Информационная безопасность
[RU] switch to English


Исчерпание ресурсов в glob() из libc
дополнено с 2 мая 2011 г.
Опубликовано:15 апреля 2013 г.
Источник:
SecurityVulns ID:11642
Тип:библиотека
Уровень опасности:
6/10
Описание:Возможно построить рекурсивный шаблон, приводящий к исчерпанию памяти.
Затронутые продукты:NETBSD : NetBSD 5.1
 PUREFTPD : Pure-FTPd 1.0
 FREEBSD : FreeBSD 9.1
CVE:CVE-2011-0418 (The glob implementation in Pure-FTPd before 1.0.32, and in libc in NetBSD 5.1, does not properly expand expressions containing curly brackets, which allows remote authenticated users to cause a denial of service (memory consumption) via a crafted FTP STAT command.)
 CVE-2011-0418 (The glob implementation in Pure-FTPd before 1.0.32, and in libc in NetBSD 5.1, does not properly expand expressions containing curly brackets, which allows remote authenticated users to cause a denial of service (memory consumption) via a crafted FTP STAT command.)
 CVE-2010-2632 (Unspecified vulnerability in the FTP Server in Oracle Solaris 8, 9, 10, and 11 Express allows remote attackers to affect availability, related to FTP.)
Оригинальный текстdocumentsubmit_(at)_cxsec.org, MacOSX 10.8.3 ftpd Remote Resource Exhaustion (15.04.2013)
 documentFREEBSD, FreeBSD Security Advisory FreeBSD-SA-13:02.libc (24.02.2013)
 documentmax_(at)_cxsecurity.com, FreeBSD 9.1 ftpd Remote Denial of Service (11.02.2013)
 documentMANDRIVA, [ MDVSA-2011:094 ] pure-ftpd (21.05.2011)
 documentMaksymilian Arciemowicz, Multiple Vendors libc/glob() GLOB_BRACE|GLOB_LIMIT memory exhaustion (02.05.2011)
Файлы:PoC for multiple vendors ftpd (libc/glob) resource exhaustion

Многочисленные уязвимости безопасности в Cisco IOS
дополнено с 1 апреля 2013 г.
Опубликовано:15 апреля 2013 г.
Источник:
SecurityVulns ID:12976
Тип:удаленная
Уровень опасности:
6/10
Описание:DoS через RSVP, DoS через IKE, DoS в реализации NAT, DoS в Smart Install, DoS в SPT, DoS в IP SLA, DoS в SIP.
Затронутые продукты:CISCO : IOS 12.2
 CISCO : IOS 12.3
 CISCO : IOS 12.4
 CISCO : IOS 15.0
 CISCO : IOS 15.1
 CISCO : IOS XE 3.1
 CISCO : IOS 15.2
 CISCO : IOS XE 3.3
 CISCO : IOS XE 3.2
 CISCO : IOS XE 3.4
 CISCO : IOS XE 3.5
 CISCO : IOS 15.5
 CISCO : IOS 15.3
 CISCO : IOS XE 3.6
 CISCO : IOS XE 3.7
CVE:CVE-2013-1167 (Cisco IOS XE 3.2 through 3.4 before 3.4.2S, and 3.5, on 1000 series Aggregation Services Routers (ASR), when bridge domain interface (BDI) is enabled, allows remote attackers to cause a denial of service (card reload) via packets that are not properly handled during the processing of encapsulation, aka Bug ID CSCtt11558.)
 CVE-2013-1166 (Cisco IOS XE 3.2 through 3.4 before 3.4.5S, and 3.5 through 3.7 before 3.7.1S, on 1000 series Aggregation Services Routers (ASR), when VRF-aware NAT and SIP ALG are enabled, allows remote attackers to cause a denial of service (card reload) by sending many SIP packets, aka Bug ID CSCuc65609.)
 CVE-2013-1165 (Cisco IOS XE 2.x and 3.x before 3.4.5S, and 3.5 through 3.7 before 3.7.1S, on 1000 series Aggregation Services Routers (ASR) allows remote attackers to cause a denial of service (card reload) by sending many crafted L2TP packets, aka Bug ID CSCtz23293.)
 CVE-2013-1164 (Cisco IOS XE 3.4 before 3.4.4S, 3.5, and 3.6 on 1000 series Aggregation Services Routers (ASR) does not properly implement the Cisco Multicast Leaf Recycle Elimination (MLRE) feature, which allows remote attackers to cause a denial of service (card reload) via fragmented IPv6 multicast packets, aka Bug ID CSCtz97563.)
 CVE-2013-1148 (The General Responder implementation in the IP Service Level Agreement (SLA) feature in Cisco IOS 15.2 and IOS XE 3.1.xS through 3.4.xS before 3.4.5S and 3.5.xS through 3.7.xS before 3.7.2S allows remote attackers to cause a denial of service (device reload) via crafted (1) IPv4 or (2) IPv6 IP SLA packets on UDP port 1167, aka Bug ID CSCuc72594.)
 CVE-2013-1147 (The Protocol Translation (PT) functionality in Cisco IOS 12.3 through 12.4 and 15.0 through 15.3, when one-step port-23 translation or a Telnet-to-PAD ruleset is configured, does not properly validate TCP connection information, which allows remote attackers to cause a denial of service (device reload) via an attempted connection to a PT resource, aka Bug ID CSCtz35999.)
 CVE-2013-1146 (The Smart Install client functionality in Cisco IOS 12.2 and 15.0 through 15.3 on Catalyst switches allows remote attackers to cause a denial of service (device reload) via crafted image list parameters in Smart Install packets, aka Bug ID CSCub55790.)
 CVE-2013-1145 (Memory leak in Cisco IOS 12.2, 12.4, 15.0, and 15.1, when Zone-Based Policy Firewall SIP application layer gateway inspection is enabled, allows remote attackers to cause a denial of service (memory consumption or device reload) via malformed SIP messages, aka Bug ID CSCtl99174.)
 CVE-2013-1144 (Memory leak in the IKEv1 implementation in Cisco IOS 15.1 allows remote attackers to cause a denial of service (memory consumption) via unspecified (1) IPv4 or (2) IPv6 IKE packets, aka Bug ID CSCth81055.)
 CVE-2013-1143 (The RSVP protocol implementation in Cisco IOS 12.2 and 15.0 through 15.2 and IOS XE 3.1.xS through 3.4.xS before 3.4.5S and 3.5.xS through 3.7.xS before 3.7.2S, when MPLS-TE is enabled, allows remote attackers to cause a denial of service (incorrect memory access and device reload) via a traffic engineering PATH message in an RSVP packet, aka Bug ID CSCtg39957.)
 CVE-2013-1142 (Race condition in the VRF-aware NAT feature in Cisco IOS 12.2 through 12.4 and 15.0 through 15.2 allows remote attackers to cause a denial of service (memory consumption) via IPv4 packets, aka Bug IDs CSCtg47129 and CSCtz96745.)
Файлы:Cisco IOS Software Internet Key Exchange Vulnerability
 Cisco IOS Software Resource Reservation Protocol Denial of Service Vulnerability
 Multiple Vulnerabilities in Cisco IOS XE Software for 1000 Series Aggregation Services Routers
 Cisco IOS Software Zone-Based Policy Firewall Session Initiation Protocol Inspection Denial of Service Vulnerability
 Cisco IOS Software IP Service Level Agreement Vulnerability
 Cisco IOS Software Protocol Translation Vulnerability
 Cisco IOS Software Smart Install Denial of Service Vulnerability
 Cisco IOS Software Network Address Translation Vulnerability

Многочисленные уязвимости безопасности в ядре Linux
дополнено с 2 апреля 2013 г.
Опубликовано:15 апреля 2013 г.
Источник:
SecurityVulns ID:12978
Тип:библиотека
Уровень опасности:
5/10
Описание:Обход защиты, DoS, переполнение буфера в драйверах nVidia, утечка информации.
Затронутые продукты:LINUX : kernel 3.8
CVE:CVE-2013-2548 (The crypto_report_one function in crypto/crypto_user.c in the report API in the crypto user configuration API in the Linux kernel through 3.8.2 uses an incorrect length value during a copy operation, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability.)
 CVE-2013-2547 (The crypto_report_one function in crypto/crypto_user.c in the report API in the crypto user configuration API in the Linux kernel through 3.8.2 does not initialize certain structure members, which allows local users to obtain sensitive information from kernel heap memory by leveraging the CAP_NET_ADMIN capability.)
 CVE-2013-2546 (The report API in the crypto user configuration API in the Linux kernel through 3.8.2 uses an incorrect C library function for copying strings, which allows local users to obtain sensitive information from kernel stack memory by leveraging the CAP_NET_ADMIN capability.)
 CVE-2013-1792 (Race condition in the install_user_keyrings function in security/keys/process_keys.c in the Linux kernel before 3.8.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) via crafted keyctl system calls that trigger keyring operations in simultaneous threads.)
 CVE-2013-1792 (Race condition in the install_user_keyrings function in security/keys/process_keys.c in the Linux kernel before 3.8.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) via crafted keyctl system calls that trigger keyring operations in simultaneous threads.)
 CVE-2013-1767 (Use-after-free vulnerability in the shmem_remount_fs function in mm/shmem.c in the Linux kernel before 3.7.10 allows local users to gain privileges or cause a denial of service (system crash) by remounting a tmpfs filesystem without specifying a required mpol (aka mempolicy) mount option.)
 CVE-2013-1767 (Use-after-free vulnerability in the shmem_remount_fs function in mm/shmem.c in the Linux kernel before 3.7.10 allows local users to gain privileges or cause a denial of service (system crash) by remounting a tmpfs filesystem without specifying a required mpol (aka mempolicy) mount option.)
 CVE-2013-0914 (The flush_signal_handlers function in kernel/signal.c in the Linux kernel before 3.8.4 preserves the value of the sa_restorer field across an exec operation, which makes it easier for local users to bypass the ASLR protection mechanism via a crafted application containing a sigaction system call.)
 CVE-2013-0914 (The flush_signal_handlers function in kernel/signal.c in the Linux kernel before 3.8.4 preserves the value of the sa_restorer field across an exec operation, which makes it easier for local users to bypass the ASLR protection mechanism via a crafted application containing a sigaction system call.)
 CVE-2013-0131 (Buffer overflow in the NVIDIA GPU driver before 304.88, 310.x before 310.44, and 313.x before 313.30 for the X Window System on UNIX, when NoScanout mode is enabled, allows remote authenticated users to execute arbitrary code via a large ARGB cursor.)
Оригинальный текстdocumentUBUNTU, [USN-1793-1] Linux kernel vulnerabilities (15.04.2013)
 documentUBUNTU, [USN-1799-1] NVIDIA graphics drivers vulnerability (15.04.2013)
 documentUBUNTU, [USN-1787-1] Linux kernel vulnerabilities (02.04.2013)

Уязвимости безопасности в Apache mod_security
Опубликовано:15 апреля 2013 г.
Источник:
SecurityVulns ID:13009
Тип:библиотека
Уровень опасности:
6/10
Описание:Доступ к локальным данным, исчерпание ресурсов.
Затронутые продукты:APACHE : mod_security 2.6
CVE:CVE-2013-1915 (ModSecurity before 2.7.3 allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via an XML external entity declaration in conjunction with an entity reference, aka an XML External Entity (XXE) vulnerability.)
Оригинальный текстdocumentDEBIAN, [SECURITY] [DSA 2659-1] libapache-mod-security security update (15.04.2013)

DoS против Microsoft Internet Explorer
Опубликовано:15 апреля 2013 г.
Источник:
SecurityVulns ID:13010
Тип:локальная
Уровень опасности:
4/10
Описание:Отказ при рекурсивном включении CSS.
Затронутые продукты:MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
Оригинальный текстdocumentMustLive, DoS vulnerability in Internet Explorer (access violation) (15.04.2013)

Уязвимости безопасности в Cisco Unified MeetingPlace Application Server
Опубликовано:15 апреля 2013 г.
Источник:
SecurityVulns ID:13012
Тип:удаленная
Уровень опасности:
6/10
Описание:Обход аутетнтификации, несанкционированный доступ.
Затронутые продукты:CISCO : Unified MeetingPlace Web Conferencing Server 7.1
 CISCO : Unified MeetingPlace Web Conferencing Server 8.0
 CISCO : Unified MeetingPlace Web Conferencing Server 8.5
CVE:CVE-2013-1169 (Cisco Unified MeetingPlace Web Conferencing Server 7.x before 7.1MR1 Patch 2, 8.0 before 8.0MR1 Patch 2, and 8.5 before 8.5MR3 Patch 1, when the Remember Me option is used, does not properly verify cookies, which allows remote attackers to impersonate users via a crafted login request, aka Bug ID CSCuc64846.)
 CVE-2013-1168 (The web server in Cisco Unified MeetingPlace Application Server 7.x before 7.1MR1 Patch 2, 8.0 before 8.0MR1 Patch 1, and 8.5 before 8.5MR3 Patch 1 does not invalidate a session upon a logout action, which makes it easier for remote attackers to hijack sessions by leveraging knowledge of a session cookie, aka Bug ID CSCuc64885.)
Файлы:Multiple Vulnerabilities in Cisco Unified MeetingPlace Solution

Учетная запись по умолчанию в Cisco Prime Network Control Systems
Опубликовано:15 апреля 2013 г.
Источник:
SecurityVulns ID:13013
Тип:удаленная
Уровень опасности:
6/10
Описание:Дефолтная учетная запись к базе данных.
Затронутые продукты:CISCO : Prime Network Control System 1.1
CVE:CVE-2013-1170 (The Cisco Prime Network Control System (NCS) appliance with software before 1.1.1.24 has a default password for the database user account, which makes it easier for remote attackers to change the configuration or cause a denial of service (service disruption) via unspecified vectors, aka Bug ID CSCtz30468.)
Файлы:Cisco Prime Network Control Systems Database Default Credentials Vulnerability

Слабые разрешения в Firefox для Android
Опубликовано:15 апреля 2013 г.
Источник:
SecurityVulns ID:13014
Тип:локальная
Уровень опасности:
3/10
Описание:Слабые разрешения на каталог app_tmp позволяют перезапись аддонов.
Затронутые продукты:MOZILLA : Firefox 19.0
CVE:CVE-2013-0798 (Mozilla Firefox before 20.0 on Android uses world-writable and world-readable permissions for the app_tmp installation directory in the local filesystem, which allows attackers to modify add-ons before installation via an application that leverages the time window during which app_tmp is used.)
Оригинальный текстdocumentsuzuki_(at)_foureenforty.jp, CVE-2013-0798 : World read and write access to app_tmp directory on Android (15.04.2013)

DoS против DartWebserver
Опубликовано:15 апреля 2013 г.
Источник:
SecurityVulns ID:13015
Тип:библиотека
Уровень опасности:
4/10
Описание:Обращение по нулевому указателю.
Затронутые продукты:DART : Dart Webserver 1.9
CVE:CVE-2012-5389
Оригинальный текстdocumentKen, [CVE-2012-5389] Null Pointer Derefence in Dart Webserver <= 1.9.2 (15.04.2013)

Многочисленные уязвимости безопасности в Cisco ASA / FWSM
дополнено с 15 апреля 2013 г.
Опубликовано:22 апреля 2013 г.
Источник:
SecurityVulns ID:13011
Тип:удаленная
Уровень опасности:
6/10
Описание:Многочисленные DoS-условия.
Затронутые продукты:CISCO : Cisco ASA 5500
 CISCO : Cisco ASA 1000V
CVE:CVE-2013-1194 (The ISAKMP implementation on Cisco Adaptive Security Appliances (ASA) devices generates different responses for IKE aggressive-mode messages depending on whether invalid VPN groups are specified, which allows remote attackers to enumerate groups via a series of messages, aka Bug ID CSCue73708.)
 CVE-2013-1155 (The auth-proxy functionality in Cisco Firewall Services Module (FWSM) software 3.1 and 3.2 before 3.2(20.1), 4.0 before 4.0(15.2), and 4.1 before 4.1(5.1) allows remote attackers to cause a denial of service (device reload) via a crafted URL, aka Bug ID CSCtg02624.)
 CVE-2013-1152 (Cisco Adaptive Security Appliances (ASA) devices with software 9.0 before 9.0(1.2) allow remote attackers to cause a denial of service (device reload) via a crafted field in a DNS message, aka Bug ID CSCuc80080.)
 CVE-2013-1151 (Cisco Adaptive Security Appliances (ASA) devices with software 7.x before 7.2(5.10), 8.0 before 8.0(5.31), 8.1 and 8.2 before 8.2(5.38), 8.3 before 8.3(2.37), 8.4 before 8.4(5), 8.5 before 8.5(1.17), 8.6 before 8.6(1.10), and 8.7 before 8.7(1.3) allow remote attackers to cause a denial of service (device reload) via a crafted certificate, aka Bug ID CSCuc72408.)
 CVE-2013-1150 (The authentication-proxy implementation on Cisco Adaptive Security Appliances (ASA) devices with software 7.x before 7.2(5.10), 8.0 before 8.0(5.31), 8.1 and 8.2 before 8.2(5.38), 8.3 before 8.3(2.37), 8.4 before 8.4(5.3), 8.5 and 8.6 before 8.6(1.10), 8.7 before 8.7(1.4), 9.0 before 9.0(1.1), and 9.1 before 9.1(1.2) allows remote attackers to cause a denial of service (device reload) via a crafted URL, aka Bug ID CSCud16590.)
 CVE-2013-1149 (Cisco Adaptive Security Appliances (ASA) devices with software 7.x before 7.2(5.10), 8.0 before 8.0(5.28), 8.1 and 8.2 before 8.2(5.35), 8.3 before 8.3(2.34), 8.4 before 8.4(4.11), 8.6 before 8.6(1.10), and 8.7 before 8.7(1.3), and Cisco Firewall Services Module (FWSM) software 3.1 and 3.2 before 3.2(24.1) and 4.0 and 4.1 before 4.1(11.1), allow remote attackers to cause a denial of service (device reload) via a crafted IKEv1 message, aka Bug IDs CSCub85692 and CSCud20267.)
Оригинальный текстdocumentTrustwave Advisories, TWSL2013-004: Group Name Enumeration Vulnerability in Cisco IKE Implementation (22.04.2013)
Файлы:Multiple Vulnerabilities in Cisco ASA Software
 Multiple Vulnerabilities in Cisco Firewall Services Module Software

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород