Информационная безопасность
[RU] switch to English


Раскрытие информации в Microsoft Exchange
дополнено с 15 сентября 2015 г.
Опубликовано:12 октября 2015 г.
Источник:
SecurityVulns ID:14691
Тип:удаленная
Уровень опасности:
5/10
Описание:Раскрытие и подмена информации, межсайтовый скриптинг.
Затронутые продукты:MICROSOFT : Exchange Server 2013
CVE:CVE-2015-2544 (Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) in Microsoft Exchange Server 2013 Cumulative Update 8 and 9 and SP1 allows remote attackers to inject arbitrary web script or HTML via a crafted e-mail message, aka "Exchange Spoofing Vulnerability.")
 CVE-2015-2543 (Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) in Microsoft Exchange Server 2013 Cumulative Update 8 and 9 allows remote attackers to inject arbitrary web script or HTML via a crafted e-mail message, aka "Exchange Spoofing Vulnerability.")
 CVE-2015-2505 (Outlook Web Access (OWA) in Microsoft Exchange Server 2013 Cumulative Update 8 and 9 and SP1 allows remote attackers to obtain sensitive stacktrace information via a crafted request, aka "Exchange Information Disclosure Vulnerability.")
Оригинальный текстdocumentMICROSOFT, Microsoft Exchange Information Disclosure (12.10.2015)
Файлы: Microsoft Security Bulletin MS15-103 - Important Vulnerabilities in Microsoft Exchange Server Could Allow Information Disclosure (3089250)

Раскрытие информации в HP 3PAR Service Processor SPOCC
Опубликовано:12 октября 2015 г.
Источник:
SecurityVulns ID:14716
Тип:удаленная
Уровень опасности:
5/10
Затронутые продукты:HP : 3PAR Service Processor SP 4.3
CVE:CVE-2015-5443 (HP 3PAR Service Processor SP 4.2.0.GA-29 (GA) SPOCC, SP 4.3.0.GA-17 (GA) SPOCC, and SP 4.3.0-GA-24 (MU1) SPOCC allows remote authenticated users to obtain sensitive information via unspecified vectors.)
Оригинальный текстdocumentHP, [security bulletin] HPSBST03502 rev.1 - HP 3PAR Service Processor (SP) SPOCC, Remote Disclosure of Information (12.10.2015)

Повышение привилегий в драйверах NVidia
Опубликовано:12 октября 2015 г.
Источник:
SecurityVulns ID:14717
Тип:локальная
Уровень опасности:
6/10
Описание:Повышение привилегий через IOCTL.
CVE:CVE-2015-5950 (The NVIDIA display driver R352 before 353.82 and R340 before 341.81 on Windows; R304 before 304.128, R340 before 340.93, and R352 before 352.41 on Linux; and R352 before 352.46 on GRID vGPU and vSGA allows local users to write to an arbitrary kernel memory location and consequently gain privileges via a crafted ioctl call.)
Оригинальный текстdocumentUBUNTU, [USN-2747-1] NVIDIA graphics drivers vulnerability (12.10.2015)

Многочисленные уязвимости безопасности в libvirt / qemu
Опубликовано:12 октября 2015 г.
Источник:
SecurityVulns ID:14718
Тип:библиотека
Уровень опасности:
6/10
Описание:DoS, повреждения памяти.
Затронутые продукты:QEMU : QEMU 2.4
CVE:CVE-2015-6855 (hw/ide/core.c in QEMU does not properly restrict the commands accepted by an ATAPI device, which allows guest users to cause a denial of service or possibly have unspecified other impact via certain IDE commands, as demonstrated by a WIN_READ_NATIVE_MAX command to an empty drive, which triggers a divide-by-zero error and instance crash.)
 CVE-2015-6815
 CVE-2015-5279 (Heap-based buffer overflow in the ne2000_receive function in hw/net/ne2000.c in QEMU before 2.4.0.1 allows guest OS users to cause a denial of service (instance crash) or possibly execute arbitrary code via vectors related to receiving packets.)
 CVE-2015-5278
 CVE-2015-5239
Оригинальный текстdocumentUBUNTU, [USN-2745-1] QEMU vulnerabilities (12.10.2015)

Многочисленные уязвимости безопасности в Wireshark
Опубликовано:12 октября 2015 г.
Источник:
SecurityVulns ID:14719
Тип:удаленная
Уровень опасности:
5/10
Описание:Многочисленные уязвимости в диссекторах различных протоколов.
Затронутые продукты:WIRESHARK : Wireshark 1.12
CVE:CVE-2015-6249 (The dissect_wccp2r1_address_table_info function in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.12.x before 1.12.7 does not prevent the conflicting use of a table for both IPv4 and IPv6 addresses, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.)
 CVE-2015-6248 (The ptvcursor_add function in the ptvcursor implementation in epan/proto.c in Wireshark 1.12.x before 1.12.7 does not check whether the expected amount of data is available, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.)
 CVE-2015-6247 (The dissect_openflow_tablemod_v5 function in epan/dissectors/packet-openflow_v5.c in the OpenFlow dissector in Wireshark 1.12.x before 1.12.7 does not validate a certain offset value, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.)
 CVE-2015-6246 (The dissect_wa_payload function in epan/dissectors/packet-waveagent.c in the WaveAgent dissector in Wireshark 1.12.x before 1.12.7 mishandles large tag values, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.)
 CVE-2015-6245 (epan/dissectors/packet-gsm_rlcmac.c in the GSM RLC/MAC dissector in Wireshark 1.12.x before 1.12.7 uses incorrect integer data types, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.)
 CVE-2015-6244 (The dissect_zbee_secure function in epan/dissectors/packet-zbee-security.c in the ZigBee dissector in Wireshark 1.12.x before 1.12.7 improperly relies on length fields contained in packet data, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.)
 CVE-2015-6243 (The dissector-table implementation in epan/packet.c in Wireshark 1.12.x before 1.12.7 mishandles table searches for empty strings, which allows remote attackers to cause a denial of service (application crash) via a crafted packet, related to the (1) dissector_get_string_handle and (2) dissector_get_default_string_handle functions.)
 CVE-2015-6242 (The wmem_block_split_free_chunk function in epan/wmem/wmem_allocator_block.c in the wmem block allocator in the memory manager in Wireshark 1.12.x before 1.12.7 does not properly consider a certain case of multiple realloc operations that restore a memory chunk to its original size, which allows remote attackers to cause a denial of service (incorrect free operation and application crash) via a crafted packet.)
 CVE-2015-6241 (The proto_tree_add_bytes_item function in epan/proto.c in the protocol-tree implementation in Wireshark 1.12.x before 1.12.7 does not properly terminate a data structure after a failure to locate a number within a string, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.)
Оригинальный текстdocumentDEBIAN, [SECURITY] [DSA 3367-1] wireshark security update (12.10.2015)

Повышение привилегий в Cisco AnyConnect
Опубликовано:12 октября 2015 г.
Источник:
SecurityVulns ID:14721
Тип:локальная
Уровень опасности:
5/10
Описание:Повышение привилегий через DLL и файлы DMG.
Затронутые продукты:CISCO : AnyConnect Secure Mobility Client 4.1
CVE:CVE-2015-6306 (Cisco AnyConnect Secure Mobility Client 4.1(8) on OS X and Linux does not verify pathnames before installation actions, which allows local users to obtain root privileges via a crafted installation file, aka Bug ID CSCuv11947.)
 CVE-2015-6305 (Untrusted search path vulnerability in the CMainThread::launchDownloader function in vpndownloader.exe in Cisco AnyConnect Secure Mobility Client 2.0 through 4.1 on Windows allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by dbghelp.dll, aka Bug ID CSCuv01279. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-4211.)
Оригинальный текстdocumentSecurify B.V., Cisco AnyConnect elevation of privileges via DLL side loading (12.10.2015)
 documentSecurify B.V., Cisco AnyConnect elevation of privileges via DMG install script (12.10.2015)

Многочисленные уязвимости безопасности в Cisco IOS / Cisco IOS XE
Опубликовано:12 октября 2015 г.
Источник:
SecurityVulns ID:14722
Тип:удаленная
Уровень опасности:
8/10
Описание:Обход аутентификации, DoS.
Затронутые продукты:CISCO : IOS XE 3.15
 CISCO : IOS 15.5
CVE:CVE-2015-6282 (Cisco IOS XE 2.x and 3.x before 3.10.6S, 3.11.xS through 3.13.xS before 3.13.3S, and 3.14.xS through 3.15.xS before 3.15.1S allows remote attackers to cause a denial of service (device reload) via IPv4 packets that require NAT and MPLS actions, aka Bug ID CSCut96933.)
 CVE-2015-6280 (The SSHv2 functionality in Cisco IOS 15.2, 15.3, 15.4, and 15.5 and IOS XE 3.6E before 3.6.3E, 3.7E before 3.7.1E, 3.10S before 3.10.6S, 3.11S before 3.11.4S, 3.12S before 3.12.3S, 3.13S before 3.13.3S, and 3.14S before 3.14.1S does not properly implement RSA authentication, which allows remote attackers to obtain login access by leveraging knowledge of a username and the associated public key, aka Bug ID CSCus73013.)
 CVE-2015-6279 (The IPv6 snooping functionality in the first-hop security subsystem in Cisco IOS 12.2, 15.0, 15.1, 15.2, 15.3, 15.4, and 15.5 and IOS XE 3.2SE, 3.3SE, 3.3XO, 3.4SG, 3.5E, and 3.6E before 3.6.3E; 3.7E before 3.7.2E; 3.9S and 3.10S before 3.10.6S; 3.11S before 3.11.4S; 3.12S and 3.13S before 3.13.3S; and 3.14S before 3.14.2S allows remote attackers to cause a denial of service (device reload) via a malformed ND packet with the Cryptographically Generated Address (CGA) option, aka Bug ID CSCuo04400.)
 CVE-2015-6278 (The IPv6 snooping functionality in the first-hop security subsystem in Cisco IOS 12.2, 15.0, 15.1, 15.2, 15.3, 15.4, and 15.5 and IOS XE 3.2SE, 3.3SE, 3.3XO, 3.4SG, 3.5E, and 3.6E before 3.6.3E; 3.7E before 3.7.2E; 3.9S and 3.10S before 3.10.6S; 3.11S before 3.11.4S; 3.12S and 3.13S before 3.13.3S; and 3.14S before 3.14.2S does not properly implement the Control Plane Protection (aka CPPr) feature, which allows remote attackers to cause a denial of service (device reload) via a flood of ND packets, aka Bug ID CSCus19794.)
Файлы:Cisco Security Advisory Cisco IOS and IOS XE Software IPv6 First Hop Security Denial of Service Vulnerabilities
 Cisco Security Advisory Cisco IOS and IOS XE Software SSH Version 2 RSA-Based User Authentication Bypass Vulnerability
 Cisco Security Advisory Cisco IOS XE Software Network Address Translation Denial of Service Vulnerability

DoS против Cisco TelePresence Server
Опубликовано:12 октября 2015 г.
Источник:
SecurityVulns ID:14723
Тип:удаленная
Уровень опасности:
5/10
Описание:Переполнение буфера в API Conference Control Protocol.
Затронутые продукты:CISCO : TelePresence Server 4.1
CVE:CVE-2015-6284 (Buffer overflow in the Conference Control Protocol API implementation in Cisco TelePresence Server software before 4.1(2.33) on 7010, MSE 8710, Multiparty Media 310 and 320, and Virtual Machine devices allows remote attackers to cause a denial of service (device crash) via a crafted URL, aka Bug ID CSCuu28277.)
Файлы:Cisco Security Advisory Cisco TelePresence Server Denial of Service Vulnerability

Многочисленные уязвимости безопасности в Cisco Prime
Опубликовано:12 октября 2015 г.
Источник:
SecurityVulns ID:14724
Тип:удаленная
Уровень опасности:
6/10
Описание:Обход ограничений, повышение привилегий, раскрытие информации.
Затронутые продукты:CISCO : Cisco Prime Collaboration Assurance 10.5
CVE:CVE-2015-6259 (The JavaServer Pages (JSP) component in Cisco Integrated Management Controller (IMC) Supervisor before 1.0.0.1 and UCS Director (formerly Cloupia Unified Infrastructure Controller) before 5.2.0.1 allows remote attackers to write to arbitrary files via crafted HTTP requests, aka Bug IDs CSCus36435 and CSCus62625.)
 CVE-2015-4307 (The web framework in Cisco Prime Collaboration Provisioning before 11.0 allows remote authenticated users to bypass intended access restrictions and create administrative accounts via a crafted URL, aka Bug ID CSCut64111.)
 CVE-2015-4306 (The web framework in Cisco Prime Collaboration Assurance before 10.5.1.53684-1 allows remote authenticated users to bypass intended login-session read restrictions, and impersonate administrators of arbitrary tenant domains, by discovering a session identifier and constructing a crafted URL, aka Bug IDs CSCus88343 and CSCus88334.)
 CVE-2015-4305 (The web framework in Cisco Prime Collaboration Assurance before 10.5.1.53684-1 allows remote authenticated users to bypass intended system-database read restrictions, and discover credentials or SNMP communities for arbitrary tenant domains, via a crafted URL, aka Bug ID CSCus62656.)
 CVE-2015-4304 (The web framework in Cisco Prime Collaboration Assurance before 10.5.1.53684-1 allows remote authenticated users to bypass intended access restrictions, and create administrative accounts or read data from arbitrary tenant domains, via a crafted URL, aka Bug IDs CSCus62671 and CSCus62652.)
Файлы:Cisco Security Advisory Multiple Vulnerabilities in Cisco Prime Collaboration Assurance
 Cisco Security Advisory Cisco Integrated Management Controller Supervisor and Cisco UCS Director Remote File Overwrite Vulnerability
 Cisco Security Advisory Cisco Prime Collaboration Provisioning Web Framework Access Controls Bypass Vulnerability

Повышение привилегий в Unity Settings Daemon
Опубликовано:12 октября 2015 г.
Источник:
SecurityVulns ID:14725
Тип:локальная
Уровень опасности:
5/10
Описание:Доступ к сессии пользователя.
Затронутые продукты:UBUNTU : Unity Settings Daemon 14.04
CVE:CVE-2015-1319 (The Unity Settings Daemon before 14.04.0+14.04.20150825-0ubuntu2 and 15.04.x before 15.04.1+15.04.20150408-0ubuntu1.2 does not properly detect if the screen is locked, which allows physically proximate attackers to mount removable media while the screen is locked as demonstrated by inserting a USB thumb drive.)
Оригинальный текстdocumentUBUNTU, [USN-2741-1] Unity Settings Daemon vulnerability (12.10.2015)

Обход аутентификации в Tripwire IP360
Опубликовано:12 октября 2015 г.
Источник:
SecurityVulns ID:14726
Тип:удаленная
Уровень опасности:
5/10
Описание:Обход аутентификации, повышение привилегий.
Затронутые продукты:TRIPWIRE : Tripwire IP360 VnE
CVE:CVE-2015-6237
Оригинальный текстdocumentSpecto, CVE-2015-6237 - Tripwire IP360 VnE Remote Administrative API Authentication Bypass/Privilege Acquisition Vulnerability (12.10.2015)

Переполнение буфера в FreeSWITCH
Опубликовано:12 октября 2015 г.
Источник:
SecurityVulns ID:14727
Тип:библиотека
Уровень опасности:
6/10
Описание:Переполнение буфера при разборе JSON.
Затронутые продукты:FREESWITCH : freeswitch 1.6
CVE:CVE-2015-7392 (Heap-based buffer overflow in the parse_string function in libs/esl/src/esl_json.c in FreeSWITCH before 1.4.23 and 1.6.x before 1.6.2 allows remote attackers to execute arbitrary code via a trailing \u in a json string to cJSON_Parse.)
Оригинальный текстdocumentMarcello Duarte, CVE-2015-7392 Heap overflow in Freeswitch json parser < 1.6.2 & < 1.4.23 (12.10.2015)

Многочисленные уязвимости безопасности в EMC RSA Archer GRC
Опубликовано:12 октября 2015 г.
Источник:
SecurityVulns ID:14728
Тип:удаленная
Уровень опасности:
5/10
Описание:Обход ограничений, межсайтовый скриптинг, раскрытие информации.
Затронутые продукты:EMC : RSA Archer GRC 5.5
CVE:CVE-2015-4543 (EMC RSA Archer GRC 5.x before 5.5.3 uses cleartext for stored passwords in unspecified circumstances, which allows remote authenticated users to obtain sensitive information by reading database fields.)
 CVE-2015-4542 (EMC RSA Archer GRC 5.x before 5.5.3 allows remote authenticated users to bypass intended access restrictions, and read or modify Discussion Forum Fields messages, via unspecified vectors.)
 CVE-2015-4541 (Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Archer GRC 5.x before 5.5.3 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.)
Оригинальный текстdocumentEMC, ESA-2015-142: RSA Archer® GRC Platform Multiple Vulnerabilities (12.10.2015)

Уязвимости безопасности в EMC RSA Web Threat Detection
Опубликовано:12 октября 2015 г.
Источник:
SecurityVulns ID:14729
Тип:удаленная
Уровень опасности:
5/10
Описание:Раскрытие информации, повышение привилегий.
Затронутые продукты:EMC : RSA Web Threat Detection 5.1
CVE:CVE-2015-4548 (EMC RSA Web Threat Detection before 5.1 SP1 allows local users to obtain root privileges by leveraging access to a service account and writing commands to a service configuration file.)
 CVE-2015-4547 (EMC RSA Web Threat Detection before 5.1 SP1 stores a cleartext AnnoDB password in a configuration file, which allows remote authenticated users to obtain sensitive information by reading this file.)
Оригинальный текстdocumentEMC, ESA-2015-152: RSA Web Threat Detection Multiple Vulnerabilities (12.10.2015)

Обратный путь в каталогах EMC RSA OneStep
Опубликовано:12 октября 2015 г.
Источник:
SecurityVulns ID:14730
Тип:удаленная
Уровень опасности:
5/10
Описание:Доступ к произвольным файлам.
Затронутые продукты:EMC : RSA OneStep 6.9
CVE:CVE-2015-4546 (Directory traversal vulnerability in EMC RSA OneStep 6.9 before build 559, as used in RSA Certificate Manager and RSA Registration Manager through 6.9 build 558 and other products, allows remote attackers to read arbitrary files via a crafted KCSOSC_ERROR_PAGE parameter.)
Оригинальный текстdocumentEMC, ESA-2015-151: RSA® OneStep Path Traversal Vulnerability (12.10.2015)

Уязвимостие безопасности в apport
дополнено с 12 октября 2015 г.
Опубликовано:2 ноября 2015 г.
Источник:
SecurityVulns ID:14720
Тип:локальная
Уровень опасности:
5/10
Описание:Проблема символьных и жестких линков в файлах журналов, повышение привилегий.
Затронутые продукты:APPORT : Apport 2.18
CVE:CVE-2015-1338 (kernel_crashdump in Apport before 2.19 allows local users to cause a denial of service (disk consumption) or possibly gain privileges via a (1) symlink or (2) hard link attack on /var/crash/vmcore.log.)
Оригинальный текстdocumentUBUNTU, [USN-2782-1] Apport vulnerability (02.11.2015)
 documentUBUNTU, [USN-2744-1] Apport vulnerability (12.10.2015)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород