Информационная безопасность
[RU] switch to English


Многочисленные уязвимости безопасности в Asterisk
Опубликовано:13 июня 2014 г.
Источник:
SecurityVulns ID:13817
Тип:удаленная
Уровень опасности:
7/10
Описание:DoS, обход ограничений, выполнение кода.
Затронутые продукты:ASTERISK : Asterisk 12.3
CVE:CVE-2014-4048 (The PJSIP Channel Driver in Asterisk Open Source before 12.3.1 allows remote attackers to cause a denial of service (deadlock) by terminating a subscription request before it is complete, which triggers a SIP transaction timeout.)
 CVE-2014-4047 (Asterisk Open Source 1.8.x before 1.8.28.1, 11.x before 11.10.1, and 12.x before 12.3.1 and Certified Asterisk 1.8.15 before 1.8.15-cert6 and 11.6 before 11.6-cert3 allows remote attackers to cause a denial of service (connection consumption) via a large number of (1) inactive or (2) incomplete HTTP connections.)
 CVE-2014-4046 (Asterisk Open Source 11.x before 11.10.1 and 12.x before 12.3.1 and Certified Asterisk 11.6 before 11.6-cert3 allows remote authenticated Manager users to execute arbitrary shell commands via a MixMonitor action.)
 CVE-2014-4045 (The Publish/Subscribe Framework in the PJSIP channel driver in Asterisk Open Source 12.x before 12.3.1, when sub_min_expiry is set to zero, allows remote attackers to cause a denial of service (assertion failure and crash) via an unsubscribe request when not subscribed to the device.)
Оригинальный текстdocumentASTERISK, AST-2014-008: Denial of Service in PJSIP Channel Driver Subscriptions (13.06.2014)
 documentASTERISK, AST-2014-007: Exhaustion of Allowed Concurrent HTTP Connections (13.06.2014)
 documentASTERISK, AST-2014-006: Asterisk Manager User Unauthorized Shell Access (13.06.2014)
 documentASTERISK, AST-2014-005: Remote Crash in PJSIP Channel Driver's Publish/Subscribe Framework (13.06.2014)

Недостаточная проверка сертификата в apt
Опубликовано:13 июня 2014 г.
Источник:
SecurityVulns ID:13818
Тип:m-i-t-m
Уровень опасности:
5/10
Описание:Недостаточная проверка сертификата на apt-get source
Затронутые продукты:APT : apt 1.0
CVE:CVE-2014-0478 (APT before 1.0.4 does not properly validate source packages, which allows man-in-the-middle attackers to download and install Trojan horse packages by removing the Release signature.)
Оригинальный текстdocumentDEBIAN, [SECURITY] [DSA 2958-1] apt security update (13.06.2014)

Уязвимости безопасности в VoIP-телефонах Yealink
Опубликовано:13 июня 2014 г.
Источник:
SecurityVulns ID:13819
Тип:удаленная
Уровень опасности:
4/10
Описание:Межсайтовый скриптинг, инъекция CRLF.
CVE:CVE-2014-3428 (Cross-site scripting (XSS) vulnerability in Yealink VoIP Phones with firmware 28.72.0.2 allows remote attackers to inject arbitrary web script or HTML via the model parameter to servlet.)
 CVE-2014-3427 (CRLF injection vulnerability in Yealink VoIP Phones with firmware 28.72.0.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the model parameter to servlet.)
Оригинальный текстdocumentjoquendo_(at)_e-fensive.net, CVE-2014-3427 CRLF Injection and CVE-2014-3428 XSS Injection in Yealink VoIP Phones (13.06.2014)

Многочисленные уязвимости безопасности в Mozilla Firefox / Thunderbird / Seamonkey
Опубликовано:13 июня 2014 г.
Источник:
SecurityVulns ID:13820
Тип:клиент
Уровень опасности:
7/10
Описание:Переполнение буфера, повреждения памяти, clickjacking.
Затронутые продукты:MOZILLA : nspr 4.10
 MOZILLA : Firefox 24.5
 MOZILLA : Firefox 29
 MOZILLA : Thunderbird 24.5
CVE:CVE-2014-1545 (Mozilla Netscape Portable Runtime (NSPR) before 4.10.6 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write) via vectors involving the sprintf and console functions.)
 CVE-2014-1543 (Multiple heap-based buffer overflows in the navigator.getGamepads function in the Gamepad API in Mozilla Firefox before 30.0 allow remote attackers to execute arbitrary code by using non-contiguous axes with a (1) physical or (2) virtual Gamepad device.)
 CVE-2014-1542 (Buffer overflow in the Speex resampler in the Web Audio subsystem in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code via vectors related to a crafted AudioBuffer channel count and sample rate.)
 CVE-2014-1541 (Use-after-free vulnerability in the RefreshDriverTimer::TickDriver function in the SMIL Animation Controller in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted web content.)
 CVE-2014-1540 (Use-after-free vulnerability in the nsEventListenerManager::CompileEventHandlerInternal function in the Event Listener Manager in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted web content.)
 CVE-2014-1539 (Mozilla Firefox before 30.0 and Thunderbird through 24.6 on OS X do not ensure visibility of the cursor after interaction with a Flash object and a DIV element, which makes it easier for remote attackers to conduct clickjacking attacks via JavaScript code that produces a fake cursor image.)
 CVE-2014-1538 (Use-after-free vulnerability in the nsTextEditRules::CreateMozBR function in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.)
 CVE-2014-1537 (Use-after-free vulnerability in the mozilla::dom::workers::WorkerPrivateParent function in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.)
 CVE-2014-1536 (The PropertyProvider::FindJustificationRange function in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.)
 CVE-2014-1534 (Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 30.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.)
 CVE-2014-1533 (Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.)
Файлы:Mozilla Foundation Security Advisory 2014-48
 Mozilla Foundation Security Advisory 2014-49
 Mozilla Foundation Security Advisory 2014-50
 Mozilla Foundation Security Advisory 2014-51
 Mozilla Foundation Security Advisory 2014-52
 Mozilla Foundation Security Advisory 2014-53
 Mozilla Foundation Security Advisory 2014-54
 Mozilla Foundation Security Advisory 2014-55

DoS против Cisco IOS XR
Опубликовано:13 июня 2014 г.
Источник:
SecurityVulns ID:13821
Тип:удаленная
Уровень опасности:
6/10
Описание:DoS через IPv6 пакет.
CVE:CVE-2014-2176 (Cisco IOS XR 4.1.2 through 5.1.1 on ASR 9000 devices, when a Trident-based line card is used, allows remote attackers to cause a denial of service (NP chip and line card reload) via malformed IPv6 packets, aka Bug ID CSCun71928.)
Файлы:Cisco IOS XR Software IPv6 Malformed Packet Denial of Service Vulnerability

Повышение привилегий в IBM AIX
Опубликовано:13 июня 2014 г.
Источник:
SecurityVulns ID:13822
Тип:локальная
Уровень опасности:
6/10
Описание:Небезопасная работа с файлами в libodm
Затронутые продукты:IBM : AIX 7.1
CVE:CVE-2014-3977 (libodm.a in IBM AIX 6.1 and 7.1, and VIOS 2.2.x, allows local users to overwrite arbitrary files via a symlink attack on a temporary file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-2179.)
Оригинальный текстdocumentadvisories_(at)_portcullis-security.com, CVE-2014-3977 - Privilege Escalation in IBM AIX (13.06.2014)

Выполнение кода в HP Service Virtualization
Опубликовано:13 июня 2014 г.
Источник:
SecurityVulns ID:13823
Тип:удаленная
Уровень опасности:
5/10
Описание:Выполнение кода через AutoPass License Server
Затронутые продукты:HP : HP Service Virtualization 3.50
CVE:CVE-2013-6221 (Directory traversal vulnerability in CommunicationServlet in HP Service Virtualization 3.x before 3.50.1, when the AutoPass license server is enabled, allows remote attackers to create arbitrary files and consequently execute arbitrary code via unspecified vectors, aka ZDI-CAN-2031.)
Оригинальный текстdocumentHP, [security bulletin] HPSBMU03045 rev.1 - HP Service Virtualization Running AutoPass License Server, Remote Code Execution (13.06.2014)

Переполнение буфера в miniupnpc
Опубликовано:13 июня 2014 г.
Источник:
SecurityVulns ID:13824
Тип:библиотека
Уровень опасности:
5/10
Описание:Знаково-беззнаковое преобразование приводит к переполнению буфера.
CVE:CVE-2014-3985 (The getHTTPResponse function in miniwget.c in MiniUPnP 1.9 allows remote attackers to cause a denial of service (crash) via crafted headers that trigger an out-of-bounds read.)
Оригинальный текстdocumentcve-assign_(at)_mitre.org, [oss-security] Re: CVE request: possible miniupnpc buffer overflow (13.06.2014)

Обратный путь в каталогах dpkg
Опубликовано:13 июня 2014 г.
Источник:
SecurityVulns ID:13825
Тип:удаленная
Уровень опасности:
6/10
Затронутые продукты:DPKG : dpkg-dev 1.3
CVE:CVE-2014-3865 (Multiple directory traversal vulnerabilities in dpkg-source in dpkg-dev 1.3.0 allow remote attackers to modify files outside of the intended directories via a source package with a crafted Index: pseudo-header in conjunction with (1) missing --- and +++ header lines or (2) a +++ header line with a blank pathname.)
 CVE-2014-3864 (Directory traversal vulnerability in dpkg-source in dpkg-dev 1.3.0 allows remote attackers to modify files outside of the intended directories via a crafted source package that lacks a --- header line.)
 CVE-2014-3127 (dpkg 1.15.9 on Debian squeeze introduces support for the "C-style encoded filenames" feature without recognizing that the squeeze patch program lacks this feature, which triggers an interaction error that allows remote attackers to conduct directory traversal attacks and modify files outside of the intended directories via a crafted source package. NOTE: this can be considered a release engineering problem in the effort to fix CVE-2014-0471.)
Оригинальный текстdocumentcve-assign_(at)_mitre.org, [oss-security] Re: CVE request: another path traversal in dpkg-source during unpack (13.06.2014)

DoS против Linux через аудит системных вызовов
Опубликовано:13 июня 2014 г.
Источник:
SecurityVulns ID:13816
Тип:локальная
Уровень опасности:
5/10
Описание:Отказ системы при вызове аудируемого вызова с большим числом.
CVE:CVE-2014-3917 (kernel/auditsc.c in the Linux kernel through 3.14.5, when CONFIG_AUDITSYSCALL is enabled with certain syscall rules, allows local users to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS) via a large value of a syscall number.)
Оригинальный текстdocumentAndy Lutomirski, [oss-security] CVE request: Linux kernel DoS with syscall auditing (13.06.2014)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород