Информационная безопасность
[RU] switch to English


Уязвимости безопасности в OpenAFS
Опубликовано:19 января 2011 г.
Источник:
SecurityVulns ID:11362
Тип:удаленная
Уровень опасности:
6/10
Описание:Переполнение буфера, обращение по неинициализированному указателю.
Затронутые продукты:OPENAFS : OpenAFS 1.5
CVE:CVE-2009-1251 (Heap-based buffer overflow in the cache manager in the client in OpenAFS 1.0 through 1.4.8 and 1.5.0 through 1.5.58 on Unix platforms allows remote attackers to cause a denial of service (system crash) or possibly execute arbitrary code via an RX response containing more data than specified in a request, related to use of XDR arrays.)
 CVE-2009-1250 (The cache manager in the client in OpenAFS 1.0 through 1.4.8 and 1.5.0 through 1.5.58 on Linux allows remote attackers to cause a denial of service (system crash) via an RX response with a large error-code value that is interpreted as a pointer and dereferenced, related to use of the ERR_PTR macro.)
Оригинальный текстdocumentGENTOO, [ GLSA 201101-05 ] OpenAFS: Arbitrary code execution (19.01.2011)

DoS против Kingsoft AntiVirus
Опубликовано:19 января 2011 г.
Источник:
SecurityVulns ID:11360
Тип:локальная
Уровень опасности:
4/10
Описание:Отказ при обработке перехваченной функции KiFastCallEntry.
Затронутые продукты:KINGSOFT : KingSoft AntiVirus 2011
Оригинальный текстdocumentth_decoder_(at)_126.com, Kingsoft AntiVirus 2011 SP5.2 KisKrnl.sys <= 2011.1.13.89 Local Kernel Mode D.O.S Exploit(3 lines of code) (19.01.2011)

DoS против D-Bus
Опубликовано:19 января 2011 г.
Источник:
SecurityVulns ID:11357
Тип:локальная
Уровень опасности:
5/10
Описание:Отказ при обработке сообщения.
Затронутые продукты:DBUS : D-Bus 1.4
CVE:CVE-2010-4352 (Stack consumption vulnerability in D-Bus (aka DBus) before 1.4.1 allows local users to cause a denial of service (daemon crash) via a message containing many nested variants.)
Оригинальный текстdocumentUBUNTU, [USN-1044-1] D-Bus vulnerability (19.01.2011)

Многочисленные уязвимости безопасности в Xfig
Опубликовано:19 января 2011 г.
Источник:
SecurityVulns ID:11361
Тип:библиотека
Уровень опасности:
5/10
Описание:Многочисленные уязвимости при обработке файлов .fig
Затронутые продукты:XFIG : Xfig 3.2
CVE:CVE-2010-4262 (Stack-based buffer overflow in Xfig 3.2.4 and 3.2.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a FIG image with a crafted color definition.)
 CVE-2009-4228 (Stack consumption vulnerability in u_bound.c in Xfig 3.2.5b and earlier allows remote attackers to cause a denial of service (application crash) via a long string in a malformed .fig file that uses the 1.3 file format, possibly related to the readfp_fig function in f_read.c.)
 CVE-2009-4227 (Stack-based buffer overflow in the read_1_3_textobject function in f_readold.c in Xfig 3.2.5b and earlier, and in the read_textobject function in read1_3.c in fig2dev in Transfig 3.2.5a and earlier, allows remote attackers to execute arbitrary code via a long string in a malformed .fig file that uses the 1.3 file format. NOTE: some of these details are obtained from third party information.)
Оригинальный текстdocumentMANDRIVA, [ MDVSA-2011:010 ] xfig (19.01.2011)

Проблема символьных линков в pimd
Опубликовано:19 января 2011 г.
Источник:
SecurityVulns ID:11363
Тип:локальная
Уровень опасности:
4/10
Описание:Проблема символьных линков при обработке сигналов.
CVE:CVE-2011-0007 (pimd 2.1.5 and possibly earlier versions allows user-assisted local users to overwrite arbitrary files via a symlink attack on (1) pimd.dump when a USR1 signal is sent, or (2) pimd.cache when USR2 is sent.)
Оригинальный текстdocumentDEBIAN, [SECURITY] [DSA 2147-1] Security update for pimd (19.01.2011)

Переполнение буфера в gif2png
Опубликовано:19 января 2011 г.
Источник:
SecurityVulns ID:11365
Тип:библиотека
Уровень опасности:
5/10
Описание:Переполнение буфера при обработке GIF
Затронутые продукты:GIF2PNG : gif2png 2.5
CVE:CVE-2010-4694 (Buffer overflow in gif2png.c in gif2png 2.5.3 and earlier might allow context-dependent attackers to cause a denial of service (application crash) or have unspecified other impact via a GIF file that contains many images, leading to long extensions such as .p100 for PNG output files, as demonstrated by a CGI program that launches gif2png, a different vulnerability than CVE-2009-5018.)
 CVE-2009-5018 (Stack-based buffer overflow in gif2png.c in gif2png 2.5.3 and earlier might allow context-dependent attackers to execute arbitrary code via a long command-line argument, as demonstrated by a CGI program that launches gif2png.)
Оригинальный текстdocumentMANDRIVA, [ MDVSA-2011:009 ] gif2png (19.01.2011)

Переполнение буфера в Asterisk
Опубликовано:19 января 2011 г.
Источник:
SecurityVulns ID:11358
Тип:удаленная
Уровень опасности:
7/10
Описание:Переполнение буфера через Caller ID в SIP.
Затронутые продукты:ASTERISK : AsteriskNOW 1.5
 ASTERISK : Asterisk 1.2
 DIGIUM : Asterisk 1.4
 ASTERISK : Asterisk 1.6
 ASTERISK : Asterisk 1.8
Оригинальный текстdocumentASTERISK, AST-2011-001: Stack buffer overflow in SIP channel driver (19.01.2011)

Переполнение буфера в библиотеке OpenSC / PCSC-Lite
дополнено с 19 января 2011 г.
Опубликовано:24 января 2011 г.
Источник:
SecurityVulns ID:11364
Тип:библиотека
Уровень опасности:
6/10
Описание:Переполнение буфера на длинном номере смарткарты.
Затронутые продукты:OPENSC : OpenSC 0.11
 PCSCLITE : PCSC-Lite 1.5
CVE:CVE-2010-4531 (Stack-based buffer overflow in the ATRDecodeAtr function in the Answer-to-Reset (ATR) Handler (atrhandler.c) for pcscd in PCSC-Lite 1.5.3, and possibly other 1.5.x and 1.6.x versions, allows physically proximate attackers to cause a denial of service (crash) and possibly execute arbitrary code via a smart card with an ATR message containing a long attribute value.)
 CVE-2010-4530 (Signedness error in ccid_serial.c in libccid in the USB Chip/Smart Card Interface Devices (CCID) driver, as used in pcscd in PCSC-Lite 1.5.3 and possibly other products, allows physically proximate attackers to execute arbitrary code via a smart card with a crafted serial number that causes a negative value to be used in a memcpy operation, which triggers a buffer overflow. NOTE: some sources refer to this issue as an integer overflow.)
 CVE-2010-4523 (Multiple stack-based buffer overflows in libopensc in OpenSC 0.11.13 and earlier allow physically proximate attackers to execute arbitrary code via a long serial-number field on a smart card, related to (1) card-acos5.c, (2) card-atrust-acos.c, and (3) card-starcos.c.)
Оригинальный текстdocumentMANDRIVA, [ MDVSA-2011:015 ] pcsc-lite (24.01.2011)
 documentMANDRIVA, [ MDVSA-2011:014 ] ccid (24.01.2011)
 documentMANDRIVA, [ MDVSA-2011:011 ] opensc (19.01.2011)

Многочисленные уязвимости безопасности в tor
дополнено с 19 января 2011 г.
Опубликовано:24 октября 2011 г.
Источник:
SecurityVulns ID:11359
Тип:удаленная
Уровень опасности:
7/10
Описание:Переполнение буфера динамической памяти, DoS, утечка ключевой информации.
Затронутые продукты:TOR : tor 0.2
CVE:CVE-2011-1924 (Buffer overflow in the policy_summarize function in or/policies.c in Tor before 0.2.1.30 allows remote attackers to cause a denial of service (directory authority crash) via a crafted policy that triggers creation of a long port list.)
 CVE-2011-0493 (Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha might allow remote attackers to cause a denial of service (assertion failure and daemon exit) via vectors related to malformed router caches and improper handling of integer values.)
 CVE-2011-0492 (Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha allows remote attackers to cause a denial of service (assertion failure and daemon exit) via blobs that trigger a certain file size, as demonstrated by the cached-descriptors.new file.)
 CVE-2011-0491 (The tor_realloc function in Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha does not validate a certain size value during memory allocation, which might allow remote attackers to cause a denial of service (daemon crash) via unspecified vectors, related to "underflow errors.")
 CVE-2011-0490 (Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha makes calls to Libevent within Libevent log handlers, which might allow remote attackers to cause a denial of service (daemon crash) via vectors that trigger certain log messages.)
 CVE-2011-0427 (Heap-based buffer overflow in Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.)
 CVE-2011-0016 (Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha does not properly manage key data in memory, which might allow local users to obtain sensitive information by leveraging the ability to read memory that was previously used by a different process.)
 CVE-2011-0015 (Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha does not properly check the amount of compression in zlib-compressed data, which allows remote attackers to cause a denial of service via a large compression factor.)
Оригинальный текстdocumentDEBIAN, [SECURITY] [DSA 2148-1] Security update for tor (19.01.2011)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород