Информационная безопасность
[RU] switch to English


Многочисленные уязвимости безопасности в Cisco IOS, Cisco 10000, uBR10012, uBR7200 и Cisco UCM
Опубликовано:29 сентября 2008 г.
Источник:
SecurityVulns ID:9312
Тип:удаленная
Уровень опасности:
7/10
Описание:DoS через L2TP, MPLS, IPS, SIP, проблемы с SSL, утечка информации, многочисленные проблемы с мультикастами, уязвимости в NAT SCP, IOS Software firewall application inspection.
Затронутые продукты:CISCO : IOS 12.0
 CISCO : IOS 12.2
 CISCO : IOS 12.3
 CISCO : IOS 12.4
 CISCO : Unified Communications Manager 4.2
 CISCO : Unified Communications Manager 4.3
 CISCO : Unified Communications Manager 5.1
 CISCO : Unified Communications Manager 6.1
 CISCO : Cisco 10000
 CISCO : Unified Communications Manager 4.1
 CISCO : Cisco uBR10012
 CISCO : Cisco uBR7200
CVE:CVE-2008-3813 (Unspecified vulnerability in Cisco IOS 12.2 and 12.4, when the L2TP mgmt daemon process is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted L2TP packet.)
 CVE-2008-3812 (Cisco IOS 12.4, when IOS firewall Application Inspection Control (AIC) with HTTP Deep Packet Inspection is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed HTTP transit packet.)
 CVE-2008-3811 (Cisco IOS 12.2 and 12.4, when NAT Skinny Call Control Protocol (SCCP) Fragmentation Support is enabled, allows remote attackers to cause a denial of service (device reload) via segmented SCCP messages, aka Cisco Bug ID CSCsi17020, a different vulnerability than CVE-2008-3810.)
 CVE-2008-3809 (Cisco IOS 12.0 through 12.4 on Gigabit Switch Router (GSR) devices (aka 12000 Series routers) allows remote attackers to cause a denial of service (device crash) via a malformed Protocol Independent Multicast (PIM) packet.)
 CVE-2008-3808 (Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (device reload) via a crafted Protocol Independent Multicast (PIM) packet.)
 CVE-2008-3807 (Cisco IOS 12.2 and 12.3 on Cisco uBR10012 series devices, when linecard redundancy is configured, enables a read/write SNMP service with "private" as the community, which allows remote attackers to obtain administrative access by guessing this community and sending SNMP requests.)
 CVE-2008-3805 (Cisco IOS 12.0 through 12.4 on Cisco 10000, uBR10012 and uBR7200 series devices handles external UDP packets that are sent to 127.0.0.0/8 addresses intended for IPC communication within the device, which allows remote attackers to cause a denial of service (device or linecard reload) via crafted UDP packets, a different vulnerability than CVE-2008-3806.)
 CVE-2008-3804 (Unspecified vulnerability in the Multi Protocol Label Switching (MPLS) Forwarding Infrastructure (MFI) in Cisco IOS 12.2 and 12.4 allows remote attackers to cause a denial of service (memory corruption) via crafted packets for which the software path is used.)
 CVE-2008-3803 (A "logic error" in Cisco IOS 12.0 through 12.4, when a Multiprotocol Label Switching (MPLS) VPN with extended communities is configured, sometimes causes a corrupted route target (RT) to be used, which allows remote attackers to read traffic from other VPNs in opportunistic circumstances.)
 CVE-2008-3801 (Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service (device or process reload) via unspecified valid SIP messages, aka Cisco Bug ID CSCsm46064, a different vulnerability than CVE-2008-3800 and CVE-2008-3802.)
 CVE-2008-3800 (Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service (device or process reload) via unspecified valid SIP messages, aka Cisco Bug ID CSCsu38644, a different vulnerability than CVE-2008-3801 and CVE-2008-3802.)
 CVE-2008-3799 (Memory leak in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4, when VoIP is configured, allows remote attackers to cause a denial of service (memory consumption and voice-service outage) via unspecified valid SIP messages.)
 CVE-2008-3798 (Cisco IOS 12.4 allows remote attackers to cause a denial of service (device crash) via a normal, properly formed SSL packet that occurs during termination of an SSL session.)
 CVE-2008-2739 (The SERVICE.DNS signature engine in the Intrusion Prevention System (IPS) in Cisco IOS 12.3 and 12.4 allows remote attackers to cause a denial of service (device crash or hang) via network traffic that triggers unspecified IPS signatures, a different vulnerability than CVE-2008-1447.)
Оригинальный текстdocumentCISCO, Cisco Security Advisory: Cisco uBR10012 Series Devices SNMP Vulnerability (29.09.2008)
 documentCISCO, Cisco Security Advisory: Cisco Unified Communications Manager Session Initiation Protocol Denial of Service Vulnerabilities (29.09.2008)
 documentCISCO, Cisco Security Advisory: Cisco 10000, uBR10012, uBR7200 Series Devices IPC Vulnerability (29.09.2008)
 documentCISCO, Cisco Security Advisory: Cisco IOS IPS Denial of Service Vulnerability (29.09.2008)
 documentCISCO, Cisco Security Advisory: Cisco IOS MPLS VPN May Leak Information (29.09.2008)
 documentCISCO, Cisco Security Advisory: Multiple Multicast Vulnerabilities in Cisco IOS Software (29.09.2008)
 documentCISCO, Cisco Security Advisory: Multiple Cisco IOS Session Initiation Protocol Denial of Service Vulnerabilities (29.09.2008)
 documentCISCO, Cisco Security Advisory: Cisco IOS Software Firewall Application Inspection Control Vulnerability (29.09.2008)
 documentCISCO, Cisco Security Advisory: Cisco IOS NAT Skinny Call Control Protocol Vulnerability (29.09.2008)
 documentCISCO, Cisco Security Advisory: Cisco IOS MPLS Forwarding Infrastructure Denial of Service Vulnerability (29.09.2008)
 documentCISCO, Cisco Security Advisory: Vulnerability in Cisco IOS While Processing SSL Packet (29.09.2008)
 documentCISCO, Cisco Security Advisory: Cisco IOS Software Layer 2 Tunneling Protocol (L2TP) Denial of Service Vulnerability (29.09.2008)

Многочисленные уязвимости в IRC-шлюзе BitlBee
Опубликовано:29 сентября 2008 г.
Источник:
SecurityVulns ID:9309
Тип:удаленная
Уровень опасности:
5/10
Описание:DoS, повышение привилегий.
Затронутые продукты:BITLBEE : Bitlbee 1.2
CVE:CVE-2008-3969 (Multiple unspecified vulnerabilities in BitlBee before 1.2.3 allow remote attackers to "overwrite" and "hijack" existing accounts via unknown vectors related to "inconsistent handling of the USTATUS_IDENTIFIED state." NOTE: this issue exists because of an incomplete fix for CVE-2008-3920.)
 CVE-2008-3920 (Unspecified vulnerability in BitlBee before 1.2.2 allows remote attackers to "recreate" and "hijack" existing accounts via unspecified vectors.)
Оригинальный текстdocumentGENTOO, [ GLSA 200809-14 ] BitlBee: Security bypass (29.09.2008)

Несанционированный доступ и DoS через ActiveX Internet Information Server и IAS
Опубликовано:29 сентября 2008 г.
Источник:
SecurityVulns ID:9311
Тип:клиент
Уровень опасности:
5/10
Описание:ActiveX позволяет производить различные привилегированные действия.
Затронутые продукты:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows 2008 Server
Оригинальный текстdocumenthamedata_(at)_gmail.com, Internet Information Service (adsiis.dll) activex remote DOS (29.09.2008)
 documenthamedata_(at)_gmail.com, IAS Helper COM Component (iashlpr.dll) activex remote DOS (29.09.2008)
 documenthamedata_(at)_gmail.com, Internet Information Service remote set password (29.09.2008)

Ежедневная сводка уязвимостей безопасности в Web-приложениях (PHP, ASP, JSP, CGI, Perl)
Опубликовано:29 сентября 2008 г.
Источник:
SecurityVulns ID:9313
Тип:удаленная
Уровень опасности:
5/10
Описание:Инъекции PHP, инъекции SQL, обратный путь в каталогах, межсайтовый скриптинг, модификация файлов, утечка информации и т.д.
Затронутые продукты:ADNFORUM : adnforum 1.0
 FCKEDITOR : FCKeditor 2.6
 FCKEDITOR : FCKeditor 2.4
 FLATPRESS : flatpress 0.804
 EASYREALTOR : EasyRealtorPRO 2008
CVE:CVE-2008-4120 (Multiple cross-site scripting (XSS) vulnerabilities in FlatPress 0.804 allow remote attackers to inject arbitrary web script or HTML via the (1) user or (2) pass parameter to login.php, or the (3) name parameter to contact.php.)
Оригинальный текстdocumentSmOk3, SQL Injection in EasyRealtorPRO 2008 (29.09.2008)
 documentPepelux, adnforum <= 1.0b / Insecure Cookie Handling Vulnerability (29.09.2008)
 documentFabian Fingerle, Cross Site Scripting (XSS) Vulnerabilitiy in flatpress 0.804, CVE-2008-4120 (29.09.2008)
 documentalfredo.melloni_(at)_gmail.com, Google Docs (HTML code) Multiple Cross Site Scripting Vulnerabilities (29.09.2008)
 documentMustLive, Cross-Site Scripting vulnerability in eCaptcha (29.09.2008)
 documentMustLive, Arbitrary File Upload vulnerability in FCKeditor (29.09.2008)

Многочисленные уязвимости в Mozilla Firefox / Thunderbird / Seamonkey
дополнено с 29 сентября 2008 г.
Опубликовано:30 сентября 2008 г.
Источник:
SecurityVulns ID:9310
Тип:клиент
Уровень опасности:
7/10
Описание:Повреждение памяти, повышение привилегий, межсайтовый скриптинг, DoS-атаки, переполнение буфера.
Затронутые продукты:MOZILLA : Firefox 2.0
 MOZILLA : Thunderbird 2.0
 MOZILLA : SeaMonkey 1.1
 MOZILLA : Firefox 3.0
CVE:CVE-2008-4070 (Heap-based buffer overflow in Mozilla Thunderbird before 2.0.0.17 and SeaMonkey before 1.1.12 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long header in a news article, related to "canceling [a] newsgroup message" and "cancelled newsgroup messages.")
 CVE-2008-4069 (The XBM decoder in Mozilla Firefox before 2.0.0.17 and SeaMonkey before 1.1.12 allows remote attackers to read uninitialized memory, and possibly obtain sensitive information in opportunistic circumstances, via a crafted XBM image file.)
 CVE-2008-4068 (Directory traversal vulnerability in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to bypass "restrictions imposed on local HTML files," and obtain sensitive information and prompt users to write this information into a file, via directory traversal sequences in a resource: URI.)
 CVE-2008-4067 (Directory traversal vulnerability in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 on Linux allows remote attackers to read arbitrary files via a .. (dot dot) and URL-encoded / (slash) characters in a resource: URI.)
 CVE-2008-4066 (Mozilla Firefox 2.0.0.14, and other versions before 2.0.0.17, allows remote attackers to bypass cross-site scripting (XSS) protection mechanisms and conduct XSS attacks via HTML-escaped low surrogate characters that are ignored by the HTML parser, as demonstrated by a "jav&#56325ascript" sequence, aka "HTML escaped low surrogates bug.")
 CVE-2008-4065 (Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allow remote attackers to bypass cross-site scripting (XSS) protection mechanisms and conduct XSS attacks via byte order mark (BOM) characters that are removed from JavaScript code before execution, aka "Stripped BOM characters bug.")
 CVE-2008-4062 (Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the JavaScript engine and (1) misinterpretation of the characteristics of Namespace and QName in jsxml.c, (2) misuse of signed integers in the nsEscapeCount function in nsEscape.cpp, and (3) interaction of JavaScript garbage collection with certain use of an NPObject in the nsNPObjWrapper::GetNewOrUsed function in nsJSNPRuntime.cpp.)
 CVE-2008-4061 (Integer overflow in the MathML component in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via an mtd element with a large integer value in the rowspan attribute, related to the layout engine.)
 CVE-2008-4060 (Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allow remote attackers to create documents that lack script-handling objects, and execute arbitrary code with chrome privileges, via vectors related to (1) the document.loadBindingDocument function and (2) XSLT.)
 CVE-2008-4059 (The XPConnect component in Mozilla Firefox before 2.0.0.17 allows remote attackers to "pollute XPCNativeWrappers" and execute arbitrary code with chrome privileges via vectors related to a SCRIPT element.)
 CVE-2008-4058 (The XPConnect component in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to "pollute XPCNativeWrappers" and execute arbitrary code with chrome privileges via vectors related to (1) chrome XBL and (2) chrome JS.)
 CVE-2008-3837 (Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, and SeaMonkey before 1.1.12, allow user-assisted remote attackers to move a window during a mouse click, and possibly force a file download or unspecified other drag-and-drop action, via a crafted onmousedown action that calls window.moveBy, a variant of CVE-2003-0823.)
 CVE-2008-3836 (feedWriter in Mozilla Firefox before 2.0.0.17 allows remote attackers to execute scripts with chrome privileges via vectors related to feed preview and the (1) elem.doCommand, (2) elem.dispatchEvent, (3) _setTitleText, (4) _setTitleImage, and (5) _initSubscriptionUI functions.)
 CVE-2008-3835 (The nsXMLDocument::OnChannelRedirect function in Mozilla Firefox before 2.0.0.17, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to bypass the Same Origin Policy and execute arbitrary JavaScript code via unknown vectors.)
 CVE-2008-0016 (Stack-based buffer overflow in the URL parsing implementation in Mozilla Firefox before 2.0.0.17 and SeaMonkey before 1.1.12 allows remote attackers to execute arbitrary code via a crafted UTF-8 URL in a link.)
Оригинальный текстdocumentAditya K Sood, Advisory: Mozilla Firefox User Interface Null Pointer Dereference Dispatcher Crash and Remote Denial of Service. (30.09.2008)
 documentMOZILLA, Mozilla Foundation Security Advisory 2008-37 (29.09.2008)
 documentMOZILLA, Mozilla Foundation Security Advisory 2008-38 (29.09.2008)
 documentMOZILLA, Mozilla Foundation Security Advisory 2008-39 (29.09.2008)
 documentMOZILLA, Mozilla Foundation Security Advisory 2008-40 (29.09.2008)
 documentMOZILLA, Mozilla Foundation Security Advisory 2008-41 (29.09.2008)
 documentMOZILLA, Mozilla Foundation Security Advisory 2008-42 (29.09.2008)
 documentMOZILLA, Mozilla Foundation Security Advisory 2008-43 (29.09.2008)
 documentMOZILLA, Mozilla Foundation Security Advisory 2008-44 (29.09.2008)
 documentMOZILLA, Mozilla Foundation Security Advisory 2008-45 (29.09.2008)
 documentMOZILLA, Mozilla Foundation Security Advisory 2008-46 (29.09.2008)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород