Информационная безопасность
[RU] switch to English


Межсайтовый скриптинг в Microsoft Visual Studio Team Foundation Server
Опубликовано:18 сентября 2012 г.
Источник:
SecurityVulns ID:12582
Тип:удаленная
Уровень опасности:
5/10
Затронутые продукты:MICROSOFT : Visual Studio 2005
 MICROSOFT : Visual Studio 2008
 MICROSOFT : Visual Studio 2010
 MICROSOFT : Visual Studio 2003
 MICROSOFT : Visual Studio 2012
 MICROSOFT : Visual Studio Team Foundation Server 2005
 MICROSOFT : Visual Studio Team Foundation Server 2008
 MICROSOFT : Visual Studio Team Foundation Server 2012
 MICROSOFT : Visual Studio LightSwitch 2011
CVE:CVE-2012-1892 (Cross-site scripting (XSS) vulnerability in Microsoft Visual Studio Team Foundation Server 2010 SP1 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka "XSS Vulnerability.")
Файлы:Microsoft Security Bulletin MS12-061 - Important Vulnerability in Visual Studio Team Foundation Server Could Allow Elevation of Privilege (2719584)

Межсайтовый скриптинг в Microsoft System Center Configuration Manager
Опубликовано:18 сентября 2012 г.
Источник:
SecurityVulns ID:12583
Тип:удаленная
Уровень опасности:
5/10
Затронутые продукты:MICROSOFT : Systems Management Server 2003
 MICROSOFT : System Center Configuration Manager 2007
CVE:CVE-2012-2536 (Cross-site scripting (XSS) vulnerability in Microsoft Systems Management Server 2003 SP3 and System Center Configuration Manager 2007 SP2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Reflected XSS Vulnerability.")
Файлы:Microsoft Security Bulletin MS12-062 - Important Vulnerability in System Center Configuration Manager Could Allow Elevation of Privilege (2741528)

Уязвимости безопасности в библиотеках Microsoft
дополнено с 20 августа 2012 г.
Опубликовано:18 сентября 2012 г.
Источник:
SecurityVulns ID:12517
Тип:библиотека
Уровень опасности:
5/10
Описание:Выполнение кода в ActiveX MSCOMCTL.OCX
Затронутые продукты:MICROSOFT : SQL Server 2000
 MICROSOFT : Commerce Server 2002
 MICROSOFT : Office 2003
 MICROSOFT : Office 2007
 MICROSOFT : Visual Basic 6.0
 MICROSOFT : SQL Server 2005
 MICROSOFT : Host Integration Server 2004
 MICROSOFT : Visual FoxPro 8.0
 MICROSOFT : Visual FoxPro 9.0
 MICROSOFT : Office 2010
 MICROSOFT : SQL Server 2008
 MICROSOFT : Commerce Server 2007
 MICROSOFT : Commerce Server 2009
CVE:CVE-2012-1856 (The TabStrip ActiveX control in the Common Controls in MSCOMCTL.OCX in Microsoft Office 2003 SP3, Office 2003 Web Components SP3, Office 2007 SP2 and SP3, Office 2010 SP1, SQL Server 2000 SP4, SQL Server 2005 SP4, SQL Server 2008 SP2, SP3, R2, R2 SP1, and R2 SP2, Commerce Server 2002 SP4, Commerce Server 2007 SP2, Commerce Server 2009 Gold and R2, Host Integration Server 2004 SP1, Visual FoxPro 8.0 SP1, Visual FoxPro 9.0 SP2, and Visual Basic 6.0 Runtime allows remote attackers to execute arbitrary code via a crafted (1) document or (2) web page that triggers system-state corruption, aka "MSCOMCTL.OCX RCE Vulnerability.")
Оригинальный текстdocumentVUPEN Security Research, VUPEN - Microsoft Windows Common Controls MSCOMCTL.OCX Use-after-free (CVE-2012-1856 / MS12-060) (18.09.2012)

Многочисленные уязвимости безопасности в Mozilla Firefox / Thunderbird / Seamonkey
дополнено с 2 сентября 2012 г.
Опубликовано:18 сентября 2012 г.
Источник:
SecurityVulns ID:12551
Тип:клиент
Уровень опасности:
8/10
Описание:Повышение привилегий, многочисленные повреждения памяти, переполнения буфера, использование после освобождения и т.п.
Затронутые продукты:MOZILLA : Firefox ESR 10.0
 MOZILLA : Thunderbird ESR 10.0
 MOZILLA : Firefox 14
 MOZILLA : Thunderbird 14
 MOZILLA : SeaMonkey 2.12
CVE:CVE-2012-3980 (The web console in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, and Thunderbird ESR 10.x before 10.0.7 allows user-assisted remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site that injects this code and triggers an eval operation.)
 CVE-2012-3979 (Mozilla Firefox before 15.0 on Android does not properly implement unspecified callers of the __android_log_print function, which allows remote attackers to execute arbitrary code via a crafted web page that calls the JavaScript dump function.)
 CVE-2012-3978 (The nsLocation::CheckURL function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 does not properly follow the security model of the location object, which allows remote attackers to bypass intended content-loading restrictions or possibly have unspecified other impact via vectors involving chrome code.)
 CVE-2012-3976 (Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, and SeaMonkey before 2.12 do not properly handle onLocationChange events during navigation between different https sites, which allows remote attackers to spoof the X.509 certificate information in the address bar via a crafted web page.)
 CVE-2012-3975 (The DOMParser component in Mozilla Firefox before 15.0, Thunderbird before 15.0, and SeaMonkey before 2.12 loads subresources during parsing of text/html data within an extension, which allows remote attackers to obtain sensitive information by providing crafted data to privileged extension code.)
 CVE-2012-3974 (Untrusted search path vulnerability in the installer in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, and Thunderbird ESR 10.x before 10.0.7 on Windows allows local users to gain privileges via a Trojan horse executable file in a root directory.)
 CVE-2012-3973 (The debugger in the developer-tools subsystem in Mozilla Firefox before 15.0, when remote debugging is disabled, does not properly restrict access to the remote-debugging service, which allows remote attackers to execute arbitrary code by leveraging the presence of the HTTPMonitor extension and connecting to that service through the HTTPMonitor port.)
 CVE-2012-3972 (The format-number functionality in the XSLT implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to obtain sensitive information via unspecified vectors that trigger a heap-based buffer over-read.)
 CVE-2012-3971 (Summer Institute of Linguistics (SIL) Graphite 2, as used in Mozilla Firefox before 15.0, Thunderbird before 15.0, and SeaMonkey before 2.12, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to the (1) Silf::readClassMap and (2) Pass::readPass functions.)
 CVE-2012-3970 (Use-after-free vulnerability in the nsTArray_base::Length function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving movement of a requiredFeatures attribute from one SVG document to another.)
 CVE-2012-3969 (Integer overflow in the nsSVGFEMorphologyElement::Filter function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code via a crafted SVG filter that triggers an incorrect sum calculation, leading to a heap-based buffer overflow.)
 CVE-2012-3968 (Use-after-free vulnerability in the WebGL implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code via vectors related to deletion of a fragment shader by its accessor.)
 CVE-2012-3967 (The WebGL implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 on Linux, when a large number of sampler uniforms are used, does not properly interact with Mesa drivers, which allows remote attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via a crafted web site.)
 CVE-2012-3966 (Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a negative height value in a BMP image within a .ICO file, related to (1) improper handling of the transparency bitmask by the nsICODecoder component and (2) improper processing of the alpha channel by the nsBMPDecoder component.)
 CVE-2012-3965 (Mozilla Firefox before 15.0 does not properly restrict navigation to the about:newtab page, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site that triggers creation of a new tab and then a new window.)
 CVE-2012-3964 (Use-after-free vulnerability in the gfxTextRun::GetUserData function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.)
 CVE-2012-3963 (Use-after-free vulnerability in the js::gc::MapAllocToTraceKind function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code via unspecified vectors.)
 CVE-2012-3962 (Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 do not properly iterate through the characters in a text run, which allows remote attackers to execute arbitrary code via a crafted document.)
 CVE-2012-3961 (Use-after-free vulnerability in the RangeData implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.)
 CVE-2012-3960 (Use-after-free vulnerability in the mozSpellChecker::SetCurrentDictionary function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.)
 CVE-2012-3959 (Use-after-free vulnerability in the nsRangeUpdater::SelAdjDeleteNode function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.)
 CVE-2012-3958 (Use-after-free vulnerability in the nsHTMLEditRules::DeleteNonTableElements function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.)
 CVE-2012-3957 (Heap-based buffer overflow in the nsBlockFrame::MarkLineDirty function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code via unspecified vectors.)
 CVE-2012-3956 (Use-after-free vulnerability in the MediaStreamGraphThreadRunnable::Run function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.)
 CVE-2012-1976 (Use-after-free vulnerability in the nsHTMLSelectElement::SubmitNamesValues function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.)
 CVE-2012-1975 (Use-after-free vulnerability in the PresShell::CompleteMove function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.)
 CVE-2012-1974 (Use-after-free vulnerability in the gfxTextRun::CanBreakLineBefore function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.)
 CVE-2012-1973 (Use-after-free vulnerability in the nsObjectLoadingContent::LoadObject function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.)
 CVE-2012-1972 (Use-after-free vulnerability in the nsHTMLEditor::CollapseAdjacentTextNodes function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.)
 CVE-2012-1971 (Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 15.0, Thunderbird before 15.0, and SeaMonkey before 2.12 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to garbage collection after certain MethodJIT execution, and unknown other vectors.)
 CVE-2012-1970 (Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.)
 CVE-2012-1956 (Mozilla Firefox before 15.0, Thunderbird before 15.0, and SeaMonkey before 2.12 do not prevent use of the Object.defineProperty method to shadow the location object (aka window.location), which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via vectors involving a plugin.)
Оригинальный текстdocumentVUPEN Security Research, VUPEN - Mozilla Firefox "nsHTMLEditRules" Remote Use-after-free (CVE-2012-3958 / MFSA 2012-58) (18.09.2012)
Файлы:Mozilla Foundation Security Advisory 2012-72
 Mozilla Foundation Security Advisory 2012-71
 Mozilla Foundation Security Advisory 2012-70
 Mozilla Foundation Security Advisory 2012-69
 Mozilla Foundation Security Advisory 2012-68
 Mozilla Foundation Security Advisory 2012-67
 Mozilla Foundation Security Advisory 2012-66
 Mozilla Foundation Security Advisory 2012-65
 Mozilla Foundation Security Advisory 2012-64
 Mozilla Foundation Security Advisory 2012-63
 Mozilla Foundation Security Advisory 2012-62
 Mozilla Foundation Security Advisory 2012-61
 Mozilla Foundation Security Advisory 2012-60
 Mozilla Foundation Security Advisory 2012-59
 Mozilla Foundation Security Advisory 2012-58
 Mozilla Foundation Security Advisory 2012-57

Многочисленные уязвимости безопасности в Adobe Flash Player
Опубликовано:18 сентября 2012 г.
Источник:
SecurityVulns ID:12584
Тип:клиент
Уровень опасности:
8/10
Описание:Повреждения памяти, целочисленное переполнение, утечка информации.
Затронутые продукты:ADOBE : Flash Player 11.3
 ADOBE : Air 3.3
CVE:CVE-2012-4171 (Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 on Windows and Mac OS X, before 10.3.183.23 and 11.x before 11.2.202.238 on Linux, before 11.1.111.16 on Android 2.x and 3.x, and before 11.1.115.17 on Android 4.x; Adobe AIR before 3.4.0.2540; and Adobe AIR SDK before 3.4.0.2540 allow attackers to cause a denial of service (application crash) by leveraging a logic error during handling of Firefox dialogs.)
 CVE-2012-4168 (Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 on Windows and Mac OS X, before 10.3.183.23 and 11.x before 11.2.202.238 on Linux, before 11.1.111.16 on Android 2.x and 3.x, and before 11.1.115.17 on Android 4.x; Adobe AIR before 3.4.0.2540; and Adobe AIR SDK before 3.4.0.2540 allow remote attackers to read content from a different domain via a crafted web site.)
 CVE-2012-4167 (Integer overflow in Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 on Windows and Mac OS X, before 10.3.183.23 and 11.x before 11.2.202.238 on Linux, before 11.1.111.16 on Android 2.x and 3.x, and before 11.1.115.17 on Android 4.x; Adobe AIR before 3.4.0.2540; and Adobe AIR SDK before 3.4.0.2540 allows attackers to execute arbitrary code via unspecified vectors.)
 CVE-2012-4166 (** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-4165. Reason: This candidate is a duplicate of CVE-2012-4165. Notes: All CVE users should reference CVE-2012-4165 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.)
 CVE-2012-4165 (Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 on Windows and Mac OS X, before 10.3.183.23 and 11.x before 11.2.202.238 on Linux, before 11.1.111.16 on Android 2.x and 3.x, and before 11.1.115.17 on Android 4.x; Adobe AIR before 3.4.0.2540; and Adobe AIR SDK before 3.4.0.2540 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-4163 and CVE-2012-4164.)
 CVE-2012-4164 (Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 on Windows and Mac OS X, before 10.3.183.23 and 11.x before 11.2.202.238 on Linux, before 11.1.111.16 on Android 2.x and 3.x, and before 11.1.115.17 on Android 4.x; Adobe AIR before 3.4.0.2540; and Adobe AIR SDK before 3.4.0.2540 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-4163 and CVE-2012-4165.)
 CVE-2012-4163 (Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 on Windows and Mac OS X, before 10.3.183.23 and 11.x before 11.2.202.238 on Linux, before 11.1.111.16 on Android 2.x and 3.x, and before 11.1.115.17 on Android 4.x; Adobe AIR before 3.4.0.2540; and Adobe AIR SDK before 3.4.0.2540 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-4164 and CVE-2012-4165.)
Оригинальный текстdocumentVUPEN Security Research, VUPEN - Adobe Flash Player "Matrix3D" Integer Overflow Code Execution (APSB12-19) (18.09.2012)
Файлы:Security updates available for Adobe Flash Player

Переполнение буфера в FreeRADIUS
Опубликовано:18 сентября 2012 г.
Источник:
SecurityVulns ID:12585
Тип:удаленная
Уровень опасности:
6/10
Описание:Переполнение буфера при обработке EAP-TLS
Затронутые продукты:FREERADIUS : FreeRADIUS 2.1
CVE:CVE-2012-3547 (Stack-based buffer overflow in the cbtls_verify function in FreeRADIUS 2.1.10 through 2.1.12, when using TLS-based EAP methods, allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via a long "not after" timestamp in a client certificate.)
Оригинальный текстdocumentTimo Warns, [PRE-SA-2012-06] FreeRADIUS: Stack Overflow in TLS-based EAP Methods (18.09.2012)
 documentDEBIAN, [SECURITY] [DSA 2546-1] freeradius security update (18.09.2012)

Подмена ключа в GnuPG
Опубликовано:18 сентября 2012 г.
Источник:
SecurityVulns ID:12586
Тип:клиент
Уровень опасности:
5/10
Описание:Некорректное использование идентификатора ключа при запросе ключа с сервера.
Затронутые продукты:GNU : GnuPG 1.4
 GNU : GnuPG 2.0
Оригинальный текстdocumentUBUNTU, [USN-1570-1] GnuPG vulnerability (18.09.2012)

Многочисленные уязвимости безопасности в ISC dhcp
дополнено с 29 июля 2012 г.
Опубликовано:18 сентября 2012 г.
Источник:
SecurityVulns ID:12491
Тип:удаленная
Уровень опасности:
5/10
Описание:Многочисленные DoS-условия.
Затронутые продукты:ISC : dhcp 4.1
 DHCP : dhcp 4.2
CVE:CVE-2012-3955 (ISC DHCP 4.1.x before 4.1-ESV-R7 and 4.2.x before 4.2.4-P2 allows remote attackers to cause a denial of service (daemon crash) in opportunistic circumstances by establishing an IPv6 lease in an environment where the lease expiration time is later reduced.)
 CVE-2012-3954 (Multiple memory leaks in ISC DHCP 4.1.x and 4.2.x before 4.2.4-P1 and 4.1-ESV before 4.1-ESV-R6 allow remote attackers to cause a denial of service (memory consumption) by sending many requests.)
 CVE-2012-3571 (ISC DHCP 4.1.2 through 4.2.4 and 4.1-ESV before 4.1-ESV-R6 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed client identifier.)
 CVE-2012-3570 (Buffer overflow in ISC DHCP 4.2.x before 4.2.4-P1, when DHCPv6 mode is enabled, allows remote attackers to cause a denial of service (segmentation fault and daemon exit) via a crafted client identifier parameter.)
Оригинальный текстdocumentMANDRIVA, [ MDVSA-2012:153 ] dhcp (18.09.2012)
 documentMANDRIVA, [ MDVSA-2012:115 ] dhcp (29.07.2012)

Уязвимости безопасности в ядре Linux
Опубликовано:18 сентября 2012 г.
Источник:
SecurityVulns ID:12587
Тип:удаленная
Уровень опасности:
6/10
Описание:DoS условия, утечка информации.
Затронутые продукты:LINUX : kernel 2.6
 LINUX : kernel 3.3
CVE:CVE-2012-3511 (Multiple race conditions in the madvise_remove function in mm/madvise.c in the Linux kernel before 3.4.5 allow local users to cause a denial of service (use-after-free and system crash) via vectors involving a (1) munmap or (2) close system call.)
 CVE-2012-3430 (The rds_recvmsg function in net/rds/recv.c in the Linux kernel before 3.0.44 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a (1) recvfrom or (2) recvmsg system call on an RDS socket.)
 CVE-2012-3412 (The sfc (aka Solarflare Solarstorm) driver in the Linux kernel before 3.2.30 allows remote attackers to cause a denial of service (DMA descriptor consumption and network-controller outage) via crafted TCP packets that trigger a small MSS value.)
 CVE-2012-2745 (The copy_creds function in kernel/cred.c in the Linux kernel before 3.3.2 provides an invalid replacement session keyring to a child process, which allows local users to cause a denial of service (panic) via a crafted application that uses the fork system call.)
Оригинальный текстdocumentUBUNTU, [USN-1567-1] Linux kernel vulnerabilities (18.09.2012)

DoS против ISC bind
Опубликовано:18 сентября 2012 г.
Источник:
SecurityVulns ID:12588
Тип:удаленная
Уровень опасности:
6/10
Описание:Отказ при обработке длинных записей.
Затронутые продукты:ISC : bind 9.9
CVE:CVE-2012-4244 (ISC BIND 9.x before 9.7.6-P3, 9.8.x before 9.8.3-P3, 9.9.x before 9.9.1-P3, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P3 allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for a long resource record.)
Оригинальный текстdocumentUBUNTU, [USN-1566-1] Bind vulnerability (18.09.2012)

Уязвимости безопасности в tor
Опубликовано:18 сентября 2012 г.
Источник:
SecurityVulns ID:12589
Тип:удаленная
Уровень опасности:
5/10
Описание:Различные DoS-условия, утека информации.
Затронутые продукты:TOR : tor 0.2
CVE:CVE-2012-4419 (The compare_tor_addr_to_addr_policy function in or/policies.c in Tor before 0.2.2.39, and 0.2.3.x before 0.2.3.21-rc, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a zero-valued port field that is not properly handled during policy comparison.)
 CVE-2012-3519 (routerlist.c in Tor before 0.2.2.38 uses a different amount of time for relay-list iteration depending on which relay is chosen, which might allow remote attackers to obtain sensitive information about relay selection via a timing side-channel attack.)
 CVE-2012-3518 (The networkstatus_parse_vote_from_string function in routerparse.c in Tor before 0.2.2.38 does not properly handle an invalid flavor name, which allows remote attackers to cause a denial of service (out-of-bounds read and daemon crash) via a crafted (1) vote document or (2) consensus document.)
Оригинальный текстdocumentDEBIAN, [SECURITY] [DSA 2548-1] tor security update (18.09.2012)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород