Информационная безопасность
[RU] switch to English


Многочисленные уязвимости безопасности в беспроводных маршрутизаторах Sitecom
Опубликовано:20 августа 2013 г.
Источник:
SecurityVulns ID:13254
Тип:удаленная
Уровень опасности:
6/10
Описание:Недокументированные неотключаемые учетные записи и доступ через telnet, слабая генерация начальных паролей.
Затронутые продукты:SITECOM : Sitecom N300
 SITECOM : Sitecom N600
Оригинальный текстdocumentroberto.paleari_(at)_emaze.net, Multiple vulnerabilities on Sitecom N300/N600 devices (20.08.2013)

Многочисленные уязвимости безопасности в Mozilla Firefox / Seamonkey
дополнено с 6 апреля 2010 г.
Опубликовано:20 августа 2013 г.
Источник:
SecurityVulns ID:10745
Тип:удаленная
Уровень опасности:
8/10
Описание:Многочисленные повреждения памяти, целочисленные переполнения, переполнения индексов массивов, выполнение кода, утечка информации.
Затронутые продукты:MOZILLA : Thunderbird 2.0
 MOZILLA : SeaMonkey 1.1
 MOZILLA : Firefox 3.5
 MOZILLA : Firefox 3.6
CVE:CVE-2010-1121 (Mozilla Firefox 3.6.x before 3.6.3 does not properly manage the scopes of DOM nodes that are moved from one document to another, which allows remote attackers to conduct use-after-free attacks and execute arbitrary code via unspecified vectors involving improper interaction with garbage collection, as demonstrated by Nils during a Pwn2Own competition at CanSecWest 2010.)
 CVE-2010-1028 (Integer overflow in the decompression functionality in the Web Open Fonts Format (WOFF) decoder in Mozilla Firefox 3.6 before 3.6.2 and 3.7 before 3.7 alpha 3 allows remote attackers to execute arbitrary code via a crafted WOFF file that triggers a buffer overflow, as demonstrated by the vd_ff module in VulnDisco 9.0.)
 CVE-2010-0182 (The XMLDocument::load function in Mozilla Firefox before 3.5.9 and 3.6.x before 3.6.2, Thunderbird before 3.0.4, and SeaMonkey before 2.0.4 does not perform the expected nsIContentPolicy checks during loading of content by XML documents, which allows attackers to bypass intended access restrictions via crafted content.)
 CVE-2010-0181 (Mozilla Firefox before 3.5.9 and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, executes a mail application in situations where an IMG element has a SRC attribute that is a redirect to a mailto: URL, which allows remote attackers to cause a denial of service (excessive application launches) via an HTML document with many images.)
 CVE-2010-0179 (Mozilla Firefox before 3.0.19 and 3.5.x before 3.5.8, and SeaMonkey before 2.0.3, when the XMLHttpRequestSpy module in the Firebug add-on is used, does not properly handle interaction between the XMLHttpRequestSpy object and chrome privileged objects, which allows remote attackers to execute arbitrary JavaScript via a crafted HTTP response.)
 CVE-2010-0178 (Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, does not prevent applets from interpreting mouse clicks as drag-and-drop actions, which allows remote attackers to execute arbitrary JavaScript with Chrome privileges by loading a chrome: URL and then loading a javascript: URL.)
 CVE-2010-0177 (Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, frees the contents of the window.navigator.plugins array while a reference to an array element is still active, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors, related to a "dangling pointer vulnerability.")
 CVE-2010-0176 (Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2; Thunderbird before 3.0.4; and SeaMonkey before 2.0.4 do not properly manage reference counts for option elements in a XUL tree optgroup, which might allow remote attackers to execute arbitrary code via unspecified vectors that trigger access to deleted elements, related to a "dangling pointer vulnerability.")
 CVE-2010-0175 (Use-after-free vulnerability in the nsTreeSelection implementation in Mozilla Firefox before 3.0.19 and 3.5.x before 3.5.9, Thunderbird before 3.0.4, and SeaMonkey before 2.0.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors that trigger a call to the handler for the select event for XUL tree items.)
 CVE-2010-0174 (Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2; Thunderbird before 3.0.4; and SeaMonkey before 2.0.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.)
 CVE-2010-0173 (Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.9 and 3.6.x before 3.6.2, Thunderbird before 3.0.4, and SeaMonkey before 2.0.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.)
 CVE-2010-0172 (toolkit/components/passwordmgr/src/nsLoginManagerPrompter.js in the asynchronous Authorization Prompt implementation in Mozilla Firefox 3.6 before 3.6.2 does not properly handle concurrent authorization requests from multiple web sites, which might allow remote web servers to spoof an authorization dialog and capture credentials by demanding HTTP authentication in opportunistic circumstances.)
 CVE-2010-0171 (Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.x before 3.6.2; Thunderbird before 3.0.2; and SeaMonkey before 2.0.3 allow remote attackers to perform cross-origin keystroke capture, and possibly conduct cross-site scripting (XSS) attacks, by using the addEventListener and setTimeout functions in conjunction with a wrapped object. NOTE: this vulnerability exists because of an incomplete fix for CVE-2007-3736.)
 CVE-2010-0170 (Mozilla Firefox 3.6 before 3.6.2 does not offer plugins the expected window.location protection mechanism, which might allow remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via vectors that are specific to each affected plugin.)
 CVE-2010-0169 (The CSSLoaderImpl::DoSheetComplete function in layout/style/nsCSSLoader.cpp in Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.x before 3.6.2; Thunderbird before 3.0.2; and SeaMonkey before 2.0.3 changes the case of certain strings in a stylesheet before adding this stylesheet to the XUL cache, which might allow remote attackers to modify the browser's font and other CSS attributes, and potentially disrupt rendering of a web page, by forcing the browser to perform this erroneous stylesheet caching.)
 CVE-2010-0168 (The nsDocument::MaybePreLoadImage function in content/base/src/nsDocument.cpp in the image-preloading implementation in Mozilla Firefox 3.6 before 3.6.2 does not apply scheme restrictions and policy restrictions to the image's URL, which might allow remote attackers to cause a denial of service (application crash or hang) or hijack the functionality of the browser's add-ons via a crafted SRC attribute of an IMG element, as demonstrated by remote command execution through an ssh: URL in a configuration that supports gnome-vfs with a nonstandard network.gnomevfs.supported-protocols setting.)
 CVE-2010-0167 (The browser engine in Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.x before 3.6.2; Thunderbird before 3.0.2; and SeaMonkey before 2.0.3 allows remote attackers to cause a denial of service (memory corruption and application crash) and possibly execute arbitrary code via vectors related to (1) layout/generic/nsBlockFrame.cpp and (2) the _evaluate function in modules/plugin/base/src/nsNPAPIPlugin.cpp.)
 CVE-2010-0166 (The gfxTextRun::SanitizeGlyphRuns function in gfx/thebes/src/gfxFont.cpp in the browser engine in Mozilla Firefox 3.6 before 3.6.2 on Mac OS X, when the Core Text API is used, does not properly perform certain deletions, which allows remote attackers to cause a denial of service (memory corruption and application crash) and possibly execute arbitrary code via an HTML document containing invisible Unicode characters, as demonstrated by the U+FEFF, U+FFF9, U+FFFA, and U+FFFB characters.)
 CVE-2010-0165 (The TraceRecorder::traverseScopeChain function in js/src/jstracer.cpp in the browser engine in Mozilla Firefox 3.6 before 3.6.2 allows remote attackers to cause a denial of service (memory corruption and application crash) and possibly execute arbitrary code via vectors involving certain indirect calls to the JavaScript eval function.)
 CVE-2010-0164 (Use-after-free vulnerability in the imgContainer::InternalAddFrameHelper function in src/imgContainer.cpp in libpr0n in Mozilla Firefox 3.6 before 3.6.2 allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via a multipart/x-mixed-replace animation in which the frames have different bits-per-pixel (bpp) values.)
 CVE-2010-0163 (Mozilla Thunderbird before 2.0.0.24 and SeaMonkey before 1.1.19 process e-mail attachments with a parser that performs casts and line termination incorrectly, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted message, related to message indexing.)
 CVE-2010-0161 (The nsAuthSSPI::Unwrap function in extensions/auth/nsAuthSSPI.cpp in Mozilla Thunderbird before 2.0.0.24 and SeaMonkey before 1.1.19 on Windows Vista, Windows Server 2008 R2, and Windows 7 allows remote SMTP, IMAP, and POP servers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via crafted data in a session that uses SSPI.)
 CVE-2009-3555 (The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a "plaintext injection" attack, aka the "Project Mogul" issue.)
 CVE-2009-3385 (The mail component in Mozilla SeaMonkey before 1.1.19 does not properly restrict execution of scriptable plugin content, which allows user-assisted remote attackers to obtain sensitive information via crafted content in an IFRAME element in an HTML e-mail message, as demonstrated by a Flash object that sends arbitrary local files during a reply or forward operation.)
 CVE-2009-3075 (Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.2, allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.)
 CVE-2009-3072 (Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.)
 CVE-2009-2463 (Integer overflow in a base64 decoding function in Mozilla Firefox before 3.0.12 and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.)
Оригинальный текстdocumentgeinblues_(at)_gmail.com, x90c WOFF Firefox 1day exploit (20.08.2013)
 documentZDI, ZDI-10-063: Mozilla Firefox Cross Document DOM Node Moving Code Execution Vulnerability (06.04.2010)
 documentZDI, ZDI-10-050: Mozilla Firefox nsTreeSelection EventListener Remote Code Execution Vulnerability (06.04.2010)
 documentZDI, ZDI-10-049: Mozilla Firefox PluginArray nsMimeType Dangling Pointer Remote Code Execution Vulnerability (06.04.2010)
 documentZDI, ZDI-10-048: Mozilla Firefox nsTreeContentView Dangling Pointer Remote Code Execution Vulnerability (06.04.2010)
 documentMOZILLA, Mozilla Foundation Security Advisory 2010-25 (06.04.2010)
 documentMOZILLA, Mozilla Foundation Security Advisory 2010-24 (06.04.2010)
 documentMOZILLA, Mozilla Foundation Security Advisory 2010-23 (06.04.2010)
 documentMOZILLA, Mozilla Foundation Security Advisory 2010-22 (06.04.2010)
 documentMOZILLA, Mozilla Foundation Security Advisory 2010-21 (06.04.2010)
 documentMOZILLA, Mozilla Foundation Security Advisory 2010-20 (06.04.2010)
 documentMOZILLA, Mozilla Foundation Security Advisory 2010-19 (06.04.2010)
 documentMOZILLA, Mozilla Foundation Security Advisory 2010-18 (06.04.2010)
 documentMOZILLA, Mozilla Foundation Security Advisory 2010-17 (06.04.2010)
 documentMOZILLA, Mozilla Foundation Security Advisory 2010-16 (06.04.2010)
 documentMOZILLA, Mozilla Foundation Security Advisory 2010-15 (06.04.2010)
 documentMOZILLA, Mozilla Foundation Security Advisory 2010-14 (06.04.2010)
 documentMOZILLA, Mozilla Foundation Security Advisory 2010-13 (06.04.2010)
 documentMOZILLA, Mozilla Foundation Security Advisory 2010-12 (06.04.2010)
 documentMOZILLA, Mozilla Foundation Security Advisory 2010-11 (06.04.2010)
 documentMOZILLA, Mozilla Foundation Security Advisory 2010-10 (06.04.2010)
 documentMOZILLA, Mozilla Foundation Security Advisory 2010-09 (06.04.2010)
 documentMOZILLA, Mozilla Foundation Security Advisory 2010-08 (06.04.2010)
 documentMOZILLA, Mozilla Foundation Security Advisory 2010-07 (06.04.2010)
 documentMOZILLA, Mozilla Foundation Security Advisory 2010-06 (06.04.2010)
 documentZDI, ZDI-10-046: Mozilla Firefox Web Worker Array Remote Code Execution Vulnerability (06.04.2010)
 documentZDI, ZDI-10-047: Mozilla Firefox libpr0n imgContainer Bits-Per-Pixel Change Remote Code Execution Vulnerability (06.04.2010)
Файлы:MFSA2010-08 WOFF Heap Corruption due to Integer Overflow 1day exploit

Обход аутентификации в точках доступа Linksys EA
дополнено с 8 июля 2013 г.
Опубликовано:20 августа 2013 г.
Источник:
SecurityVulns ID:13156
Тип:удаленная
Уровень опасности:
6/10
Описание:Возможен доступ к страницам веб-администрирования без аутентификации.
Затронутые продукты:CISCO : Linksys EA2700
 CISCO : Linksys EA3500
 CISCO : Linksys EA4200
 CISCO : Linksys EA4500
CVE:CVE-2013-5122
Оригинальный текстdocumentkyle Lovett, Update: Linksys EA2700, EA3500, E4200v2, EA4500 Unspecified unauthenticated remote access (20.08.2013)
 documentkyle Lovett, Linksys EA - 2700, 3500, 4200, 4500 w/ Lighttpd 1.4.28 Unauthenticated Remote Administration Access (08.07.2013)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород