Информационная безопасность
[RU] switch to English


Уязвимости безопасности libvirt / qemu
дополнено с 5 мая 2015 г.
Опубликовано:17 мая 2015 г.
Источник:
SecurityVulns ID:14442
Тип:локальная
Уровень опасности:
6/10
Описание:Отказ при разборе Physical Region Descriptor Table, контроллере IDE и регистрах PCI. Выполнение кода.
Затронутые продукты:QEMU : qemu 1.6
 QEMU : qemu 2.1
CVE:CVE-2015-3456 (The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and earlier and KVM, allows local guest users to cause a denial of service (out-of-bounds write and guest crash) or possibly execute arbitrary code via the (1) FD_CMD_READ_ID, (2) FD_CMD_DRIVE_SPECIFICATION_COMMAND, or other unspecified commands, aka VENOM.)
 CVE-2015-2756 (QEMU, as used in Xen 3.3.x through 4.5.x, does not properly restrict access to PCI command registers, which might allow local HVM guest users to cause a denial of service (non-maskable interrupt and host crash) by disabling the (1) memory or (2) I/O decoding for a PCI Express device and then accessing the device, which triggers an Unsupported Request (UR) response.)
 CVE-2015-1779
 CVE-2014-9718 (The (1) BMDMA and (2) AHCI HBA interfaces in the IDE functionality in QEMU 1.0 through 2.1.3 have multiple interpretations of a function's return value, which allows guest OS users to cause a host OS denial of service (memory consumption or infinite loop, and system crash) via a PRDT with zero complete sectors, related to the bmdma_prepare_buf and ahci_dma_prepare_buf functions.)
Оригинальный текстdocumentUBUNTU, [USN-2608-1] QEMU vulnerabilities (17.05.2015)
 documentMANDRIVA, [ MDVSA-2015:210 ] qemu (05.05.2015)

Уязвимости безопасности в Apache Tomcat
дополнено с 11 мая 2015 г.
Опубликовано:17 мая 2015 г.
Источник:
SecurityVulns ID:14462
Тип:библиотека
Уровень опасности:
5/10
Описание:Исчерпание ресурсов, обход ограничений.
Затронутые продукты:APACHE : Tomcat 8.0
CVE:CVE-2014-7810 (The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider the possibility of an accessible interface implemented by an inaccessible class, which allows attackers to bypass a SecurityManager protection mechanism via a web application that leverages use of incorrect privileges during EL evaluation.)
 CVE-2014-0230 (Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle cases where an HTTP response occurs before finishing the reading of an entire request body, which allows remote attackers to cause a denial of service (memory consumption) via a series of aborted upload attempts.)
Оригинальный текстdocumentAPACHE, [SECURITY] CVE-2014-7810: Apache Tomcat Security Manager Bypass (17.05.2015)
 documentAPACHE, [SECURITY] CVE-2014-0230: Apache Tomcat DoS (11.05.2015)

Уязвимости безопасности в Cisco Telepresence
Опубликовано:17 мая 2015 г.
Источник:
SecurityVulns ID:14495
Тип:удаленная
Уровень опасности:
6/10
Описание:Выполнение кода, обход аутентификации, DoS.
CVE:CVE-2015-0722 (The network drivers in Cisco TelePresence T, Cisco TelePresence TE, and Cisco TelePresence TC before 7.3.2 allow remote attackers to cause a denial of service (process restart or device reload) via a flood of crafted IP packets, aka Bug ID CSCuj68952.)
 CVE-2015-0713 (The web framework in Cisco TelePresence Advanced Media Gateway Series Software before 1.1(1.40), Cisco TelePresence IP Gateway Series Software, Cisco TelePresence IP VCR Series Software before 3.0(1.27), Cisco TelePresence ISDN Gateway Software before 2.2(1.94), Cisco TelePresence MCU Software before 4.4(3.54) and 4.5 before 4.5(1.45), Cisco TelePresence MSE Supervisor Software before 2.3(1.38), Cisco TelePresence Serial Gateway Series Software before 1.0(1.42), Cisco TelePresence Server Software for Hardware before 3.1(1.98), and Cisco TelePresence Server Software for Virtual Machine before 4.1(1.79) allows remote authenticated users to execute arbitrary commands with root privileges via unspecified vectors, aka Bug IDs CSCul55968, CSCur08993, CSCur15803, CSCur15807, CSCur15825, CSCur15832, CSCur15842, CSCur15850, and CSCur15855.)
 CVE-2014-2174 (Cisco TelePresence T, TelePresence TE, and TelePresence TC before 7.1 do not properly implement access control, which allows remote attackers to obtain root privileges by sending packets on the local network and allows physically proximate attackers to obtain root privileges via unspecified vectors, aka Bug ID CSCub67651.)
Файлы: Cisco Security Advisory Command Injection Vulnerability in Multiple Cisco TelePresence Products
  Cisco Security Advisory Multiple Vulnerabilities in Cisco TelePresence TC and TE Software

Переполнение буфера в игровом сервере Pure Faction
Опубликовано:17 мая 2015 г.
Источник:
SecurityVulns ID:14496
Тип:удаленная
Уровень опасности:
5/10
Описание:Переполнение буфера через сообщения игрового чата.
Затронутые продукты:PUREFACTION : Pure Faction 3.0
Оригинальный текстdocumentsoulsgetnothing_(at)_hotmail.com, Server buffer overflow in Pure Faction <= 3.0c (17.05.2015)

Переполнение буфера в продуктах SAP
Опубликовано:17 мая 2015 г.
Источник:
SecurityVulns ID:14497
Тип:библиотека
Уровень опасности:
6/10
Описание:Переполнение буфера в реализации LZC/LZH.
CVE:CVE-2015-2282 (Stack-based buffer overflow in the LZC decompression implementation (CsObjectInt::CsDecomprLZC function in vpa106cslzc.cpp) in SAP MaxDB 7.5 and 7.6, Netweaver Application Server ABAP, Netweaver Application Server Java, Netweaver RFC SDK, GUI, RFC SDK, SAPCAR archive tool, and other products allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via unspecified vectors, aka SAP Security Note 2124806, 2121661, 2127995, and 2125316.)
 CVE-2015-2282 (Stack-based buffer overflow in the LZC decompression implementation (CsObjectInt::CsDecomprLZC function in vpa106cslzc.cpp) in SAP MaxDB 7.5 and 7.6, Netweaver Application Server ABAP, Netweaver Application Server Java, Netweaver RFC SDK, GUI, RFC SDK, SAPCAR archive tool, and other products allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via unspecified vectors, aka SAP Security Note 2124806, 2121661, 2127995, and 2125316.)
Оригинальный текстdocumentCORE SECURITY TECHNOLOGIES ADVISORIES, [CORE-2015-0009] - SAP LZC/LZH Compression Multiple Vulnerabilities (17.05.2015)

Проблема сертификатов в Websense Content Gateway
Опубликовано:17 мая 2015 г.
Источник:
SecurityVulns ID:14498
Тип:m-i-t-m
Уровень опасности:
5/10
Описание:Некорректно помечены скомпрометированные сертификаты.
Затронутые продукты:WEBSENSE : Websense Content Gateway 7.8
Оригинальный текстdocumentSteve Shockley, Certificate trust vulnerability in Websense Content Gateway (17.05.2015)

Cводка уязвимостей безопасности в Web-приложениях (PHP, ASP, JSP, CGI, Perl)
дополнено с 17 мая 2015 г.
Опубликовано:18 мая 2015 г.
Источник:
SecurityVulns ID:14499
Тип:удаленная
Уровень опасности:
5/10
Описание:Инъекции PHP, инъекции SQL, обратный путь в каталогах, межсайтовый скриптинг, модификация файлов, утечка информации и т.д.
Затронутые продукты:WEBINDIASOLUTION : Web India Solutions CMS 2015
 CONCRETE5 : Concrete5 CMS 5.7
 SIDU : Sidu 5.2
 WSO2 : WSO2 Identity Server 5.0
 LOXONE : Loxone Smart Home 6.4
 PHPMYADMIN : phpMyAdmin 4.4
CVE:CVE-2015-3903 (libraries/Config.class.php in phpMyAdmin 4.0.x before 4.0.10.10, 4.2.x before 4.2.13.3, 4.3.x before 4.3.13.1, and 4.4.x before 4.4.6.1 disables X.509 certificate verification for GitHub API calls over SSL, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.)
 CVE-2015-2250 (Multiple cross-site scripting (XSS) vulnerabilities in concrete5 before 5.7.4 allow remote attackers to inject arbitrary web script or HTML via the (1) banned_word[] parameter to index.php/dashboard/system/conversations/bannedwords/success, (2) channel parameter to index.php/dashboard/reports/logs/view, (3) accessType parameter to index.php/tools/required/permissions/access_entity, (4) msCountry parameter to index.php/dashboard/system/multilingual/setup/load_icon, arHandle parameter to (5) design/submit or (6) design in index.php/ccm/system/dialogs/area/design/submit, (7) pageURL to index.php/dashboard/pages/single, (8) SEARCH_INDEX_AREA_METHOD parameter to index.php/dashboard/system/seo/searchindex/updated, (9) unit parameter to index.php/dashboard/system/optimization/jobs/job_scheduled, (10) register_notification_email parameter to index.php/dashboard/system/registration/open/1, or (11) PATH_INFO to index.php/dashboard/extend/connect/.)
Оригинальный текстdocumentSEC Consult Vulnerability Lab, SEC Consult SA-20150514-0 :: Multiple vulnerabilities in Loxone Smart Home (part 2) (18.05.2015)
 documentsubmit_(at)_cxsec.org, phpMyAdmin 4.4.6 Man-In-the-Middle API Github (18.05.2015)
 documentSEC Consult Vulnerability Lab, SEC Consult SA-20150513-0 :: Multiple critical vulnerabilities in WSO2 Identity Server (18.05.2015)
 documentOnur Yilmaz, Concrete5 Security Advisory - Multiple XSS Vulnerabilities - CVE-2015-2250 (17.05.2015)
 documentVulnerability Lab, Web India Solutions CMS 2015 - SQL Injection Vulnerability (17.05.2015)
 documentapparitionsec_(at)_gmail.com, Sidu 5.2 Admin XSS Vulnerability (17.05.2015)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород