Информационная безопасность
[RU] switch to English


Многочисленные уязвимости безопасности в Docker
дополнено с 1 декабря 2014 г.
Опубликовано:22 декабря 2014 г.
Источник:
SecurityVulns ID:14116
Тип:локальная
Уровень опасности:
5/10
Описание:Проблема символьных линков, обратный путь в каталогах, повышение привилегий.
Затронутые продукты:DOCKER : Docker 1.3
CVE:CVE-2014-9358 (Docker before 1.3.3 does not properly validate image IDs, which allows remote attackers to conduct path traversal attacks and spoof repositories via a crafted image in a (1) "docker load" operation or (2) "registry communications.")
 CVE-2014-9357 (Docker 1.3.2 allows remote attackers to execute arbitrary code with root privileges via a crafted (1) image or (2) build in a Dockerfile in an LZMA (.xz) archive, related to the chroot for archive extraction.)
 CVE-2014-9356
 CVE-2014-5277 (Docker before 1.3.1 and docker-py before 0.5.3 fall back to HTTP when the HTTPS connection to the registry fails, which allows man-in-the-middle attackers to conduct downgrade attacks and obtain authentication and image data by leveraging a network position between the client and the registry to block HTTPS traffic.)
Оригинальный текстdocumentDOCKER, Docker 1.3.3 - Security Advisory [11 Dec 2014] (22.12.2014)
 documentDOCKER, Docker 1.3.2 - Security Advisory [24 Nov 2014] (01.12.2014)

Доступ к файлам в git-клиенте Apple Xcode
Опубликовано:22 декабря 2014 г.
Источник:
SecurityVulns ID:14154
Тип:клиент
Уровень опасности:
5/10
Описание:Некорректная работа с регистром символов в путях служебных файлов.
Затронутые продукты:APPLE : XCode 6.2
CVE:CVE-2014-9390
Оригинальный текстdocumentAPPLE, APPLE-SA-2014-12-18-1 Xcode 6.2 beta 3 (22.12.2014)

Cводка уязвимостей безопасности в Web-приложениях (PHP, ASP, JSP, CGI, Perl)
Опубликовано:22 декабря 2014 г.
Источник:
SecurityVulns ID:14155
Тип:удаленная
Уровень опасности:
5/10
Описание:Инъекции PHP, инъекции SQL, обратный путь в каталогах, межсайтовый скриптинг, модификация файлов, утечка информации и т.д.
Затронутые продукты:CREATIVEMINDSSOL : cm-download-manager 2.0
 BIRDFEEDER : Bird Feeder 1.2
 KONKART : Konakart 7.3
 FUZZYLIME : Fuzzylime 3.03
 MEDIAWIKI : mediawiki 1.19
 MORFYCMS : Morfy CMS 1.05
 REVIVEADSERVER : Revive Adserver 3,0
 RESOURCESPACE : ResourceSpace 6.4
 WORDPRESS : W3 Total Cache 0.9
 PAPOO : Papoo Light 6.0
 PHPMYADMIN : phpmyadmin 4.2
 PBBOARD : PBBoard 3.0
 CONCRETE5 : Concrete5 CMS 5.7
 PHPTRAFFICA : phpTrafficA 2.3
 TWIKI : Twiki 6.0
 ITWITTER : iTwitter 0.04
 JEASECMS : Jease CMS 2.11
 ELEFANTCMS : Elefant CMS 1.3
CVE:CVE-2014-9367 (Incomplete blacklist vulnerability in the urlEncode function in lib/TWiki.pm in TWiki 6.0.0 and 6.0.1 allows remote attackers to conduct cross-site scripting (XSS) attacks via a "'" (single quote) in the scope parameter to do/view/TWiki/WebSearch.)
 CVE-2014-9325 (Multiple cross-site scripting (XSS) vulnerabilities in TWiki 6.0.1 allow remote attackers to inject arbitrary web script or HTML via the (1) QUERYSTRING variable in lib/TWiki.pm or (2) QUERYPARAMSTRING variable in lib/TWiki/UI/View.pm, as demonstrated by the QUERY_STRING to do/view/Main/TWikiPreferences.)
 CVE-2014-9277 (The wfMangleFlashPolicy function in OutputHandler.php in MediaWiki before 1.19.22, 1.20.x through 1.22.x before 1.22.14, and 1.23.x before 1.23.7 allows remote attackers to conduct PHP object injection attacks via a crafted string containing <cross-domain-policy> in a PHP format request, which causes the string length to change when converting the request to <NOT-cross-domain-policy>.)
 CVE-2014-9219 (Cross-site scripting (XSS) vulnerability in the redirection feature in url.php in phpMyAdmin 4.2.x before 4.2.13.1 allows remote attackers to inject arbitrary web script or HTML via the url parameter.)
 CVE-2014-9218 (libraries/common.inc.php in phpMyAdmin 4.0.x before 4.0.10.7, 4.1.x before 4.1.14.8, and 4.2.x before 4.2.13.1 allows remote attackers to cause a denial of service (resource consumption) via a long password.)
 CVE-2014-9215 (SQL injection vulnerability in the CheckEmail function in includes/functions.class.php in PBBoard 3.0.1 before 20141128 allows remote attackers to execute arbitrary SQL commands via the email parameter in the register page to index.php. NOTE: the email parameter in the forget page vector is already covered by CVE-2012-4034.2.)
 CVE-2014-9129 (Cross-site request forgery (CSRF) vulnerability in the CreativeMinds CM Downloads Manager plugin before 2.0.7 for WordPress allows remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the addons_title parameter in the CMDM_admin_settings page to wp-admin/admin.php.)
 CVE-2014-8875 (The XML_RPC_cd function in lib/pear/XML/RPC.php in Revive Adserver before 3.0.6 allows remote attackers to cause a denial of service (CPU and memory consumption) via a crafted XML-RPC request, aka an XML Entity Expansion (XEE) attack.)
 CVE-2014-8793 (Cross-site scripting (XSS) vulnerability in lib/max/Admin/UI/Field/PublisherIdField.php in Revive Adserver before 3.0.6 allows remote attackers to inject arbitrary web script or HTML via the refresh_page parameter to www/admin/report-generate.php.)
 CVE-2014-8724 (Cross-site scripting (XSS) vulnerability in the W3 Total Cache plugin before 0.9.4.1 for WordPress, when debug mode is enabled, allows remote attackers to inject arbitrary web script or HTML via the "Cache key" in the HTML-Comments, as demonstrated by the PATH_INFO to the default URI.)
 CVE-2014-8340 (SQL injection vulnerability in Php/Functions/log_function.php in phpTrafficA 2.3 and earlier allows remote attackers to execute arbitrary SQL commands via a User-Agent HTTP header.)
 CVE-2014-2026 (Cross-site scripting (XSS) vulnerability in the search functionality in United Planet Intrexx Professional before 5.2 Online Update 0905 and 6.x before 6.0 Online Update 10 allows remote attackers to inject arbitrary web script or HTML via the request parameter.)
 CVE-2014-2025
Оригинальный текстdocumentpetri.iivonen_(at)_tmbc.gov.uk, ResourceSpace Multiple Cross Site Scripting, and HTML and SQL Injection Vulnerabilities (22.12.2014)
 documentDaniel Geerts, [CVE-2014-8340] phpTrafficA SQL injection (22.12.2014)
 documentsimo_(at)_morxploit.com, Concrete5 CMS Reflected Cross-Site Scripting Vulnerabilities (22.12.2014)
 documentsahm_(at)_post.com, CMS Made Simple PHP Code Injection Vulnerability (All versions) (22.12.2014)
 documenttien.d.tran_(at)_itas.vn, CVE-2014-9215 - SQL Injection in PBBoard CMS (22.12.2014)
 documenthenri_(at)_nerv.fi, CVE-2014-9129: XSS and CSRF in CM Download Manager plugin for WordPress (22.12.2014)
 documentDEBIAN, [SECURITY] [DSA 3100-1] mediawiki security update (22.12.2014)
 documentMANDRIVA, [ MDVSA-2014:243 ] phpmyadmin (22.12.2014)
 documentChristian Schneider, CVE-2014-2025 Remote Code Execution (RCE) in "Intrexx Professional" (22.12.2014)
 documentChristian Schneider, CVE-2014-2026 Reflected Cross-Site Scripting (XSS) in "Intrexx Professional" (22.12.2014)
 documentsteffen.roesemann1986_(at)_gmail.com, Persistent XSS Vulnerability in CMS Papoo Light v6.0.0 Rev. 4701 (22.12.2014)
 documentMazin Ahmed, W3TotalFail: W3 Total Cache v 0.9.4 CSRF Vulnerability that Leads to Full Deface (22.12.2014)
 documentVulnerability Lab, Elefant CMS v1.3.9 - Persistent Name Update Vulnerability (22.12.2014)
 documentVulnerability Lab, Fuzzylime v3.03b CMS - CS Cross Scripting Vulnerability (22.12.2014)
 documentVulnerability Lab, Konakart v7.3.0.1 CMS - CS Cross Site Web Vulnerability (22.12.2014)
 documentMatteo Beccati, [REVIVE-SA-2014-002] Revive Adserver 3.0.6 and 3.1.0 fix multiple vulnerabilities (22.12.2014)
 documentTobias Glemser, secuvera-SA-2014-01: Reflected XSS in W3 Total Cache (22.12.2014)
 documentHigh-Tech Bridge Security Research, Cross-Site Scripting (XSS) in Revive Adserver (22.12.2014)
 documentVulnerability Lab, Bird Feeder v1.2.3 WP Plugin - CSRF & XSS Vulnerability (22.12.2014)
 documentVulnerability Lab, Morfy CMS v1.05 - Command Execution Vulnerability (22.12.2014)
 documentVulnerability Lab, Jease CMS v2.11 - Persistent UI Web Vulnerability (22.12.2014)
 documentVulnerability Lab, iTwitter v0.04 WP Plugin - XSS & CSRF Web Vulnerability (22.12.2014)
 documentVulnerability Lab, E-Journal CMS (ID) - Multiple Web Vulnerabilities (22.12.2014)
 documentOnur Yilmaz, TWiki Security Advisory - XSS Vulnerability - CVE-2014-9325 (22.12.2014)
 documentOnur Yilmaz, TWiki Security Advisory - XSS Vulnerability - CVE-2014-9367 (22.12.2014)

Уязвимости безопасноси в NetIQ eDirectory NDS iMonitor
Опубликовано:22 декабря 2014 г.
Источник:
SecurityVulns ID:14156
Тип:удаленная
Уровень опасности:
5/10
Описание:Межсайтовый скриптинг, утечка информации.
Затронутые продукты:NETIQ : eDirectory NDS iMonitor 8.8
CVE:CVE-2014-5213 (nds/files/opt/novell/eDirectory/lib64/ndsimon/public/images in iMonitor in Novell eDirectory before 8.8 SP8 Patch 4 allows remote authenticated users to obtain sensitive information from process memory via a direct request.)
 CVE-2014-5212 (Cross-site scripting (XSS) vulnerability in nds/search/data in iMonitor in Novell eDirectory before 8.8 SP8 Patch 4 allows remote attackers to inject arbitrary web script or HTML via the rdn parameter.)
Оригинальный текстdocumentSEC Consult Vulnerability Lab, SEC Consult SA-20141219-0 :: XSS & Memory Disclosure vulnerabilities in NetIQ eDirectory NDS iMonitor (22.12.2014)

Многочисленные уязвимости безопасности в NetIQ Access Manager
Опубликовано:22 декабря 2014 г.
Источник:
SecurityVulns ID:14157
Тип:удаленная
Уровень опасности:
6/10
Описание:XXE, CSRF, XXS, раскрытие информации.
Затронутые продукты:NETIQ : NetIQ Access Manager 4.0
CVE:CVE-2014-5217 (Cross-site request forgery (CSRF) vulnerability in nps/servlet/webacc in the Administration Console server in NetIQ Access Manager (NAM) 4.x before 4.1 allows remote attackers to hijack the authentication of administrators for requests that change the administrative password via an fw.SetPassword action.)
 CVE-2014-5216 (Multiple cross-site scripting (XSS) vulnerabilities in NetIQ Access Manager (NAM) 4.x before 4.0.1 HF3 allow remote attackers to inject arbitrary web script or HTML via (1) the location parameter in a dev.Empty action to nps/servlet/webacc, (2) the error parameter to nidp/jsp/x509err.jsp, (3) the lang parameter to sslvpn/applet_agent.jsp, or (4) the secureLoggingServersA parameter to roma/system/cntl, a different issue than CVE-2014-9412.)
 CVE-2014-5215 (NetIQ Access Manager (NAM) 4.x before 4.0.1 HF3 allows remote authenticated administrators to discover service-account passwords via a request to (1) roma/jsp/volsc/monitoring/dev_services.jsp or (2) roma/jsp/debug/debug.jsp.)
 CVE-2014-5214 (nps/servlet/webacc in iManager in the Administration Console server in NetIQ Access Manager (NAM) 4.x before 4.0.1 HF3 allows remote authenticated novlwww users to read arbitrary files via a query parameter containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.)
Оригинальный текстdocumentSEC Consult Vulnerability Lab, SEC Consult SA-20141218-2 :: Multiple high risk vulnerabilities in NetIQ Access Manager (22.12.2014)

Многочисленные уязвимости безопасности в приложениях SAP
дополнено с 4 августа 2014 г.
Опубликовано:22 декабря 2014 г.
Источник:
SecurityVulns ID:13902
Тип:удаленная
Уровень опасности:
7/10
Описание:Несанкционированный доступ, межсайтовый скриптинг, бэкдор-эккаунт, обход аутентификации, незашифрованная передача пароля.
CVE:CVE-2013-3678 (Multiple unspecified vulnerabilities in SAP Governance, Risk, and Compliance (GRC) allow remote authenticated users to gain privileges and execute arbitrary programs via a crafted (1) RFC or (2) SOAP-RFC request.)
Оригинальный текстdocumentOnapsis Research Labs, [Onapsis Security Advisory 2014-034] SAP Business Objects Search Token Privilege Escalation via CORBA (22.12.2014)
 documentESNC Security, [ESNC-2039348] Multiple Critical Security Vulnerabilities in SAP Governance, Risk and Compliance (SAP GRC) (01.12.2014)
 documentAlexandre Herzog, SAP Security Note 1908531 - XXE in BusinessObjects Explorer (14.10.2014)
 documentAlexandre Herzog, SAP Security Note 1908647 - Cross Site Flashing in BusinessObjects Explorer (14.10.2014)
 documentAlexandre Herzog, SAP Security Note 1908562 - Port scanning in BusinessObjects Explorer (14.10.2014)
 documentOnapsis Research Labs, [Onapsis Security Advisory 2014-032] SAP BusinessObjects Persistent Cross Site Scripting (14.10.2014)
 documentOnapsis Research Labs, [Onapsis Security Advisory 2014-029] SAP Business Objects Information Disclosure (14.10.2014)
 documentOnapsis Research Labs, [Onapsis Security Advisory 2014-030] SAP Business Objects Denial of Service via CORBA (14.10.2014)
 documentOnapsis Research Labs, [Onapsis Security Advisory 2014-031] SAP Business Objects Information Disclosure via CORBA (14.10.2014)
 documentOnapsis Research Labs, [Onapsis Security Advisory 2014-033] SAP Business Warehouse Missing Authorization Check (14.10.2014)
 documentOnapsis Research Labs, [Onapsis Security Advisory 2014-027] SAP HANA Multiple Reflected Cross Site Scripting Vulnerabilities (14.10.2014)
 documentOnapsis Research Labs, [Onapsis Security Advisory 2014-028] SAP HANA Web-based Development Workbench Code Injection (14.10.2014)
 documentOnapsis Research Labs, [Onapsis Security Advisory 2014-026] Missing authorization check in function modules of BW-SYS-DB-DB4 (04.08.2014)
 documentOnapsis Research Labs, [Onapsis Security Advisory 2014-025] Multiple Cross Site Scripting Vulnerabilities in SAP HANA XS Administration Tool (04.08.2014)
 documentOnapsis Research Labs, [Onapsis Security Advisory 2014-024] Hard-coded Username in SAP FI Manager Self-Service (04.08.2014)
 documentOnapsis Research Labs, [Onapsis Security Advisory 2014-023] HTTP verb tampering issue in SAP_JTECHS (04.08.2014)
 documentOnapsis Research Labs, [Onapsis Security Advisory 2014-022] SAP HANA IU5 SDK Authentication Bypass (04.08.2014)
 documentOnapsis Research Labs, [Onapsis Security Advisory 2014-021] SAP HANA XS Missing encryption in form-based authentication (04.08.2014)

Выполнение кода в GParted
Опубликовано:22 декабря 2014 г.
Источник:
SecurityVulns ID:14158
Тип:локальная
Уровень опасности:
5/10
Описание:Инъекция команд.
Затронутые продукты:GPARTED : GParted 0.15
CVE:CVE-2014-7208 (GParted before 0.15.0 allows local users to execute arbitrary commands with root privileges via shell metacharacters in a crafted filesystem label.)
Оригинальный текстdocumentSEC Consult Vulnerability Lab, SEC Consult SA-20141218-1 :: OS command execution vulnerability in GParted (22.12.2014)

DoS против POP3 в HP OpenVMS
Опубликовано:22 декабря 2014 г.
Источник:
SecurityVulns ID:14159
Тип:удаленная
Уровень опасности:
5/10
Затронутые продукты:HP : OpenVMS TCPIP 5.7
CVE:CVE-2014-7880 (Multiple unspecified vulnerabilities in the POP implementation in HP OpenVMS TCP/IP 5.7 before ECO5 allow remote attackers to cause a denial of service via unspecified vectors.)
Оригинальный текстdocumentHP, [security bulletin] HPSBOV03225 rev.1 - HP OpenVMS running POP, Remote Denial of Service (DoS) (22.12.2014)

Уязвимости безопасности в различных версиях mailx
Опубликовано:22 декабря 2014 г.
Источник:
SecurityVulns ID:14160
Тип:библиотека
Уровень опасности:
7/10
Описание:Инъекция шел-символов.
CVE:CVE-2014-7844
 CVE-2004-2771 (The expand function in fio.c in Heirloom mailx 12.5 and earlier and BSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in an email address.)
Оригинальный текстdocumentDEBIAN, [SECURITY] [DSA 3104-1] bsd-mailx security update (22.12.2014)
 documentDEBIAN, [SECURITY] [DSA 3105-1] heirloom-mailx security update (22.12.2014)

Многочисленные уязвимости безопасности в ettercap
Опубликовано:22 декабря 2014 г.
Источник:
SecurityVulns ID:14161
Тип:удаленная
Уровень опасности:
6/10
Описание:Многочисленные повреждения памяти при разборе различных протоколов.
Затронутые продукты:ETTERCAP : Ettercap 8.1
CVE:CVE-2014-9381 (Integer signedness error in the dissector_cvs function in dissectors/ec_cvs.c in Ettercap 0.8.1 allows remote attackers to cause a denial of service (crash) via a crafted password, which triggers a large memory allocation.)
 CVE-2014-9380 (The dissector_cvs function in dissectors/ec_cvs.c in Ettercap 0.8.1 allows remote attackers to cause a denial of service (out-of-bounds read) via a packet containing only a CVS_LOGIN signature.)
 CVE-2014-9379 (The radius_get_attribute function in dissectors/ec_radius.c in Ettercap 0.8.1 performs an incorrect cast, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via unspecified vectors, which triggers a stack-based buffer overflow.)
 CVE-2014-9378 (Ettercap 0.8.1 does not validate certain return values, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted (1) name to the parse_line function in mdns_spoof/mdns_spoof.c or (2) base64 encoded password to the dissector_imap function in dissectors/ec_imap.c.)
 CVE-2014-9377 (Heap-based buffer overflow in the nbns_spoof function in plug-ins/nbns_spoof/nbns_spoof.c in Ettercap 0.8.1 allows remote attackers to cause a denial of service or possibly execute arbitrary code via a large netbios packet.)
 CVE-2014-9376 (Integer underflow in Ettercap 0.8.1 allows remote attackers to cause a denial of service (out-of-bounds write) and possibly execute arbitrary code via a small (1) size variable value in the dissector_dhcp function in dissectors/ec_dhcp.c, (2) length value to the dissector_gg function in dissectors/ec_gg.c, or (3) string length to the get_decode_len function in ec_utils.c or a request without a (4) username or (5) password to the dissector_TN3270 function in dissectors/ec_TN3270.c.)
 CVE-2014-6396 (The dissector_postgresql function in dissectors/ec_postgresql.c in Ettercap before 0.8.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted password length, which triggers a 0 character to be written to an arbitrary memory location.)
 CVE-2014-6395 (Heap-based buffer overflow in the dissector_postgresql function in dissectors/ec_postgresql.c in Ettercap before 0.8.1 allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted password length value that is inconsistent with the actual length of the password.)
Оригинальный текстdocumentn.sampanis_(at)_obrela.com, "Ettercap 8.0 - 8.1" multiple vulnerabilities (22.12.2014)

Многочисленные уязвимости безопасности в CA LISA Release Automation
Опубликовано:22 декабря 2014 г.
Источник:
SecurityVulns ID:14162
Тип:удаленная
Уровень опасности:
5/10
Описание:XSS, CSRF, инъекция SQL.
Затронутые продукты:CA : LISA Release Automation 4.7
CVE:CVE-2014-8248 (SQL injection vulnerability in CA Release Automation (formerly iTKO LISA Release Automation) before 4.7.1 b448 allows remote authenticated users to execute arbitrary SQL commands via a crafted query.)
 CVE-2014-8247 (Cross-site scripting (XSS) vulnerability in CA Release Automation (formerly iTKO LISA Release Automation) before 4.7.1 b448 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.)
 CVE-2014-8246 (Cross-site request forgery (CSRF) vulnerability in CA Release Automation (formerly iTKO LISA Release Automation) before 4.7.1 b448 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.)
Оригинальный текстdocumentCA, CA20141215-01: Security Notice for CA LISA Release Automation (22.12.2014)

Повышение привилегий в Apache mod_wsgi
Опубликовано:22 декабря 2014 г.
Источник:
SecurityVulns ID:14163
Тип:локальная
Уровень опасности:
5/10
Описание:Некорректная обработка ошибок может привести к повышению привилегий.
Затронутые продукты:APACHE : mod_wsgi 4.2
CVE:CVE-2014-8583 (mod_wsgi before 4.2.4 for Apache, when creating a daemon process group, does not properly handle when group privileges cannot be dropped, which might allow attackers to gain privileges via unspecified vectors.)
Оригинальный текстdocumentMANDRIVA, [ MDVSA-2014:253 ] apache-mod_wsgi (22.12.2014)

Утечка данных в Mozilla nss
Опубликовано:22 декабря 2014 г.
Источник:
SecurityVulns ID:14164
Тип:библиотека
Уровень опасности:
6/10
Описание:Утечка информации в декодировании QuickDER.
Затронутые продукты:MOZILLA : nss 3.17
CVE:CVE-2014-3566 (The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.)
 CVE-2014-1569 (The definite_length_decoder function in lib/util/quickder.c in Mozilla Network Security Services (NSS) before 3.16.2.4 and 3.17.x before 3.17.3 does not ensure that the DER encoding of an ASN.1 length is properly formed, which allows remote attackers to conduct data-smuggling attacks by using a long byte sequence for an encoding, as demonstrated by the SEC_QuickDERDecodeItem function's improper handling of an arbitrary-length encoding of 0x00.)
Оригинальный текстdocumentMANDRIVA, [ MDVSA-2014:252 ] nss (22.12.2014)

Слабое шифрование в Ekahau Real-Time Location Tracking System
Опубликовано:22 декабря 2014 г.
Источник:
SecurityVulns ID:14165
Тип:удаленная
Уровень опасности:
5/10
Описание:Можно считывать и генерировать события.
Затронутые продукты:EKAHAU : B4 staff badge tag 5.7
CVE:CVE-2014-2716 (Ekahau B4 staff badge tag 5.7 with firmware 1.4.52, Real-Time Location System (RTLS) Controller 6.0.5-FINAL, and Activator 3 reuses the RC4 cipher stream, which makes it easier for remote attackers to obtain plaintext messages via an XOR operation on two ciphertexts.)
Оригинальный текстdocumentmodzero security, Vulnerabilities in Ekahau Real-Time Location Tracking System [MZ-14-01] (22.12.2014)

Уязвимости безопасности в RPM
Опубликовано:22 декабря 2014 г.
Источник:
SecurityVulns ID:14166
Тип:локальная
Уровень опасности:
5/10
Описание:Целочисленное переполнение, выполнение кода.
Затронутые продукты:RPM : RPM 4.12
CVE:CVE-2014-8118 (Integer overflow in RPM 4.12 and earlier allows remote attackers to execute arbitrary code via a crafted CPIO header in the payload section of an RPM file, which triggers a stack-based buffer overflow.)
 CVE-2013-6435 (Race condition in RPM 4.11.1 and earlier allows remote attackers to execute arbitrary code via a crafted RPM file whose installation extracts the contents to temporary files before validating the signature, as demonstrated by installing a file in the /etc/cron.d directory.)
Оригинальный текстdocumentMANDRIVA, [ MDVSA-2014:251 ] rpm (22.12.2014)

Переполнение буфера в GNU cpio
Опубликовано:22 декабря 2014 г.
Источник:
SecurityVulns ID:14167
Тип:локальная
Уровень опасности:
5/10
Описание:Переполнение буфера в функции process_copy_in()
Затронутые продукты:GNU : cpio 2.11
CVE:CVE-2014-9112 (Heap-based buffer overflow in the process_copy_in function in GNU Cpio 2.11 allows remote attackers to cause a denial of service via a large block value in a cpio archive.)
Оригинальный текстdocumentMANDRIVA, [ MDVSA-2014:250 ] cpio (22.12.2014)

DoS против библиотеки libYAML
Опубликовано:22 декабря 2014 г.
Источник:
SecurityVulns ID:14168
Тип:библиотека
Уровень опасности:
5/10
Описание:Ассерт при работе со строками.
Затронутые продукты:YAML : LibYAML 0.1
CVE:CVE-2014-9130 (scanner.c in LibYAML 0.1.5 and 0.1.6, as used in the YAML-LibYAML (aka YAML-XS) module for Perl, allows context-dependent attackers to cause a denial of service (assertion failure and crash) via vectors involving line-wrapping.)
Оригинальный текстdocumentDEBIAN, [SECURITY] [DSA 3102-1] libyaml security update (22.12.2014)

DoS против c-icap
Опубликовано:22 декабря 2014 г.
Источник:
SecurityVulns ID:14169
Тип:удаленная
Уровень опасности:
5/10
Описание:Несколько различных DoS-условий.
Затронутые продукты:ICAP : c-icap 0.2
CVE:CVE-2013-7402 (Multiple unspecified vulnerabilities in request.c in c-icap 0.2.x allow remote attackers to cause a denial of service (crash) via a crafted ICAP request.)
 CVE-2013-7401 (The parse_request function in request.c in c-icap 0.2.x allows remote attackers to cause a denial of service (crash) via a URI without a " " or "?" character in an ICAP request, as demonstrated by use of the OPTIONS method.)
Оригинальный текстdocumentDEBIAN, [SECURITY] [DSA 3101-1] c-icap security update (22.12.2014)

Уязвимости безопасности в getmail
Опубликовано:22 декабря 2014 г.
Источник:
SecurityVulns ID:14170
Тип:m-i-t-m
Уровень опасности:
5/10
Описание:Многочисленные уязвимости в проверке сертификатов.
Затронутые продукты:GETMAIL : getmail 4.44
CVE:CVE-2014-7275 (The POP3-over-SSL implementation in getmail 4.0.0 through 4.44.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof POP3 servers and obtain sensitive information via a crafted certificate.)
 CVE-2014-7274 (The IMAP-over-SSL implementation in getmail 4.44.0 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) field of the X.509 certificate, which allows man-in-the-middle attackers to spoof IMAP servers and obtain sensitive information via a crafted certificate from a recognized Certification Authority.)
 CVE-2014-7273 (The IMAP-over-SSL implementation in getmail 4.0.0 through 4.43.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof IMAP servers and obtain sensitive information via a crafted certificate.)
Оригинальный текстdocumentDEBIAN, [SECURITY] [DSA 3091-1] getmail4 security update (22.12.2014)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород