через URI и куки op-printer-list-all-jobs, многочисленные выполнения кода через ActiveX.
Затронутые продукты:NOVELL : iPrint Client 5.63
CVE:CVE-2011-1708 (Stack-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted op-printer-list-all-jobs cookie.)
 CVE-2011-1707 (Stack-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted op-printer-list-all-jobs parameter in a printer-url.)
 CVE-2011-1706 (Stack-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted iprint-client-config-info parameter in a printer-url.)
 CVE-2011-1705 (Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted client-file-name parameter in a printer-url.)
 CVE-2011-1704 (Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted core-package parameter in a printer-url.)
 CVE-2011-1703 (Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted driver-version parameter in a printer-url.)
 CVE-2011-1702 (Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted file-date-time parameter in a printer-url.)
 CVE-2011-1701 (Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted profile-name parameter in a printer-url.)
 CVE-2011-1700 (Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted profile-time parameter in a printer-url.)
 CVE-2011-1699 (Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted uri parameter in a printer-url.)
Оригинальный текстdocumentZDI, ZDI-11-172: Novell iPrint nipplib.dll uri Remote Code Execution Vulnerability (11.06.2011)
 documentZDI, ZDI-11-173: Novell iPrint nipplib.dll profile-time Remote Code Execution Vulnerability (11.06.2011)
 documentZDI, ZDI-11-174: Novell iPrint nipplib.dll profile-name Remote Code Execution Vulnerability (11.06.2011)
 documentZDI, ZDI-11-175: Novell iPrint nipplib.dll file-date-time Remote Code Execution Vulnerability (11.06.2011)
 documentZDI, ZDI-11-176: Novell iPrint nipplib.dll driver-version Remote Code Vulnerability (11.06.2011)
 documentZDI, ZDI-11-177: Novell iPrint nipplib.dll core-package Remote Code Execution Vulnerability (11.06.2011)
 documentZDI, ZDI-11-178: Novell iPrint nipplib.dll client-file-name Remote Code Execution Vulnerability (11.06.2011)
 documentZDI, ZDI-11-179: Novell iPrint nipplib.dll iprint-client-config-info Remote Code Execution Vulnerability (11.06.2011)
 documentZDI, ZDI-11-180: Novell iPrint op-printer-list-all-jobs cookie Remote Code Execution Vulnerability (11.06.2011)
 documentZDI, ZDI-11-181: Novell iPrint op-printer-list-all-jobs url Remote Code Execution Vulnerability (11.06.2011)

Повышение привилегий в OProfile
Опубликовано:11 июня 2011 г.
Источник:
SecurityVulns ID:11726
Тип:локальная
Уровень опасности:
4/10
Описание:Повышение привилегий через opcontrol
Затронутые продукты:OPROFILE : OProfile 0.9
CVE:CVE-2011-1760 (utils/opcontrol in OProfile 0.9.6 and earlier might allow local users to conduct eval injection attacks and gain privileges via shell metacharacters in the -e argument.)
Оригинальный текстdocumentDEBIAN, [SECURITY] [DSA 2254-1] oprofile security update (11.06.2011)

Повреждение памяти в ActiveX VMWare VirtualCenter
Опубликовано:11 июня 2011 г.
Источник:
SecurityVulns ID:11728
Тип:клиент
Уровень опасности:
5/10
Описание:Повреждение памяти в ActiveX Tom Sawyer's Default GET Extension Factory.
Затронутые продукты:VMWARE : VMWare VirtualCenter 2.5
CVE:CVE-2011-2217 (Certain ActiveX controls in (1) tsgetxu71ex552.dll and (2) tsgetx71ex552.dll in Tom Sawyer GET Extension Factory 5.5.2.237, as used in VI Client (aka VMware Infrastructure Client) 2.0.2 before Build 230598 and 2.5 before Build 204931 in VMware Infrastructure 3, do not properly handle attempted initialization within Internet Explorer, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted HTML document.)
Оригинальный текстdocumentIDEFENSE, iDefense Security Advisory 05.03.11: Tom Sawyer GET Extension Factory COM Object Instantiation Memory Corruption Vulnerability (11.06.2011)

Повышение привилегий в VMWare Tools
дополнено с 11 июня 2011 г.
Опубликовано:11 июня 2011 г.
Источник:
SecurityVulns ID:11727
Тип:локальная
Уровень опасности:
5/10
Описание:Повышение привилегйи через suid-утилиты vmware-user-suid-wrapper и mount.vmhgfs.
Затронутые продукты:VMWARE : VMware Workstation 7.1
 VMWARE : VMware Player 3.1
 VMWARE : VMware Fusion 3.1
 VMWARE : ESXi 4.1
 VMWARE : ESX 4.1
CVE:CVE-2011-2146 (mount.vmhgfs in the VMware Host Guest File System (HGFS) in VMware Workstation 7.1.x before 7.1.4, VMware Player 3.1.x before 3.1.4, VMware Fusion 3.1.x before 3.1.3, VMware ESXi 3.5 though 4.1, and VMware ESX 3.0.3 through 4.1 allows guest OS users to determine the existence of host OS files and directories via unspecified vectors.)
 CVE-2011-2145 (mount.vmhgfs in the VMware Host Guest File System (HGFS) in VMware Workstation 7.1.x before 7.1.4, VMware Player 3.1.x before 3.1.4, VMware Fusion 3.1.x before 3.1.3, VMware ESXi 3.5 though 4.1, and VMware ESX 3.0.3 through 4.1, when a Solaris or FreeBSD guest OS is used, allows guest OS users to modify arbitrary guest OS files via unspecified vectors, related to a "procedural error.")
 CVE-2011-1787 (Race condition in mount.vmhgfs in the VMware Host Guest File System (HGFS) in VMware Workstation 7.1.x before 7.1.4, VMware Player 3.1.x before 3.1.4, VMware Fusion 3.1.x before 3.1.3, VMware ESXi 3.5 though 4.1, and VMware ESX 3.0.3 through 4.1 allows guest OS users to gain privileges on the guest OS by mounting a filesystem on top of an arbitrary directory.)
Оригинальный текстdocumentVSR Advisories, VMware Tools Multiple Vulnerabilities (11.06.2011)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород