Информационная безопасность
[RU] switch to English


Многочисленные уязвимости безопасности в Sybase EAServer
Опубликовано:19 июля 2013 г.
Источник:
SecurityVulns ID:13197
Тип:удаленная
Уровень опасности:
7/10
Описание:Обратный путь в каталогах, инъекция XML, инъекция кода.
Затронутые продукты:SYBASE : EAServer 6.3
Оригинальный текстdocumentSEC Consult Vulnerability Lab, SEC Consult SA-20130719-0 :: Multiple vulnerabilities in Sybase EAServer (19.07.2013)

Многочисленные уязвимости безопасности в HP System Management Homepage
Опубликовано:19 июля 2013 г.
Источник:
SecurityVulns ID:13198
Тип:удаленная
Уровень опасности:
5/10
Описание:Выполнение кода, несанкционированный доступ, DoS.
Затронутые продукты:HP : HP System Management Homepage 7.2
CVE:CVE-2013-2364 (Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.)
 CVE-2013-2363 (HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2013-2356.)
 CVE-2013-2362 (Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows local users to cause a denial of service via unknown vectors, aka ZDI-CAN-1676.)
 CVE-2013-2361 (Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.)
 CVE-2013-2360 (Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to cause a denial of service via unknown vectors, a different vulnerability than CVE-2013-2357, CVE-2013-2358, and CVE-2013-2359.)
 CVE-2013-2359 (Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to cause a denial of service via unknown vectors, a different vulnerability than CVE-2013-2357, CVE-2013-2358, and CVE-2013-2360.)
 CVE-2013-2358 (Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to cause a denial of service via unknown vectors, a different vulnerability than CVE-2013-2357, CVE-2013-2359, and CVE-2013-2360.)
 CVE-2013-2357 (Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to cause a denial of service via unknown vectors, a different vulnerability than CVE-2013-2358, CVE-2013-2359, and CVE-2013-2360.)
 CVE-2013-2356 (HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2013-2363.)
 CVE-2013-2355 (HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2012-5217.)
 CVE-2012-5217 (HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2013-2355.)
 CVE-2012-2336 (sapi/cgi/cgi_main.c in PHP before 5.3.13 and 5.4.x before 5.4.3, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to cause a denial of service (resource consumption) by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the 'T' case. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-1823.)
 CVE-2012-2336 (sapi/cgi/cgi_main.c in PHP before 5.3.13 and 5.4.x before 5.4.3, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to cause a denial of service (resource consumption) by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the 'T' case. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-1823.)
 CVE-2012-2335 (php-wrapper.fcgi does not properly handle command-line arguments, which allows remote attackers to bypass a protection mechanism in PHP 5.3.12 and 5.4.2 and execute arbitrary code by leveraging improper interaction between the PHP sapi/cgi/cgi_main.c component and a query string beginning with a +- sequence.)
 CVE-2012-2329 (Buffer overflow in the apache_request_headers function in sapi/cgi/cgi_main.c in PHP 5.4.x before 5.4.3 allows remote attackers to cause a denial of service (application crash) via a long string in the header of an HTTP request.)
 CVE-2012-2311 (sapi/cgi/cgi_main.c in PHP before 5.3.13 and 5.4.x before 5.4.3, when configured as a CGI script (aka php-cgi), does not properly handle query strings that contain a %3D sequence but no = (equals sign) character, which allows remote attackers to execute arbitrary code by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the 'd' case. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-1823.)
 CVE-2012-2111 (The (1) CreateAccount, (2) OpenAccount, (3) AddAccountRights, and (4) RemoveAccountRights LSA RPC procedures in smbd in Samba 3.4.x before 3.4.17, 3.5.x before 3.5.15, and 3.6.x before 3.6.5 do not properly restrict modifications to the privileges database, which allows remote authenticated users to obtain the "take ownership" privilege via an LSA connection.)
 CVE-2012-2110 (The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1 before 1.0.1a does not properly interpret integer data, which allows remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key.)
 CVE-2012-0883 (envvars (aka envvars-std) in the Apache HTTP Server before 2.4.2 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse DSO in the current working directory during execution of apachectl.)
 CVE-2011-3389 (The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a "BEAST" attack.)
Оригинальный текстdocumentHP, [security bulletin] HPSBMU02900 rev.2 - HP System Management Homepage (SMH) running on Linux and Windows, Multiple Remote and Local Vulnerabilities (19.07.2013)

Повышение привилегий в Symantec Workspace Virtualization
Опубликовано:19 июля 2013 г.
Источник:
SecurityVulns ID:13201
Тип:локальная
Уровень опасности:
5/10
Описание:Небезопасная реализация перехвата функции.
Затронутые продукты:SYMANTEC : Symantec Workspace Virtualization 6.4
Оригинальный текстdocumentth_decoder_(at)_126.com, Symantec Workspace Virtualization 6.4.1895.0 Local Kernel Mode Privilege Escalation Exploit (19.07.2013)

Многочисленные уязвимости безопасности в Dell PacketTrap
Опубликовано:19 июля 2013 г.
Источник:
SecurityVulns ID:13202
Тип:удаленная
Уровень опасности:
5/10
Описание:Многочисленные уязвимости веб-интерфейса.
Затронутые продукты:DELL : PacketTrap MSP RMM 6.6
Оригинальный текстdocumentVulnerability Lab, Dell PacketTrap MSP RMM 6.6.x - Multiple Persistent Web Vulnerabilities (19.07.2013)

Многочисленные уязвимости безопасности в Cisco Intrusion Prevention System
Опубликовано:19 июля 2013 г.
Источник:
SecurityVulns ID:13203
Тип:удаленная
Уровень опасности:
6/10
Описание:Многочисленные DoS-условия.
Затронутые продукты:CISCO : Cisco IPS 4500
 CISCO : Cisco IPS 4300
CVE:CVE-2013-3411 (The IDSM-2 drivers in Cisco Intrusion Prevention System (IPS) Software on Cisco Catalyst 6500 devices with an IDSM-2 module allow remote attackers to cause a denial of service (device hang) via malformed IPv4 TCP packets, aka Bug ID CSCuh27460.)
 CVE-2013-3410 (Cisco Intrusion Prevention System (IPS) Software on IPS NME devices before 7.0(9)E4 allows remote attackers to cause a denial of service (device reload) via malformed IPv4 packets that trigger incorrect memory allocation, aka Bug ID CSCua61977.)
 CVE-2013-1243 (The IP stack in Cisco Intrusion Prevention System (IPS) Software in ASA 5500-X IPS-SSP software and hardware modules before 7.1(5)E4, IPS 4500 sensors before 7.1(6)E4, and IPS 4300 sensors before 7.1(5)E4 allows remote attackers to cause a denial of service (MainApp process hang) via malformed IPv4 packets, aka Bug ID CSCtx18596.)
 CVE-2013-1218 (Cisco Intrusion Prevention System (IPS) Software in ASA 5500-X IPS-SSP software modules before 7.1(7)sp1E4 allows remote attackers to cause a denial of service (Analysis Engine process hang or device reload) via fragmented (1) IPv4 or (2) IPv6 packets, aka Bug ID CSCue51272.)
Файлы:Multiple Vulnerabilities in Cisco Intrusion Prevention System Software

Многочисленные уязвимости безопасности в Cisco Unified Communications Manager
Опубликовано:19 июля 2013 г.
Источник:
SecurityVulns ID:13204
Тип:удаленная
Уровень опасности:
7/10
Описание:Неизменяемый встроенный ключ шифрования, выполнение команд, повышение привилегий, инъекция SQL.
Затронутые продукты:CISCO : Unified Communications Manager 7.1
 CISCO : Unified Communications Manager 8.6
 CISCO : Unified Communications Manager 9.1
 CISCO : Unified Communications Manager IM and Presence Service 9.1
CVE:CVE-2013-3462 (Buffer overflow in Cisco Unified Communications Manager (Unified CM) 7.1(x) before 7.1(5b)su6, 8.5(x) before 8.5(1)su6, 8.6(x) before 8.6(2a)su3, and 9.x before 9.1(2) allows remote authenticated users to execute arbitrary code via unspecified vectors, aka Bug ID CSCud54358.)
 CVE-2013-3461 (Cisco Unified Communications Manager (Unified CM) 8.5(x) and 8.6(x) before 8.6(2a)su3 and 9.x before 9.1(1) does not properly restrict the rate of SIP packets, which allows remote attackers to cause a denial of service (memory and CPU consumption, and service disruption) via a flood of UDP packets to port 5060, aka Bug ID CSCub35869.)
 CVE-2013-3460 (Memory leak in Cisco Unified Communications Manager (Unified CM) 8.5(x) before 8.5(1)su6, 8.6(x) before 8.6(2a)su3, and 9.x before 9.1(1) allows remote attackers to cause a denial of service (service disruption) via a high rate of UDP packets, aka Bug ID CSCub85597.)
 CVE-2013-3459 (Cisco Unified Communications Manager (Unified CM) 7.1(x) before 7.1(5b)su6a does not properly handle errors, which allows remote attackers to cause a denial of service (service disruption) via malformed registration messages, aka Bug ID CSCuf93466.)
 CVE-2013-3453 (Memory leak in Cisco Unified Communications Manager IM and Presence Service before 8.6(5)SU1 and 9.x before 9.1(2), and Cisco Unified Presence, allows remote attackers to cause a denial of service (memory and CPU consumption) by making many TCP connections to port (1) 5060 or (2) 5061, aka Bug ID CSCud84959.)
 CVE-2013-3434 (Untrusted search path vulnerability in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(1a) allows local users to gain privileges by leveraging unspecified file-permission and environment-variable issues for privileged programs, aka Bug ID CSCui02242.)
 CVE-2013-3434 (Untrusted search path vulnerability in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(1a) allows local users to gain privileges by leveraging unspecified file-permission and environment-variable issues for privileged programs, aka Bug ID CSCui02242.)
 CVE-2013-3433 (Untrusted search path vulnerability in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(1a) allows local users to gain privileges by leveraging unspecified file-permission and environment-variable issues for privileged programs, aka Bug ID CSCui02276.)
 CVE-2013-3433 (Untrusted search path vulnerability in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(1a) allows local users to gain privileges by leveraging unspecified file-permission and environment-variable issues for privileged programs, aka Bug ID CSCui02276.)
 CVE-2013-3412 (SQL injection vulnerability in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(2) allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCuh81766.)
 CVE-2013-3412 (SQL injection vulnerability in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(2) allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCuh81766.)
 CVE-2013-3404 (SQL injection vulnerability in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(1a) allows remote attackers to execute arbitrary SQL commands via unspecified vectors, leading to discovery of encrypted credentials by leveraging metadata, aka Bug ID CSCuh01051.)
 CVE-2013-3404 (SQL injection vulnerability in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(1a) allows remote attackers to execute arbitrary SQL commands via unspecified vectors, leading to discovery of encrypted credentials by leveraging metadata, aka Bug ID CSCuh01051.)
 CVE-2013-3403 (Multiple untrusted search path vulnerabilities in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(1a) allow local users to gain privileges by leveraging unspecified file-permission and environment-variable issues for privileged programs, aka Bug ID CSCuh73454.)
 CVE-2013-3403 (Multiple untrusted search path vulnerabilities in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(1a) allow local users to gain privileges by leveraging unspecified file-permission and environment-variable issues for privileged programs, aka Bug ID CSCuh73454.)
 CVE-2013-3402 (An unspecified function in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(2) allows remote authenticated users to execute arbitrary commands via unknown vectors, aka Bug ID CSCuh73440.)
 CVE-2013-3402 (An unspecified function in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(2) allows remote authenticated users to execute arbitrary commands via unknown vectors, aka Bug ID CSCuh73440.)
Файлы:Multiple Vulnerabilities in Cisco Unified Communications Manager
 Multiple Vulnerabilities in Cisco Unified Communications Manager
 Cisco Unified Communications Manager IM and Presence Service Denial of Service Vulnerability

Уязвимости безопасности в EMC Avamar
Опубликовано:19 июля 2013 г.
Источник:
SecurityVulns ID:13205
Тип:удаленная
Уровень опасности:
5/10
Описание:Повышение привилегий, межсайтовый скриптинг.
CVE:CVE-2013-3275 (EMC Avamar Server and Avamar Virtual Edition before 7.0 on Data Store Gen3, Gen4, and Gen4s platforms do not properly restrict use of FRAME elements, which makes it easier for remote attackers to obtain sensitive information via a crafted web site, related to "cross frame scripting vulnerabilities.")
 CVE-2013-3274 (EMC Avamar Server and Avamar Virtual Edition before 7.0 on Data Store Gen3, Gen4, and Gen4s platforms do not properly determine authorization for calls to Java RMI methods, which allows remote authenticated users to execute arbitrary code via unspecified vectors.)
Оригинальный текстdocumentEMC, ESA-2013-055: EMC Avamar Multiple Vulnerabilities (19.07.2013)

Утечка информации в HP Database and Middleware Automation
Опубликовано:19 июля 2013 г.
Источник:
SecurityVulns ID:13206
Тип:m-i-t-m
Уровень опасности:
5/10
Затронутые продукты:HP : HP Database and Middleware Automation 10.01
CVE:CVE-2013-2365 (HP Database and Middleware Automation (DMA) 10.x before 10.10, when SSL is used, allows remote attackers to obtain sensitive information via unspecified vectors.)
Оригинальный текстdocumentHP, [security bulletin] HPSBGN02882 rev.1 - HP Database and Middleware Automation (DMA) using SSL, Remote Disclosure of Information (19.07.2013)

Несанкционированный доступ к HP Smart Zero Client
Опубликовано:19 июля 2013 г.
Источник:
SecurityVulns ID:13208
Тип:локальная
Уровень опасности:
5/10
Затронутые продукты:HP : Smart Zero Core 4.3
CVE:CVE-2013-2339 (HP Smart Zero Core 4.3 and 4.3.1 on the t410 All-in-One Smart Zero Client, t410 Smart Zero Client, t510 Flexible Thin Client, t5565z Smart Client, t610 Flexible Thin Client, and t610 PLUS Flexible Thin Client allows local users to obtain sensitive information, modify data, or cause a denial of service via unknown vectors.)
Оригинальный текстdocumentHP, [security bulletin] HPSBHF02878 rev.1 - HP Smart Zero Client, Unauthorized Access (19.07.2013)

Утечка информации в IBM WebSphere
Опубликовано:19 июля 2013 г.
Источник:
SecurityVulns ID:13210
Тип:удаленная
Уровень опасности:
4/10
Описание:Токен доступа содержится в URL
Затронутые продукты:IBM : WebSphere Commerce Enterprise 5.6
 IBM : WebSphere Commerce Enterprise 6.0
 IBM : WebSphere Commerce Enterprise 7.0
CVE:CVE-2013-0523 (IBM WebSphere Commerce Enterprise 5.6.x through 5.6.1.5, 6.0.x through 6.0.0.11, and 7.0.x through 7.0.0.7 does not use a suitable encryption algorithm for storefront web requests, which allows remote attackers to obtain sensitive information via a padding oracle attack that targets certain UTF-8 processing of the krypto parameter, and leverages unspecified browser access or traffic-log access.)
Оригинальный текстdocumentVSR Advisories, [CVE-2013-0523] IBM WebSphere Commerce: Encrypted URL Parameter Vulnerable to Padding Oracle Attacks (19.07.2013)

Многочисленные уязвимости безопасности в IceWarp
Опубликовано:19 июля 2013 г.
Источник:
SecurityVulns ID:13211
Тип:удаленная
Уровень опасности:
5/10
Описание:Инъекция XML, межсайтовый скриптинг в веб-интерфейсе.
Затронутые продукты:ICEWARP : IceWarp 10.4
Оригинальный текстdocumentSEC Consult Vulnerability Lab, SEC Consult SA-20130625-0 :: Multiple vulnerabilities in IceWarp Mail Server (19.07.2013)

Несанкционированный доступ к кассовым аппаратам Xpient
Опубликовано:19 июля 2013 г.
Источник:
SecurityVulns ID:13212
Тип:удаленная
Уровень опасности:
5/10
Описание:Несанкционированный доступ через порт TCP/7510
CVE:CVE-2013-2571
Оригинальный текстdocumentCORE-2013-0517 - Xpient Cash Drawer Operation Vulnerability, CORE-2013-0517 - Xpient Cash Drawer Operation Vulnerability (19.07.2013)

Cводка уязвимостей безопасности в Web-приложениях (PHP, ASP, JSP, CGI, Perl)
Опубликовано:19 июля 2013 г.
Источник:
SecurityVulns ID:13213
Тип:удаленная
Уровень опасности:
5/10
Описание:Инъекции PHP, инъекции SQL, обратный путь в каталогах, межсайтовый скриптинг, модификация файлов, утечка информации и т.д.
Затронутые продукты:TINYMCE : TinyMCE Image Manager 1.1
 ALKACON : OpenCms 8.5
 REDHAT : JBoss AS Administration Console 1.2
 OPENXCHANGE : Open-Xchange 7.2
CVE:CVE-2013-4600 (Multiple cross-site scripting (XSS) vulnerabilities in Alkacon OpenCms before 8.5.2 allow remote attackers to inject arbitrary web script or HTML via the (1) title parameter to system/workplace/views/admin/admin-main.jsp or the (2) requestedResource parameter to system/login/index.html.)
 CVE-2013-3734
 CVE-2013-3106 (Multiple cross-site scripting (XSS) vulnerabilities in Open-Xchange AppSuite and Server before 6.20.7 rev18, 6.22.0 before rev16, 6.22.1 before rev19, 7.0.1 before rev7, 7.0.2 before rev11, and 7.2.0 before rev8 allow remote attackers to inject arbitrary web script or HTML via (1) embedded VBScript, (2) object/data Base64 content, (3) a Content-Type header, or (4) UTF-16 encoding, aka Bug IDs 25957, 26237, 26243, and 26244.)
Оригинальный текстdocumentMustLive, Multiple vulnerabilities in Googlemaps plugin for Joomla (19.07.2013)
 documentMustLive, AFU and XSS vulnerabilities in TinyMCE Image Manager (19.07.2013)
 documenti_(at)_amroot.com, CVE-2013-3734 - JBoss AS Administration Console - Password Returned in Later Response (19.07.2013)
 documentOPENXCHANGE, Open-Xchange Security Advisory 2013-06-03 (19.07.2013)
 documentMichal Blaszczak, Voice Logger astTECS - bypass login & arbitrary file download (19.07.2013)
 documentHigh-Tech Bridge Security Research, XSS Vulnerabilities in OpenCms (19.07.2013)

Многочисленные уязвимости безопасности в HP Network Node Manager
дополнено с 19 июля 2013 г.
Опубликовано:29 июля 2013 г.
Источник:
SecurityVulns ID:13207
Тип:удаленная
Уровень опасности:
6/10
Описание:Несанкционированный доступ, выполнение кода, DoS.
Затронутые продукты:HP : Network Node Manager 9.2
CVE:CVE-2013-2351 (Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.00, 9.1x, and 9.2x allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors.)
 CVE-2012-3546 (org/apache/catalina/realm/RealmBase.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.30, when FORM authentication is used, allows remote attackers to bypass security-constraint checks by leveraging a previous setUserPrincipal call and then placing /j_security_check at the end of a URI.)
 CVE-2011-4858 (Apache Tomcat before 5.5.35, 6.x before 6.0.35, and 7.x before 7.0.23 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.)
 CVE-2011-4605 (The (1) JNDI service, (2) HA-JNDI service, and (3) HAJNDIFactory invoker servlet in JBoss Enterprise Application Platform 4.3.0 CP10 and 5.1.2, Web Platform 5.1.2, SOA Platform 4.2.0.CP05 and 4.3.0.CP05, Portal Platform 4.3 CP07 and 5.2.x before 5.2.2, and BRMS Platform before 5.3.0 do not properly restrict write access, which allows remote attackers to add, delete, or modify items in a JNDI tree via unspecified vectors.)
 CVE-2011-2196 (jboss-seam.jar in the JBoss Seam 2 framework 2.2.x and earlier, as distributed in Red Hat JBoss Enterprise SOA Platform 4.3.0.CP05 and 5.1.0; JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.3.0, 4.3.0.CP09, and 5.1.1; and JBoss Enterprise Web Platform 5.1.1, does not properly restrict use of Expression Language (EL) statements in FacesMessages during page exception handling, which allows remote attackers to execute arbitrary Java code via a crafted URL to an application. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-1484.)
 CVE-2011-1483 (wsf/common/DOMUtils.java in JBossWS Native in Red Hat JBoss Enterprise Application Platform 4.2.0.CP09, 4.3, and 5.1.1; JBoss Enterprise Portal Platform 4.3.CP06 and 5.1.1; JBoss Enterprise SOA Platform 4.2.CP05, 4.3.CP05, and 5.1.0; JBoss Communications Platform 1.2.11 and 5.1.1; JBoss Enterprise BRMS Platform 5.1.0; and JBoss Enterprise Web Platform 5.1.1 does not properly handle recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted request containing an XML document with a DOCTYPE declaration and a large number of nested entity references, a similar issue to CVE-2003-1564.)
 CVE-2010-1429 (Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 allows remote attackers to obtain sensitive information about "deployed web contexts" via a request to the status servlet, as demonstrated by a full=true query string. NOTE: this issue exists because of a CVE-2008-3273 regression.)
 CVE-2010-1428 (The Web Console (aka web-console) in JBossAs in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 performs access control only for the GET and POST methods, which allows remote attackers to obtain sensitive information via an unspecified request that uses a different method.)
 CVE-2010-0738 (The JMX-Console web application in JBossAs in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 performs access control only for the GET and POST methods, which allows remote attackers to send requests to this application's GET handler by using a different method.)
 CVE-2009-3554 (Twiddle in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP08 and 4.3 before 4.3.0.CP07 writes the JMX password, and other command-line arguments, to the twiddle.log file, which allows local users to obtain sensitive information by reading this file.)
 CVE-2007-5333 (Apache Tomcat 6.0.0 through 6.0.14, 5.5.0 through 5.5.25, and 4.1.0 through 4.1.36 does not properly handle (1) double quote (") characters or (2) %5C (encoded backslash) sequences in a cookie value, which might cause sensitive information such as session IDs to be leaked to remote attackers and enable session hijacking attacks. NOTE: this issue exists because of an incomplete fix for CVE-2007-3385.)
Оригинальный текстdocumentHP, [security bulletin] HPSBMU02894 rev.1 - HP Network Node Manager I (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Denial of Service (DoS), Unauthorized Access, Execution of Arbitrary Code (29.07.2013)
 documentHP, [security bulletin] HPSBMU02870 SSRT101012 rev.2 - HP Network Node Manager I (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Unauthorized Access (19.07.2013)

Уязвимости безопасности в Cisco TelePresence
дополнено с 19 июля 2013 г.
Опубликовано:12 августа 2013 г.
Источник:
SecurityVulns ID:13209
Тип:удаленная
Уровень опасности:
7/10
Описание:DoS, обратный путь в каталогах, неотключаемая скрытая учетная запись.
CVE:CVE-2013-3454 (Cisco TelePresence System Software 1.10.1 and earlier on 500, 13X0, 1X00, 30X0, and 3X00 devices, and 6.0.3 and earlier on TX 9X00 devices, has a default password for the pwrecovery account, which makes it easier for remote attackers to modify the configuration or perform arbitrary actions via HTTPS requests, aka Bug ID CSCui43128.)
 CVE-2013-3379 (The firewall subsystem in Cisco TelePresence TC Software before 4.2 does not properly implement rules that grant access to hosts, which allows remote attackers to obtain shell access with root privileges by leveraging connectivity to the management network, aka Bug ID CSCts37781.)
 CVE-2013-3378 (Cisco TelePresence TC Software before 6.1 and TE Software before 4.1.3 allow remote attackers to cause a denial of service (temporary device hang) via crafted SIP packets, aka Bug ID CSCuf89557.)
 CVE-2013-3377 (Cisco TelePresence TC Software before 5.1.7 and TE Software before 4.1.3 allow remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCue01743.)
Файлы:Multiple Vulnerabilities in Cisco TelePresence TC and TE Software
 Cisco TelePresence System Default Credentials Vulnerability

Многочисленные уязвимости безопасности в Chromium / Google Chrome
дополнено с 19 июля 2013 г.
Опубликовано:12 августа 2013 г.
Источник:
SecurityVulns ID:13200
Тип:клиент
Уровень опасности:
8/10
Описание:Обход защиты, повышение привилегий, DoS, использование памяти после освобождения, утечка информации, повреждения памяти.
Затронутые продукты:GOOGLE : Chrome 27.0
CVE:CVE-2013-2886 (Multiple unspecified vulnerabilities in Google Chrome before 28.0.1500.95 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.)
 CVE-2013-2885 (Use-after-free vulnerability in Google Chrome before 28.0.1500.95 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to not properly considering focus during the processing of JavaScript events in the presence of a multiple-fields input type.)
 CVE-2013-2884 (Use-after-free vulnerability in the DOM implementation in Google Chrome before 28.0.1500.95 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to improper tracking of which document owns an Attr object.)
 CVE-2013-2883 (Use-after-free vulnerability in Google Chrome before 28.0.1500.95 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to deleting the registration of a MutationObserver object.)
 CVE-2013-2882 (Google V8, as used in Google Chrome before 28.0.1500.95, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that leverage "type confusion.")
 CVE-2013-2881 (Google Chrome before 28.0.1500.95 does not properly handle frames, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.)
 CVE-2013-2880 (Multiple unspecified vulnerabilities in Google Chrome before 28.0.1500.71 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.)
 CVE-2013-2879 (Google Chrome before 28.0.1500.71 does not properly determine the circumstances in which a renderer process can be considered a trusted process for sign-in and subsequent sync operations, which makes it easier for remote attackers to conduct phishing attacks via a crafted web site.)
 CVE-2013-2878 (Google Chrome before 28.0.1500.71 allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to the handling of text.)
 CVE-2013-2877 (parser.c in libxml2 before 2.9.0, as used in Google Chrome before 28.0.1500.71 and other products, allows remote attackers to cause a denial of service (out-of-bounds read) via a document that ends abruptly, related to the lack of certain checks for the XML_PARSER_EOF state.)
 CVE-2013-2876 (browser/extensions/api/tabs/tabs_api.cc in Google Chrome before 28.0.1500.71 does not properly enforce restrictions on the capture of screenshots by extensions, which allows remote attackers to obtain sensitive information about the content of a previous page via vectors involving an interstitial page.)
 CVE-2013-2875 (core/rendering/svg/SVGInlineTextBox.cpp in the SVG implementation in Blink, as used in Google Chrome before 28.0.1500.71, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.)
 CVE-2013-2873 (Use-after-free vulnerability in Google Chrome before 28.0.1500.71 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a 404 HTTP status code during the loading of resources.)
 CVE-2013-2871 (Use-after-free vulnerability in Google Chrome before 28.0.1500.71 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of input.)
 CVE-2013-2870 (Use-after-free vulnerability in Google Chrome before 28.0.1500.71 allows remote servers to execute arbitrary code via crafted response traffic after a URL request.)
 CVE-2013-2869 (Google Chrome before 28.0.1500.71 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted JPEG2000 image.)
 CVE-2013-2868 (common/extensions/sync_helper.cc in Google Chrome before 28.0.1500.71 proceeds with sync operations for NPAPI extensions without checking for a certain plugin permission setting, which might allow remote attackers to trigger unwanted extension changes via unspecified vectors.)
 CVE-2013-2867 (Google Chrome before 28.0.1500.71 does not properly prevent pop-under windows, which allows remote attackers to have an unspecified impact via a crafted web site.)
 CVE-2013-2853 (The HTTPS implementation in Google Chrome before 28.0.1500.71 does not ensure that headers are terminated by \r\n\r\n (carriage return, newline, carriage return, newline), which allows man-in-the-middle attackers to have an unspecified impact via vectors that trigger header truncation.)
Оригинальный текстdocumentDEBIAN, [SECURITY] [DSA 2732-1] chromium-browser security update (12.08.2013)
 documentDEBIAN, [SECURITY] [DSA 2724-1] chromium-browser security update (19.07.2013)

Уязвимости безопасности в WD My Net
дополнено с 19 июля 2013 г.
Опубликовано:12 августа 2013 г.
Источник:
SecurityVulns ID:13199
Тип:удаленная
Уровень опасности:
5/10
Описание:Несанкционированный доступ, утечка информации.
Затронутые продукты:WD : My Net N600
 WD : My Net N750
 WD : My Net N900
CVE:CVE-2013-5006 (main_internet.php on the Western Digital My Net N600 and N750 with firmware 1.03.12 and 1.04.16, and the N900 and N900C with firmware 1.05.12, 1.06.18, and 1.06.28, allows remote attackers to discover the cleartext administrative password by reading the "var pass=" line within the HTML source code.)
Оригинальный текстdocumentkyle Lovett, Update: Full Disclosure - WD My Net N600, N750, N900, N900C - Plain Text Disclosure of Admin Credentials (12.08.2013)
 documentkyle Lovett, Full Disclosure - WD My Net N600, N750, N900, N900C - Plain Text Disclosure of Admin Credentials (29.07.2013)
 documentkyle Lovett, Western Digital My Net N600, N750, N900 and N900C - Plain text disclosure of administrative credentials (19.07.2013)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород