Информационная безопасность
[RU] switch to English


Cводка уязвимостей безопасности в Web-приложениях (PHP, ASP, JSP, CGI, Perl)
Опубликовано:13 октября 2013 г.
Источник:
SecurityVulns ID:13366
Тип:удаленная
Уровень опасности:
5/10
Описание:Инъекции PHP, инъекции SQL, обратный путь в каталогах, межсайтовый скриптинг, модификация файлов, утечка информации и т.д.
Затронутые продукты:UEBIMIAU : Uebimiau 2.7
 MP3PLAYER : mp3-player 2.5
 FLVPLAYER : flv-player 3.5
 WORDPRESS : Cart66 1.5
 FENGOFFICE : Feng Office 2.3
 BOLWIRE : BoltWire 3.5
 DRUPAL : drupal 6.27
 DRUPAL : drupal 7.18
CVE:CVE-2013-5978
 CVE-2013-5977 (Cross-site request forgery (CSRF) vulnerability in Cart66Product.php in the Cart66 Lite plugin before 1.5.1.15 for WordPress allows remote attackers to hijack the authentication of administrators for requests that (1) create or modify products or conduct cross-site scripting (XSS) attacks via the (2) Product name or (3) Price description field in a product save action via a request to wp-admin/admin.php.)
 CVE-2013-5744 (Cross-site scripting (XSS) vulnerability in Feng Office 2.3.2-rc and earlier allows remote attackers to inject arbitrary web script or HTML via an arbitrary ref_XXX parameter.)
 CVE-2013-2651 (Multiple cross-site scripting (XSS) vulnerabilities in BoltWire 3.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) "p" or (2) content parameter to index.php.)
 CVE-2013-2623
 CVE-2013-2622
 CVE-2013-2621
 CVE-2013-0245 (The printer friendly version functionality in the Book module in Drupal 6.x before 6.28 and 7.x before 7.19 does not properly restrict access to node that are part of a book outline, which allows remote authenticated users with the "access printer-friendly version" permission to read node titles and possibly node content via unspecified vectors.)
 CVE-2013-0244 (Cross-site scripting (XSS) vulnerability in Drupal 6.x before 6.28 and 7.x before 7.19, when running with older versions of jQuery that are vulnerable to CVE-2011-4969, allows remote attackers to inject arbitrary web script or HTML via vectors involving unspecified Javascript functions that are used to select DOM elements.)
 CVE-2012-5653 (The file upload feature in Drupal 6.x before 6.27 and 7.x before 7.18 allows remote authenticated users to bypass the protection mechanism and execute arbitrary PHP code via a null byte in a file name.)
 CVE-2012-5652 (Drupal 6.x before 6.27 allows remote attackers to obtain sensitive information about uploaded files via a (1) RSS feed or (2) search result.)
 CVE-2012-5651 (Drupal 6.x before 6.27 and 7.x before 7.18 displays information for blocked users, which might allow remote attackers to obtain sensitive information by reading the search results.)
 CVE-2012-0826 (Cross-site request forgery (CSRF) vulnerability in the Aggregator module in Drupal 6.x before 6.23 and 7.x before 7.11 allows remote attackers to hijack the authentication of unspecified victims for requests that update feeds and possibly cause a denial of service (loss of updates due to rate limit) via unspecified vectors.)
 CVE-2012-0825 (Drupal 6.x before 6.23 and 7.x before 7.11 does not verify that Attribute Exchange (AX) information is signed, which allows remote attackers to modify potentially sensitive AX information without detection via a man-in-the-middle (MITM) attack.)
Оригинальный текстdocumentDEBIAN, [SECURITY] [DSA 2776-1] drupal6 security update (13.10.2013)
 documentISecAuditors Security Advisories, [ISecAuditors Security Advisories] Multiple Reflected XSS vulnerabilities in BoltWire <= v3.5 (13.10.2013)
 documentISecAuditors Security Advisories, [ISecAuditors Security Advisories] Multiple Vulnerabilities in Uebimiau <= 2.7.11 (13.10.2013)
 documentHigh-Tech Bridge Security Research, Cross-Site Scripting (XSS) in Feng Office (13.10.2013)
 documentjsibley1_(at)_gmail.com, Wordpress Cart66 Plugin 1.5.1.14 Multiple Vulnerabilities (13.10.2013)
 documentMustLive, Multiple vulnerabilities in flv-player (13.10.2013)
 documentMustLive, Multiple vulnerabilities in mp3-player (13.10.2013)

Многочисленные уязвимости безопасности в Cisco ASA / FWSM
Опубликовано:13 октября 2013 г.
Источник:
SecurityVulns ID:13368
Тип:удаленная
Уровень опасности:
7/10
Описание:Повышение привилегий, обход аутентификации, DoS.
Затронутые продукты:CISCO : Cisco ASA 5500
 CISCO : Cisco ASA 1000V
CVE:CVE-2013-5515 (The Clientless SSL VPN feature in Cisco Adaptive Security Appliance (ASA) Software 8.x before 8.2(5.44), 8.3.x before 8.3(2.39), 8.4.x before 8.4(5.7), 8.6.x before 8.6(1.12), 9.0.x before 9.0(2.6), and 9.1.x before 9.1(1.7) allows remote attackers to cause a denial of service (device reload) via crafted HTTPS requests, aka Bug ID CSCua22709.)
 CVE-2013-5513 (Cisco Adaptive Security Appliance (ASA) Software 8.2.x before 8.2(5.46), 8.3.x before 8.3(2.39), 8.4.x before 8.4(7), 8.5.x before 8.5(1.18), 8.6.x before 8.6(1.12), 8.7.x before 8.7(1.7), 9.0.x before 9.0(3.3), and 9.1.x before 9.1(1.8), when the DNS ALPI engine is enabled for TCP, allows remote attackers to cause a denial of service (device reload) via crafted TCP DNS packets, aka Bug ID CSCug03975.)
 CVE-2013-5512 (Race condition in the HTTP Deep Packet Inspection (DPI) feature in Cisco Adaptive Security Appliance (ASA) Software 8.2.x before 8.2(5.46), 8.3.x before 8.3(2.39), 8.4.x before 8.4(5.5), 8.5.x before 8.5(1.18), 8.6.x before 8.6(1.12), 8.7.x before 8.7(1.4), 9.0.x before 9.0(1.4), and 9.1.x before 9.1(1.2), in certain conditions involving the spoof-server option or ActiveX or Java response inspection, allows remote attackers to cause a denial of service (device reload) via a crafted HTTP response, aka Bug ID CSCud37992.)
 CVE-2013-5511 (The Adaptive Security Device Management (ASDM) remote-management feature in Cisco Adaptive Security Appliance (ASA) Software 8.2.x before 8.2(5.46), 8.3.x before 8.3(2.39), 8.4.x before 8.4(6), 8.5.x before 8.5(1.18), 8.6.x before 8.6(1.12), 8.7.x before 8.7(1.7), 9.0.x before 9.0(3.1), and 9.1.x before 9.1(2.6) does not properly implement the authentication-certificate option, which allows remote attackers to bypass authentication via a TCP session to an ASDM interface, aka Bug ID CSCuh44815.)
 CVE-2013-5510 (The remote-access VPN implementation in Cisco Adaptive Security Appliance (ASA) Software 7.x before 7.2(5.12), 8.x before 8.2(5.46), 8.3.x before 8.3(2.39), 8.4.x before 8.4(6), 8.6.x before 8.6(1.12), 9.0.x before 9.0(3.1), and 9.1.x before 9.1(2.5), when an override-account-disable option is enabled, does not properly parse AAA LDAP responses, which allows remote attackers to bypass authentication via a VPN connection attempt, aka Bug ID CSCug83401.)
 CVE-2013-5509 (The SSL implementation in Cisco Adaptive Security Appliance (ASA) Software 9.0 before 9.0(2.6) and 9.1 before 9.1(2) allows remote attackers to bypass authentication, and obtain VPN access or administrative access, via a crafted X.509 client certificate, aka Bug ID CSCuf52468.)
 CVE-2013-5508 (The SQL*Net inspection engine in Cisco Adaptive Security Appliance (ASA) Software 7.x before 7.2(5.12), 8.x before 8.2(5.44), 8.3.x before 8.3(2.39), 8.4.x before 8.4(6), 8.5.x before 8.5(1.18), 8.6.x before 8.6(1.12), 8.7.x before 8.7(1.6), 9.0.x before 9.0(2.10), and 9.1.x before 9.1(2) and Firewall Services Module (FWSM) 3.1.x and 3.2.x before 3.2(27) and 4.x before 4.1(14) allows remote attackers to cause a denial of service (device reload) via crafted segmented Transparent Network Substrate (TNS) packets, aka Bug ID CSCub98434.)
 CVE-2013-5507 (The IPsec implementation in Cisco Adaptive Security Appliance (ASA) Software 9.1 before 9.1(1.7), when an IPsec VPN tunnel is enabled, allows remote attackers to cause a denial of service (device reload) via a (1) ICMP or (2) ICMPv6 packet that is improperly handled during decryption, aka Bug ID CSCue18975.)
 CVE-2013-5506 (The authorization functionality in Cisco Firewall Services Module (FWSM) 3.1.x and 3.2.x before 3.2(25) and 4.x before 4.1(13), when multiple-context mode is enabled, allows local users to read or modify any context's configuration via unspecified commands, aka Bug ID CSCue46080.)
 CVE-2013-3415 (Cisco Adaptive Security Appliance (ASA) Software 8.4.x before 8.4(3) and 8.6.x before 8.6(1.3) does not properly manage memory upon an AnyConnect SSL VPN client disconnection, which allows remote attackers to cause a denial of service (memory consumption, and forwarding outage or system hang) via packets to the disconnected machine's IP address, aka Bug ID CSCtt36737.)
Файлы:Multiple Vulnerabilities in Cisco Firewall Services Module Software
 Multiple Vulnerabilities in Cisco ASA Software

Обход аутентификации в torque
дополнено с 13 октября 2013 г.
Опубликовано:18 ноября 2013 г.
Источник:
SecurityVulns ID:13367
Тип:удаленная
Уровень опасности:
6/10
Описание:Возможно выполнить команду подключившись напрямую к порту pbs_mom. Проблема шел-символов.
Затронутые продукты:TORQUE : Terascale Open-Source Resource and Queue Manager 2.5
 TORQUE : Terascale Open-Source Resource and Queue Manager 4.0
CVE:CVE-2013-4495 (The send_the_mail function in server/svr_mail.c in Terascale Open-Source Resource and Queue Manager (aka TORQUE Resource Manager) before 4.2.6 allows remote attackers to execute arbitrary commands via shell metacharacters in the email (-M switch) to qsub.)
 CVE-2013-4319 (pbs_mom in Terascale Open-Source Resource and Queue Manager (aka TORQUE Resource Manager) 2.5.x, 4.x, and earlier does not properly restrict access by unprivileged ports, which allows remote authenticated users to execute arbitrary jobs by submitting a command.)
Оригинальный текстdocumentDEBIAN, [SECURITY] [DSA 2796-1] torque security update (18.11.2013)
 documentDEBIAN, [SECURITY] [DSA 2770-1] torque security update (13.10.2013)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород