Информационная безопасность
[RU] switch to English


Многочисленные уязвимости в SAP Business Objects
Опубликовано:21 марта 2015 г.
Источник:
SecurityVulns ID:14343
Тип:удаленная
Уровень опасности:
6/10
Описание:Несанкционированный доступ к различным компонентам.
Затронутые продукты:SAP : BussinessObjects Edge 4.0
CVE:CVE-2015-2076 (The Auditing service in SAP BusinessObjects Edge 4.0 allows remote attackers to obtains sensitive information by reading an audit event, aka SAP Note 2011395.)
 CVE-2015-2075 (SAP BusinessObjects Edge 4.0 allows remote attackers to delete audit events from the auditee queue via a clearData CORBA operation, aka SAP Note 2011396.)
 CVE-2015-2074
 CVE-2015-2073
Оригинальный текстdocumentOnapsis Research Labs, [Onapsis Security Advisory 2015-005] SAP Business Objects Unauthorized Audit Information Access via CORBA (21.03.2015)
 documentOnapsis Research Labs, [Onapsis Security Advisory 2015-004] SAP Business Objects Unauthorized Audit Information Delete via CORBA (21.03.2015)
 documentOnapsis Research Labs, [Onapsis Security Advisory 2015-003] SAP Business Objects Unauthorized File Repository Server Write via CORBA (21.03.2015)
 documentOnapsis Research Labs, [Onapsis Security Advisory 2015-002] SAP Business Objects Unauthorized File Repository Server Read via CORBA (21.03.2015)

Многочисленные уязвимости безопасности в OpenSSL
дополнено с 20 марта 2015 г.
Опубликовано:21 марта 2015 г.
Источник:
SecurityVulns ID:14333
Тип:библиотека
Уровень опасности:
7/10
Описание:Обращения по нулевому указателю, ассерты, повреждния памяти.
Затронутые продукты:OPENSSL : OpenSSL 1.0
 OPENSSL : OpenSSL 0.9
CVE:CVE-2015-1787 (The ssl3_get_client_key_exchange function in s3_srvr.c in OpenSSL 1.0.2 before 1.0.2a, when client authentication and an ephemeral Diffie-Hellman ciphersuite are enabled, allows remote attackers to cause a denial of service (daemon crash) via a ClientKeyExchange message with a length of zero.)
 CVE-2015-0293 (The SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a allows remote attackers to cause a denial of service (s2_lib.c assertion failure and daemon exit) via a crafted CLIENT-MASTER-KEY message.)
 CVE-2015-0292 (Integer underflow in the EVP_DecodeUpdate function in crypto/evp/encode.c in the base64-decoding implementation in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted base64 data that triggers a buffer overflow.)
 CVE-2015-0291 (The sigalgs implementation in t1_lib.c in OpenSSL 1.0.2 before 1.0.2a allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) by using an invalid signature_algorithms extension in the ClientHello message during a renegotiation.)
 CVE-2015-0290 (The multi-block feature in the ssl3_write_bytes function in s3_pkt.c in OpenSSL 1.0.2 before 1.0.2a on 64-bit x86 platforms with AES NI support does not properly handle certain non-blocking I/O cases, which allows remote attackers to cause a denial of service (pointer corruption and application crash) via unspecified vectors.)
 CVE-2015-0289 (The PKCS#7 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not properly handle a lack of outer ContentInfo, which allows attackers to cause a denial of service (NULL pointer dereference and application crash) by leveraging an application that processes arbitrary PKCS#7 data and providing malformed data with ASN.1 encoding, related to crypto/pkcs7/pk7_doit.c and crypto/pkcs7/pk7_lib.c.)
 CVE-2015-0288 (The X509_to_X509_REQ function in crypto/x509/x509_req.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a might allow attackers to cause a denial of service (NULL pointer dereference and application crash) via an invalid certificate key.)
 CVE-2015-0287 (The ASN1_item_ex_d2i function in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not reinitialize CHOICE and ADB data structures, which might allow attackers to cause a denial of service (invalid write operation and memory corruption) by leveraging an application that relies on ASN.1 structure reuse.)
 CVE-2015-0286 (The ASN1_TYPE_cmp function in crypto/asn1/a_type.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not properly perform boolean-type comparisons, which allows remote attackers to cause a denial of service (invalid read operation and application crash) via a crafted X.509 certificate to an endpoint that uses the certificate-verification feature.)
 CVE-2015-0285 (The ssl3_client_hello function in s3_clnt.c in OpenSSL 1.0.2 before 1.0.2a does not ensure that the PRNG is seeded before proceeding with a handshake, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by sniffing the network and then conducting a brute-force attack.)
 CVE-2015-0209 (Use-after-free vulnerability in the d2i_ECPrivateKey function in crypto/ec/ec_asn1.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a malformed Elliptic Curve (EC) private-key file that is improperly handled during import.)
 CVE-2015-0208 (The ASN.1 signature-verification implementation in the rsa_item_verify function in crypto/rsa/rsa_ameth.c in OpenSSL 1.0.2 before 1.0.2a allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted RSA PSS parameters to an endpoint that uses the certificate-verification feature.)
 CVE-2015-0207 (The dtls1_listen function in d1_lib.c in OpenSSL 1.0.2 before 1.0.2a does not properly isolate the state information of independent data streams, which allows remote attackers to cause a denial of service (application crash) via crafted DTLS traffic, as demonstrated by DTLS 1.0 traffic to a DTLS 1.2 server.)
 CVE-2015-0204 (The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct RSA-to-EXPORT_RSA downgrade attacks and facilitate brute-force decryption by offering a weak ephemeral RSA key in a noncompliant role, related to the "FREAK" issue. NOTE: the scope of this CVE is only client code based on OpenSSL, not EXPORT_RSA issues associated with servers or other TLS implementations.)
Оригинальный текстdocumentNicholas Lemonias., Security Audit Notes: OpenSSL d1_srvr.c Overflow - Advanced Information Security (21.03.2015)
Файлы:OpenSSL Security Advisory [19 Mar 2015]

Уязвимости безопасности в Citrix Nitro
Опубликовано:21 марта 2015 г.
Источник:
SecurityVulns ID:14337
Тип:удаленная
Уровень опасности:
6/10
Описание:Межсайтовый скриптинг, инъекция команд.
Затронутые продукты:CITRIX : NetScaler 10.5
Оригинальный текстdocumentSecurify B.V., Citrix NITRO SDK xen_hotfix page is vulnerable to Cross-Site Scripting (21.03.2015)
 documentSecurify B.V., Command injection vulnerability in Citrix NITRO SDK xen_hotfix page (21.03.2015)

Многочисленные уязвимости в маршрутизаторах D-Link и TRENDnet
Опубликовано:21 марта 2015 г.
Источник:
SecurityVulns ID:14341
Тип:удаленная
Уровень опасности:
5/10
Описание:Обход аутентификации, CSRF.
Затронутые продукты:TRENDNET : TRENDnet TEW-731BR
 DLINK : D-Link DIR-810L
 DLINK : D-Link DIR-826L
 DLINK : D-Link DIR-830L
 DLINK : D-Link DIR-836L
 DLINK : D-Link DIR-820L
 DLINK : D-Link DIR-808L
Оригинальный текстdocumentPeter Adkins, D-Link and TRENDnet 'ncc2' service - multiple vulnerabilities (21.03.2015)

Многочисленные уязвимости безопасности в PHP
дополнено с 18 марта 2015 г.
Опубликовано:21 марта 2015 г.
Источник:
SecurityVulns ID:14325
Тип:библиотека
Уровень опасности:
6/10
Описание:Исчерпания ресурсов, повреждения памяти.
Затронутые продукты:PHP : PHP 5.5
 PHP : PHP 5.6
CVE:CVE-2015-2331 (Integer overflow in the _zip_cdir_new function in zip_dirent.c in libzip 0.11.2 and earlier, as used in the ZIP extension in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a ZIP archive that contains many entries, leading to a heap-based buffer overflow.)
 CVE-2015-2305 (Integer overflow in the regcomp implementation in the Henry Spencer BSD regex library (aka rxspencer) alpha3.8.g5 on 32-bit platforms, as used in NetBSD through 6.1.5 and other products, might allow context-dependent attackers to execute arbitrary code via a large regular expression that leads to a heap-based buffer overflow.)
 CVE-2015-2301 (Use-after-free vulnerability in the phar_rename_archive function in phar_object.c in PHP before 5.5.22 and 5.6.x before 5.6.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an attempted renaming of a Phar archive to the name of an existing file.)
 CVE-2015-0273 (Multiple use-after-free vulnerabilities in ext/date/php_date.c in PHP before 5.4.38, 5.5.x before 5.5.22, and 5.6.x before 5.6.6 allow remote attackers to execute arbitrary code via crafted serialized input containing a (1) R or (2) r type specifier in (a) DateTimeZone data handled by the php_date_timezone_initialize_from_hash function or (b) DateTime data handled by the php_date_initialize_from_hash function.)
 CVE-2015-0231 (Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5 allows remote attackers to execute arbitrary code via a crafted unserialize call that leverages improper handling of duplicate numerical keys within the serialized properties of an object. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-8142.)
 CVE-2014-9705 (Heap-based buffer overflow in the enchant_broker_request_dict function in ext/enchant/enchant.c in PHP before 5.4.38, 5.5.x before 5.5.22, and 5.6.x before 5.6.6 allows remote attackers to execute arbitrary code via vectors that trigger creation of multiple dictionaries.)
 CVE-2014-8117 (softmagic.c in file before 5.21 does not properly limit recursion, which allows remote attackers to cause a denial of service (CPU consumption or crash) via unspecified vectors.)
Оригинальный текстdocumentDEBIAN, [SECURITY] [DSA 3198-1] php5 security update (21.03.2015)
 documentUBUNTU, [USN-2535-1] PHP vulnerabilities (18.03.2015)

Обход аутентификации в Citrix Command Center
Опубликовано:21 марта 2015 г.
Источник:
SecurityVulns ID:14338
Тип:удаленная
Уровень опасности:
5/10
Описание:Возможен доступ к Advent JMX.
Затронутые продукты:CITRIX : Citrix Command Center 5.1
Оригинальный текстdocumentSecurify B.V., Advent JMX Servlet of Citrx Command Center is accessible to unauthenticated users (21.03.2015)

Обратный путь в каталогах DSS TFTP
Опубликовано:21 марта 2015 г.
Источник:
SecurityVulns ID:14340
Тип:удаленная
Уровень опасности:
5/10
Описание:Обратный путь в каталогах при передаче файлов.
Затронутые продукты:DSS : DSS TFTP 1.0
Оригинальный текстdocumentVulnerability Lab, DSS TFTP 1.0 Server - Path Traversal Vulnerability (21.03.2015)

Многочисленные уязвимости безопасности в EMC M&R
дополнено с 25 января 2015 г.
Опубликовано:21 марта 2015 г.
Источник:
SecurityVulns ID:14236
Тип:удаленная
Уровень опасности:
5/10
Описание:Межсайтовый скриптинг, небезопасное хранение данных, обратный путь в каталогах, загрузка произвольных файлов.
Затронутые продукты:EMC : EMC M&R 6.5
CVE:CVE-2015-0516 (Directory traversal vulnerability in EMC M&R (aka Watch4Net) before 6.5u1 and ViPR SRM before 3.6.1 allows remote authenticated users to read arbitrary files via a crafted URL.)
 CVE-2015-0515 (Unrestricted file upload vulnerability in EMC M&R (aka Watch4Net) before 6.5u1 and ViPR SRM before 3.6.1 allows remote authenticated users to execute arbitrary code by uploading and then accessing an executable file.)
 CVE-2015-0514 (EMC M&R (aka Watch4Net) before 6.5u1 and ViPR SRM before 3.6.1 might allow remote attackers to obtain cleartext data-center discovery credentials by leveraging certain SRM access to conduct a decryption attack.)
 CVE-2015-0513 (Multiple cross-site scripting (XSS) vulnerabilities in the administrative user interface in EMC M&R (aka Watch4Net) before 6.5u1 and ViPR SRM before 3.6.1 allow remote authenticated users to inject arbitrary web script or HTML by leveraging privileged access to set crafted values of unspecified fields.)
Оригинальный текстdocumentSecurify B.V., EMC M&R (Watch4net) data storage collector credentials are not properly protected (21.03.2015)
 documentSecurify B.V., Cross-Site Scripting vulnerability in EMC M&R (Watch4net) Web Portal Report Favorites (21.03.2015)
 documentSecurify B.V., Cross-Site Scripting vulnerability in EMC M&R (Watch4net) Centralized Management Console (21.03.2015)
 documentSecurify B.V., Cross-Site Scripting vulnerability in EMC M&R (Watch4net) Alerting Frontend (21.03.2015)
 documentSecurify B.V., Path traversal vulnerability in EMC M&R (Watch4net) MIB Browser (21.03.2015)
 documentSecurify B.V., Path traversal vulnerability in EMC M&R (Watch4net) Device Discovery (21.03.2015)
 documentEMC, ESA-2015-004: EMC M&R (Watch4Net) Multiple Vulnerabilities (25.01.2015)

DoS против Apache Xerces-C
Опубликовано:21 марта 2015 г.
Источник:
SecurityVulns ID:14334
Тип:библиотека
Уровень опасности:
5/10
Описание:Повреждение памяти при разборе XML.
Затронутые продукты:APACHE : Xerces-C 3.1
CVE:CVE-2015-0252 (internal/XMLReader.cpp in Apache Xerces-C before 3.1.2 allows remote attackers to cause a denial of service (segmentation fault and crash) via crafted XML data.)
Оригинальный текстdocumentCantor, Scott E., Xerces-C Security Advisory [CVE-2015-0252] (21.03.2015)

Выполнение кода в Viber
Опубликовано:21 марта 2015 г.
Источник:
SecurityVulns ID:14335
Тип:m-i-t-m
Уровень опасности:
4/10
Описание:Небезопасные интерфейс Javascript в сочетании с передачей данных через незащищенное подключение.
Затронутые продукты:VIBER : Viber 5.2
Оригинальный текстdocumentSecurify B.V., Viber for Android exposes insecure Javascript interface (21.03.2015)

Утечка информации в Jetty
Опубликовано:21 марта 2015 г.
Источник:
SecurityVulns ID:14342
Тип:удаленная
Уровень опасности:
6/10
Описание:Утечка содержимого буферов памяти.
Затронутые продукты:JETTY : Jetty 9.2
CVE:CVE-2015-2080
Оригинальный текстdocumentrgutierrez_(at)_gdssecurity.com, GDS Labs Alert [CVE-2015-2080] - JetLeak Vulnerability: Remote Leakage Of Shared Buffers In Jetty Web Server (21.03.2015)

Многочисленные уязвимости безопасности в Apple Mac OS X
дополнено с 16 марта 2015 г.
Опубликовано:21 марта 2015 г.
Источник:
SecurityVulns ID:14319
Тип:библиотека
Уровень опасности:
6/10
Описание:Переполнения буфера, DoS, повреждения памяти, обход ограничений, слабая криптография.
Затронутые продукты:APPLE : MacOS X 10.10
CVE:CVE-2015-1067 (Secure Transport in Apple iOS before 8.2, Apple OS X through 10.10.2, and Apple TV before 7.1 does not properly restrict TLS state transitions, which makes it easier for remote attackers to conduct cipher-downgrade attacks to EXPORT_RSA ciphers via crafted TLS traffic, related to the "FREAK" issue, a different vulnerability than CVE-2015-0204 and CVE-2015-1637.)
 CVE-2015-1066 (Off-by-one error in IOAcceleratorFamily in Apple OS X through 10.10.2 allows attackers to execute arbitrary code in a privileged context via a crafted app.)
 CVE-2015-1065 (Multiple buffer overflows in iCloud Keychain in Apple iOS before 8.2 and Apple OS X through 10.10.2 allow man-in-the-middle attackers to execute arbitrary code by modifying the client-server data stream during keychain recovery.)
 CVE-2015-1061 (IOSurface in Apple iOS before 8.2, Apple OS X through 10.10.2, and Apple TV before 7.1 allows attackers to execute arbitrary code in a privileged context via a crafted app that leverages "type confusion" during serialized-object handling.)
 CVE-2014-4496 (The mach_port_kobject interface in the kernel in Apple iOS before 8.1.3 and Apple TV before 7.0.3 does not properly restrict kernel-address and heap-permutation information, which makes it easier for attackers to bypass the ASLR protection mechanism via a crafted app.)
Оригинальный текстdocumentAPPLE, APPLE-SA-2015-03-19-1 Security Update 2015-003 (21.03.2015)
 documentAPPLE, APPLE-SA-2015-03-09-3 Security Update 2015-002 (16.03.2015)

Межсайтовый скриптинг в Citrix NetScaler VPX
Опубликовано:21 марта 2015 г.
Источник:
SecurityVulns ID:14336
Тип:удаленная
Уровень опасности:
5/10
Описание:Межсайтовый скриптинг в страницах помощи.
Затронутые продукты:CITRIX : NetScaler 10.5
Оригинальный текстdocumentSecurify B.V., Citrix NetScaler VPX help pages are vulnerable to Cross-Site Scripting (21.03.2015)

Межсайтовый скриптинг в SAP HANA
Опубликовано:21 марта 2015 г.
Источник:
SecurityVulns ID:14344
Тип:библиотека
Уровень опасности:
5/10
Описание:Межсайтовый скриптинг в компонентах разработки.
Затронутые продукты:SAP : HANA 73
CVE:CVE-2015-2072 (Multiple cross-site scripting (XSS) vulnerabilities in SAP HANA 73 (1.00.73.00.389160) and HANA Developer Edition 80 (1.00.80.00.391861) allow remote attackers to inject arbitrary web script or HTML via unspecified vectors to (1) ide/core/plugins/editor/templates/trace/hanaTraceDetailService.xsjs or (2) xs/ide/editor/templates/trace/hanaTraceDetailService.xsjs, aka SAP Note 2069676.)
Оригинальный текстdocumentOnapsis Research Labs, [Onapsis Security Advisory 2015-001] Multiple Reflected Cross Site Scripting Vulnerabilities in SAP HANA Web-based Development Workbench (21.03.2015)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород