Информационная безопасность
[RU] switch to English


Повышение привилегий через графические драйвера Nvidia в Linux / Unix
Опубликовано:26 апреля 2012 г.
Источник:
SecurityVulns ID:12348
Тип:удаленная
Уровень опасности:
5/10
Описание:Возможна запись памяти ядра.
CVE:CVE-2012-0946 (The NVIDIA UNIX driver before 295.40 allows local users to access arbitrary memory locations by leveraging GPU device-node read/write privileges.)

Многочисленные уязвимости безопасности в ядре Linux
дополнено с 2 апреля 2012 г.
Опубликовано:26 апреля 2012 г.
Источник:
SecurityVulns ID:12305
Тип:локальная
Уровень опасности:
6/10
Описание:DoS, утечка информации, повышение привилегий.
Затронутые продукты:LINUX : kernel 2.6
CVE:CVE-2012-2100 (The ext4_fill_flex_info function in fs/ext4/super.c in the Linux kernel before 3.2.2, on the x86 platform and unspecified other platforms, allows user-assisted remote attackers to trigger inconsistent filesystem-groups data and possibly cause a denial of service via a malformed ext4 filesystem containing a super block with a large FLEX_BG group size (aka s_log_groups_per_flex value). NOTE: this vulnerability exists because of an incomplete fix for CVE-2009-4307.)
 CVE-2012-1146 (The mem_cgroup_usage_unregister_event function in mm/memcontrol.c in the Linux kernel before 3.2.10 does not properly handle multiple events that are attached to the same eventfd, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by registering memory threshold events.)
 CVE-2012-1097 (The regset (aka register set) feature in the Linux kernel before 3.2.10 does not properly handle the absence of .get and .set methods, which allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a (1) PTRACE_GETREGSET or (2) PTRACE_SETREGSET ptrace call.)
 CVE-2012-1090 (The cifs_lookup function in fs/cifs/dir.c in the Linux kernel before 3.2.10 allows local users to cause a denial of service (OOPS) via attempted access to a special file, as demonstrated by a FIFO.)
 CVE-2012-0879 (The I/O implementation for block devices in the Linux kernel before 2.6.33 does not properly handle the CLONE_IO feature, which allows local users to cause a denial of service (I/O instability) by starting multiple processes that share an I/O context.)
 CVE-2012-0045 (The em_syscall function in arch/x86/kvm/emulate.c in the KVM implementation in the Linux kernel before 3.2.14 does not properly handle the 0f05 (aka syscall) opcode, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application, as demonstrated by an NASM file.)
 CVE-2011-4347 (The kvm_vm_ioctl_assign_device function in virt/kvm/assigned-dev.c in the KVM subsystem in the Linux kernel before 3.1.10 does not verify permission to access PCI configuration space and BAR resources, which allows host OS users to assign PCI devices and cause a denial of service (host OS crash) via a KVM_ASSIGN_PCI_DEVICE operation.)
 CVE-2011-3347 (A certain Red Hat patch to the be2net implementation in the kernel package before 2.6.32-218.el6 on Red Hat Enterprise Linux (RHEL) 6, when promiscuous mode is enabled, allows remote attackers to cause a denial of service (system crash) via non-member VLAN packets.)
 CVE-2011-1833 (Race condition in the ecryptfs_mount function in fs/ecryptfs/main.c in the eCryptfs subsystem in the Linux kernel before 3.1 allows local users to bypass intended file permissions via a mount.ecryptfs_private mount with a mismatched uid.)
 CVE-2009-4307 (The ext4_fill_flex_info function in fs/ext4/super.c in the Linux kernel before 2.6.32-git6 allows user-assisted remote attackers to cause a denial of service (divide-by-zero error and panic) via a malformed ext4 filesystem containing a super block with a large FLEX_BG group size (aka s_log_groups_per_flex value).)
Оригинальный текстdocumentUBUNTU, [USN-1406-1] Linux kernel vulnerabilities (26.04.2012)
 documentDEBIAN, [SECURITY] [DSA 2443-1] linux-2.6 security update (02.04.2012)

Cводка уязвимостей безопасности в Web-приложениях (PHP, ASP, JSP, CGI, Perl)
Опубликовано:26 апреля 2012 г.
Источник:
SecurityVulns ID:12350
Тип:удаленная
Уровень опасности:
5/10
Описание:Инъекции PHP, инъекции SQL, обратный путь в каталогах, межсайтовый скриптинг, модификация файлов, утечка информации и т.д.
Затронутые продукты:WORDPRESS : Organizer 1.2
 PIWIGO : Piwigo 2.3
CVE:CVE-2012-2209 (Multiple cross-site scripting (XSS) vulnerabilities in admin.php in Piwigo before 2.3.4 allow remote attackers to inject arbitrary web script or HTML via the (1) section parameter in the configuration module, (2) installstatus parameter in the languages_new module, or (3) theme parameter in the theme module.)
 CVE-2012-2208 (Directory traversal vulnerability in upgrade.php in Piwigo before 2.3.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter.)
Оригинальный текстdocumentMustLive, XSS, CSRF and AFU vulnerabilities in Organizer for WordPress (26.04.2012)
 documentHigh-Tech Bridge Security Research, Multiple vulnerabilities in Piwigo (26.04.2012)

DoS против Nova
дополнено с 26 апреля 2012 г.
Опубликовано:14 мая 2012 г.
Источник:
SecurityVulns ID:12349
Тип:локальная
Уровень опасности:
4/10
Описание:Исчерпание ресурсов через длинное имя сервера. Исчерпание ресурсов через превышение квот.
Затронутые продукты:NOVA : Nova 2011.3
CVE:CVE-2012-2101 (Openstack Compute (Nova) Folsom, 2012.1, and 2011.3 does not limit the number of security group rules, which allows remote authenticated users with certain permissions to cause a denial of service (CPU and hard drive consumption) via a network request that triggers a large number of iptables rules.)
 CVE-2012-1585 (OpenStack Compute (Nova) Essex before 2011.3 allows remote authenticated users to cause a denial of service (Nova-API log file and disk consumption) via a long server name.)
Оригинальный текстdocumentDEBIAN, [USN-1438-1] Nova vulnerability (14.05.2012)
 documentUBUNTU, [USN-1413-1] Nova vulnerability (26.04.2012)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород