Информационная безопасность
[RU] switch to English


Выполнение кода в HP Operations Agent
дополнено с 11 июля 2012 г.
Опубликовано:16 июля 2012 г.
Источник:
SecurityVulns ID:12467
Тип:удаленная
Уровень опасности:
5/10
Описание:Переполнение буфера в coda.exe при обработке HTTP GET запроса.
Затронутые продукты:HP : HP Operations Agent 11.03
CVE:CVE-2012-2020 (Unspecified vulnerability in HP Operations Agent before 11.03.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1326.)
 CVE-2012-2019 (Unspecified vulnerability in HP Operations Agent before 11.03.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1325.)
Оригинальный текстdocumentZDI, ZDI-12-115 : HP OpenView Performance Agent coda.exe Opcode 0x8C Remote Code Execution Vulnerability (16.07.2012)
 documentZDI, ZDI-12-114 : HP OpenView Performance Agent coda.exe Opcode 0x34 Remote Code Execution Vulnerability (16.07.2012)
 documentHP, [security bulletin] HPSBMU02796 SSRT100594 rev.1 - HP Operations Agent for AIX, HP-UX, Linux, Solaris and Windows, Remote Execution of Arbitrary Code (11.07.2012)

Многочисленные уязвимости безопасности в продуктах Cisco TelePresence
Опубликовано:16 июля 2012 г.
Источник:
SecurityVulns ID:12472
Тип:удаленная
Уровень опасности:
7/10
Описание:DoS, внедрение команд, выполнение кода.
Затронутые продукты:CISCO : TelePresence Recording Server before 1.8
 CISCO : TelePresence Immersive Endpoint Device 1.7
 CISCO : TelePresence Multipoint Switch 1.8
 CISCO : TelePresence Multipoint Switch 1.9
 CISCO : Cisco TelePresence Manager 1.8
 CISCO : TelePresence Immersive Endpoint Device 1.8
 CISCO : TelePresence Immersive Endpoint Device 1.9
CVE:CVE-2012-3076 (The administrative web interface on Cisco TelePresence Recording Server before 1.8.0 allows remote authenticated users to execute arbitrary commands via unspecified vectors, aka Bug ID CSCth85804.)
 CVE-2012-3075 (The administrative web interface on Cisco TelePresence Immersive Endpoint Devices before 1.7.4 allows remote authenticated users to execute arbitrary commands via a malformed request on TCP port 443, aka Bug ID CSCtn99724.)
 CVE-2012-3074 (An unspecified API on Cisco TelePresence Immersive Endpoint Devices before 1.9.1 allows remote attackers to execute arbitrary commands by leveraging certain adjacency and sending a malformed request on TCP port 61460, aka Bug ID CSCtz38382.)
 CVE-2012-3073 (The IP implementation on Cisco TelePresence Multipoint Switch before 1.8.1, Cisco TelePresence Manager before 1.9.0, and Cisco TelePresence Recording Server 1.8 and earlier allows remote attackers to cause a denial of service (networking outage or process crash) via (1) malformed IP packets, (2) a high rate of TCP connection requests, or (3) a high rate of TCP connection terminations, aka Bug IDs CSCti21830, CSCti21851, CSCtj19100, CSCtj19086, CSCtj19078, CSCty11219, CSCty11299, CSCty11323, and CSCty11338.)
 CVE-2012-2486 (The Cisco Discovery Protocol (CDP) implementation on Cisco TelePresence Multipoint Switch before 1.9.0, Cisco TelePresence Immersive Endpoint Devices before 1.9.1, Cisco TelePresence Manager before 1.9.0, and Cisco TelePresence Recording Server before 1.8.1 allows remote attackers to execute arbitrary code by leveraging certain adjacency and sending a malformed CDP packet, aka Bug IDs CSCtz40953, CSCtz40947, CSCtz40965, and CSCtz40953.)
Файлы:Cisco Security Advisory Multiple Vulnerabilities in Cisco TelePresence Recording Serve
 Cisco Security Advisory Multiple Vulnerabilities in Cisco TelePresence Immersive Endpoint Devices
 Cisco Security Advisory Multiple Vulnerabilities in Cisco TelePresence Multipoint Switch
 Cisco Security Advisory Multiple Vulnerabilities in Cisco TelePresence Manager

Несанкционированный доступ в EMC Celerra/VNX/VNXe
Опубликовано:16 июля 2012 г.
Источник:
SecurityVulns ID:12473
Тип:удаленная
Уровень опасности:
5/10
Описание:Проблемы с ограничением доступа через NFS.
Затронутые продукты:EMC : Celerra 6.0
 EMC : VNX 7.0
 EMC : VNXe MR1
 EMC : VNXe MR2
CVE:CVE-2012-2282 (EMC Celerra Network Server 6.x before 6.0.61.0, VNX 7.x before 7.0.53.2, and VNXe 2.0 and 2.1 before 2.1.3.19077 (aka MR1 SP3.2) and 2.2 before 2.2.0.19078 (aka MR2 SP0.2) do not properly implement NFS access control, which allows remote authenticated users to read or modify files via a (1) NFSv2, (2) NFSv3, or (3) NFSv4 request.)
Оригинальный текстdocumentEMC, ESA-2012-027: EMC Celerra/VNX/VNXe Improper Access Control Vulnerability (16.07.2012)

Многочисленные уязвимости безопасности в EMC RSA Authentication Manager
Опубликовано:16 июля 2012 г.
Источник:
SecurityVulns ID:12474
Тип:удаленная
Уровень опасности:
6/10
Описание:Межсайтовый скриптинг, перенаправление запросов.
CVE:CVE-2012-2280 (EMC RSA Authentication Manager 7.1 before SP4 P14 and RSA SecurID Appliance 3.0 before SP4 P14 do not properly use frames, which allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to a "Cross frame scripting vulnerability.")
 CVE-2012-2279 (Open redirect vulnerability in the Security Console in EMC RSA Authentication Manager 7.1 before SP4 P14 and RSA SecurID Appliance 3.0 before SP4 P14 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.)
 CVE-2012-2278 (Multiple cross-site scripting (XSS) vulnerabilities in the (1) Self-Service Console and (2) Security Console in EMC RSA Authentication Manager 7.1 before SP4 P14 and RSA SecurID Appliance 3.0 before SP4 P14 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.)
Оригинальный текстdocumentEMC, ESA-2012-023: RSA Authentication Manager Multiple Vulnerabilities (16.07.2012)

Кратковременные условия в automake
Опубликовано:16 июля 2012 г.
Источник:
SecurityVulns ID:12475
Тип:локальная
Уровень опасности:
4/10
Затронутые продукты:GNU : automake 1.11
CVE:CVE-2012-3386 (The "make distcheck" rule in GNU Automake before 1.11.6 and 1.12.x before 1.12.2 grants world-writable permissions to the extraction directory, which introduces a race condition that allows local users to execute arbitrary code via unspecified vectors.)
Оригинальный текстdocumentMANDRIVA, [ MDVSA-2012:103 ] automake (16.07.2012)

Многочисленные уязвимости безопасности в TPLink Gateway
Опубликовано:16 июля 2012 г.
Источник:
SecurityVulns ID:12477
Тип:удаленная
Уровень опасности:
4/10
Описание:Многочисленные уязвимости в веб-интерфейсе.
Затронутые продукты:TPLINK : TPLink Gateway 3.12
Оригинальный текстdocument[email protected], TP Link Gateway v3.12.4 - Multiple Web Vulnerabilities (16.07.2012)

Многочисленные уязвимости безопасности в AirDroid
Опубликовано:16 июля 2012 г.
Источник:
SecurityVulns ID:12478
Тип:удаленная
Уровень опасности:
5/10
Описание:Многочисленные криптографические проблемы.
Затронутые продукты:AIRDROID : AirDroid 1.0
CVE:CVE-2012-3888 (The login implementation in AirDroid 1.0.4 beta allows remote attackers to bypass a multiple-login protection mechanism by modifying a pass value within JSON data.)
 CVE-2012-3887 (AirDroid before 1.0.7 beta uses a cleartext base64 format for data transfer that is documented as an "Encrypted Transmission" feature, which allows remote attackers to obtain sensitive information by sniffing the local wireless network, as demonstrated by the SMS message content sent to the sdctl/sms/send/single/ URI.)
 CVE-2012-3886 (AirDroid 1.0.4 beta uses the MD5 algorithm for values in the checklogin key parameter and 7bb cookie, which makes it easier for remote attackers to obtain cleartext data by sniffing the local wireless network and then conducting a (1) brute-force attack or (2) rainbow-table attack.)
 CVE-2012-3885 (The default configuration of AirDroid 1.0.4 beta uses a four-character alphanumeric password, which makes it easier for remote attackers to obtain access via a brute-force attack.)
 CVE-2012-3884 (AirDroid 1.0.4 beta implements authentication through direct transmission of a password hash over HTTP, which makes it easier for remote attackers to obtain access by sniffing the local wireless network and then replaying the authentication data.)
Оригинальный текстdocumentKathrin Schaberle, security advisory: AirDroid 1.0.4 beta (16.07.2012)

Cводка уязвимостей безопасности в Web-приложениях (PHP, ASP, JSP, CGI, Perl)
Опубликовано:16 июля 2012 г.
Источник:
SecurityVulns ID:12480
Тип:удаленная
Уровень опасности:
5/10
Описание:Инъекции PHP, инъекции SQL, обратный путь в каталогах, межсайтовый скриптинг, модификация файлов, утечка информации и т.д.
Затронутые продукты:WORDPRESS : WordPress 2.0
 KAJONA : Kajona 3.4
 RESERVELOGIC : Reserve Logic 1.2
 EXTPLORER : extplorer 2.1
 MONO : mono 2.10
 AKISMET : Akismet 2.5
 GLPI : GLPI 0.83
 PUPPET : puppet 2.7
 PHONALISA : Phonalisa 5.0
CVE:CVE-2012-3867 (lib/puppet/ssl/certificate_authority.rb in Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, does not properly restrict the characters in the Common Name field of a Certificate Signing Request (CSR), which makes it easier for user-assisted remote attackers to trick administrators into signing a crafted agent certificate via ANSI control sequences.)
 CVE-2012-3866 (lib/puppet/defaults.rb in Puppet 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, uses 0644 permissions for last_run_report.yaml, which allows local users to obtain sensitive configuration information by leveraging access to the puppet master server to read this file.)
 CVE-2012-3865 (Directory traversal vulnerability in lib/puppet/reports/store.rb in Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, when Delete is enabled in auth.conf, allows remote authenticated users to delete arbitrary files on the puppet master server via a .. (dot dot) in a node name.)
 CVE-2012-3864 (Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, allows remote authenticated users to read arbitrary files on the puppet master server by leveraging an arbitrary user's certificate and private key in a GET request.)
 CVE-2012-3805 (Multiple cross-site scripting (XSS) vulnerabilities in the getAllPassedParams function in system/functions.php in Kajona before 3.4.2 allow remote attackers to inject arbitrary web script or HTML via the (1) absender_name, (2) absender_email, or (3) absender_nachricht parameter to the content page; (4) comment_name, (5) comment_subject, or (6) comment_message parameter to the postacomment module; (7) module parameter to index.php; (8) action parameter to the admin login page; (9) pv or (10) pe parameter in a list action to the user module; (11) user_username, (12) user_email, (13) user_forename, (14) user_name, (15) user_street, (16) user_postal, (17) user_city, (18) user_tel, or (19) user_mobil parameter in a newUser action to the user module; (20) group_name or (21) group_desc parameter in a groupNew action to the user module; (22) name, (23) browsername, (24) seostring, (25) keywords, or (26) folder_id parameter in a newPage action to the pages module; (27) element_name or (28) element_cachetime parameter)
 CVE-2012-3382 (Cross-site scripting (XSS) vulnerability in the ProcessRequest function in mcs/class/System.Web/System.Web/HttpForbiddenHandler.cs in Mono 2.10.8 and earlier allows remote attackers to inject arbitrary web script or HTML via a file with a crafted name and a forbidden extension, which is not properly handled in an error message.)
 CVE-2012-3362 (Cross-site request forgery (CSRF) vulnerability in eXtplorer 2.1 RC3 and earlier allows remote attackers to hijack the authentication of administrators for requests that add an administrator account via an adduser admin action.)
Оригинальный текстdocumentVulnerability Lab, Phonalisa v5.0 VoiP - Multiple Web Vulnerabilities (16.07.2012)
 documentUBUNTU, [USN-1506-1] Puppet vulnerabilities (16.07.2012)
 documentPrajal Kulkarni, Multiple CSRF Vulnerabilities in [GLPI Version 0.83.2] (16.07.2012)
 documentPrajal Kulkarni, Cross site scripting vulnerability found in GLPI 0.83.2 (16.07.2012)
 documentMustLive, XSS, Redirector and CSRF vulnerabilities in WordPress (16.07.2012)
 documentDEBIAN, [SECURITY] [DSA 2512-1] mono security update (16.07.2012)
 documentDEBIAN, [SECURITY] [DSA 2510-1] extplorer security update (16.07.2012)
 documentVulnerability Lab, PHP Jobsite v1.36 - Cross Site Scripting Vulnerabilities (16.07.2012)
 documentVulnerability Lab, Reserve Logic v1.2 Booking CMS - Multiple Vulnerabilities (16.07.2012)
 documentHigh-Tech Bridge Security Research, Multiple Cross-Site Scripting (XSS) in Kajona (16.07.2012)

Выполнение кода в Rhythmbox
Опубликовано:16 июля 2012 г.
Источник:
SecurityVulns ID:12481
Тип:локальная
Уровень опасности:
4/10
Затронутые продукты:RHYTHMBOX : Rhythmbox 2.96
CVE:CVE-2012-3355 ((1) AlbumTab.py, (2) ArtistTab.py, (3) LinksTab.py, and (4) LyricsTab.py in the Context module in GNOME Rhythmbox 0.13.3 and earlier allows local users to execute arbitrary code via a symlink attack on a temporary HTML template file in the /tmp/context directory.)
Оригинальный текстdocumentUBUNTU, [USN-1503-1] Rhythmbox vulnerability (16.07.2012)

многочисленные уязвимости безопасности в libexif / exif
дополнено с 16 июля 2012 г.
Опубликовано:23 июля 2012 г.
Источник:
SecurityVulns ID:12479
Тип:библиотека
Уровень опасности:
6/10
Описание:Переполнения буфера, целочисленные переполнения, DoS-условия.
CVE:CVE-2012-2845 (Integer overflow in the jpeg_data_load_data function in jpeg-data.c in libjpeg in exif 0.6.20 allows remote attackers to cause a denial of service (buffer over-read and application crash) or obtain potentially sensitive information via a crafted JPEG file.)
 CVE-2012-2841 (Integer underflow in the exif_entry_get_value function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) 0.6.20 might allow remote attackers to execute arbitrary code via vectors involving a crafted buffer-size parameter during the formatting of an EXIF tag, leading to a heap-based buffer overflow.)
 CVE-2012-2840 (Off-by-one error in the exif_convert_utf16_to_utf8 function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted EXIF tags in an image.)
 CVE-2012-2837 (The mnote_olympus_entry_get_value function in olympus/mnote-olympus-entry.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service (divide-by-zero error) via an image with crafted EXIF tags that are not properly handled during the formatting of EXIF maker note tags.)
 CVE-2012-2836 (The exif_data_load_data function in exif-data.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from process memory via crafted EXIF tags in an image.)
 CVE-2012-2814 (Buffer overflow in the exif_entry_format_value function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) 0.6.20 allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted EXIF tags in an image.)
 CVE-2012-2813 (The exif_convert_utf16_to_utf8 function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from process memory via crafted EXIF tags in an image.)
 CVE-2012-2812 (The exif_entry_get_value function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from process memory via crafted EXIF tags in an image.)
Оригинальный текстdocumentLIBEXIF, libexif project security advisory July 12, 2012 (23.07.2012)
 documentMANDRIVA, [ MDVSA-2012:106 ] libexif (16.07.2012)

Уязвимости безопасности в библиотеке openjpeg
дополнено с 16 июля 2012 г.
Опубликовано:2 марта 2013 г.
Источник:
SecurityVulns ID:12476
Тип:библиотека
Уровень опасности:
6/10
Описание:Уязвимости при кодировании и декодировании jpeg
Затронутые продукты:OPENJPEG : OpenJPEG 1.3
CVE:CVE-2012-3535 (Heap-based buffer overflow in OpenJPEG 1.5.0 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted JPEG2000 file.)
 CVE-2012-3358 (Multiple heap-based buffer overflows in the j2k_read_sot function in j2k.c in OpenJPEG 1.5 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted (1) tile number or (2) tile length in a JPEG 2000 image file.)
 CVE-2009-5030 (The tcd_free_encode function in tcd.c in OpenJPEG 1.3 through 1.5 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted tile information in a Gray16 TIFF image, which causes insufficient memory to be allocated and leads to an "invalid free.")
Оригинальный текстdocumentMANDRIVA, [ MDVSA-2012:104 ] openjpeg (16.07.2012)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород