Информационная безопасность
[RU] switch to English


Переполнение буфера в libksba
Опубликовано:30 ноября 2014 г.
Источник:
SecurityVulns ID:14106
Тип:библиотека
Уровень опасности:
6/10
Описание:Переполнение буфера при разборе сообщений S/MIME.
Затронутые продукты:LIBKSBA : libksba 1.3
CVE:CVE-2014-9087 (Integer underflow in the ksba_oid_to_str function in Libksba before 1.3.2, as used in GnuPG, allows remote attackers to cause a denial of service (crash) via a crafted OID in a (1) S/MIME message or (2) ECC based OpenPGP data, which triggers a buffer overflow.)
Оригинальный текстdocumentMANDRIVA, [ MDVSA-2014:234 ] libksba (30.11.2014)

Повреждения памяти в flac
Опубликовано:30 ноября 2014 г.
Источник:
SecurityVulns ID:14107
Тип:библиотека
Уровень опасности:
6/10
Описание:Переполнения буфера при разборе файлов.
Затронутые продукты:FLAC : libFLAC 1.3
CVE:CVE-2014-9028 (Heap-based buffer overflow in stream_decoder.c in libFLAC before 1.3.1 allows remote attackers to execute arbitrary code via a crafted .flac file.)
 CVE-2014-8962 (Stack-based buffer overflow in stream_decoder.c in libFLAC before 1.3.1 allows remote attackers to execute arbitrary code via a crafted .flac file.)
Оригинальный текстdocumentDaniele Bianco, [oCERT 2014-008] libFLAC multiple issues (30.11.2014)
 documentUBUNTU, [USN-2426-1] FLAC vulnerabilities (30.11.2014)

Выполнение кода в GNU glibc
Опубликовано:30 ноября 2014 г.
Источник:
SecurityVulns ID:14108
Тип:библиотека
Уровень опасности:
6/10
Описание:Выполнение кода через функцию wordexp()
Затронутые продукты:GNU : glibc 2.21
CVE:CVE-2014-7817 (The wordexp function in GNU C Library (aka glibc) 2.21 does not enforce the WRDE_NOCMD flag, which allows context-dependent attackers to execute arbitrary commands, as demonstrated by input containing "$((`...`))".)
Оригинальный текстdocumentMANDRIVA, [ MDVSA-2014:232 ] glibc (30.11.2014)

Повреждения памяти в ClamAV
Опубликовано:30 ноября 2014 г.
Источник:
SecurityVulns ID:14109
Тип:библиотека
Уровень опасности:
6/10
Описание:Повреждения памяти при разборе JS и PE файлов.
Затронутые продукты:CLAMAV : ClamAV 0.98
CVE:CVE-2014-9050 (Heap-based buffer overflow in the cli_scanpe function in libclamav/pe.c in ClamAV before 0.98.5 allows remote attackers to cause a denial of service (crash) via a crafted y0da Crypter PE file.)
 CVE-2013-6497 (clamscan in ClamAV before 0.98.5, when using -a option, allows remote attackers to cause a denial of service (crash) as demonstrated by the jwplayer.js file.)
Оригинальный текстdocumentUBUNTU, [USN-2423-1] ClamAV vulnerabilities (30.11.2014)

Утечка информации в icecast
Опубликовано:30 ноября 2014 г.
Источник:
SecurityVulns ID:14110
Тип:удаленная
Уровень опасности:
5/10
Описание:Доступ к исходным файлам скриптов.
Затронутые продукты:ICECAST : icecast 2.3
CVE:CVE-2014-9018 (Icecast before 2.4.1 transmits the output of the on-connect script, which might allow remote attackers to obtain sensitive information, related to shared file descriptors.)
Оригинальный текстdocumentMANDRIVA, [ MDVSA-2014:231 ] icecast (30.11.2014)

DoS через imagemagic
Опубликовано:30 ноября 2014 г.
Источник:
SecurityVulns ID:14111
Тип:библиотека
Уровень опасности:
6/10
Описание:Чтение за пределами буфера.
CVE:CVE-2014-8716
 CVE-2014-8562
 CVE-2014-8355
 CVE-2014-8354
Оригинальный текстdocumentMANDRIVA, [ MDVSA-2014:226 ] imagemagick (30.11.2014)

Уязвимости безопасности в squid
Опубликовано:30 ноября 2014 г.
Источник:
SecurityVulns ID:14112
Тип:клиент
Уровень опасности:
6/10
Описание:DoS и утечка информации в сервисе pinger.
Затронутые продукты:SQUID : squid 3.4
CVE:CVE-2014-7142 (The pinger in Squid 3.x before 3.4.8 allows remote attackers to obtain sensitive information or cause a denial of service (crash) via a crafted (1) ICMP or (2) ICMP6 packet size.)
 CVE-2014-7141 (The pinger in Squid 3.x before 3.4.8 allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and crash) via a crafted type in an (1) ICMP or (2) ICMP6 packet.)
Оригинальный текстdocumentUBUNTU, [USN-2422-1] Squid vulnerabilities (30.11.2014)

Многочисленные узяивомости безопасности в dbus
дополнено с 21 сентября 2014 г.
Опубликовано:30 ноября 2014 г.
Источник:
SecurityVulns ID:13974
Тип:локальная
Уровень опасности:
5/10
Описание:Повреждения памяти, DoS.
Затронутые продукты:DBUS : dbus 1.8
CVE:CVE-2014-7824 (D-Bus 1.3.0 through 1.6.x before 1.6.26, 1.8.x before 1.8.10, and 1.9.x before 1.9.2 allows local users to cause a denial of service (prevention of new connections and connection drop) by queuing the maximum number of file descriptors. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-3636.1.)
 CVE-2014-3639 (The dbus-daemon in D-Bus before 1.6.24 and 1.8.x before 1.8.8 does not properly close old connections, which allows local users to cause a denial of service (incomplete connection consumption and prevention of new connections) via a large number of incomplete connections.)
 CVE-2014-3638 (The bus_connections_check_reply function in config-parser.c in D-Bus before 1.6.24 and 1.8.x before 1.8.8 allows local users to cause a denial of service (CPU consumption) via a large number of method calls.)
 CVE-2014-3637 (D-Bus 1.3.0 through 1.6.x before 1.6.24 and 1.8.x before 1.8.8 does not properly close connections for processes that have terminated, which allows local users to cause a denial of service via a D-bus message containing a D-Bus connection file descriptor.)
 CVE-2014-3636 (D-Bus 1.3.0 through 1.6.x before 1.6.24 and 1.8.x before 1.8.8 allows local users to (1) cause a denial of service (prevention of new connections and connection drop) by queuing the maximum number of file descriptors or (2) cause a denial of service (disconnect) via multiple messages that combine to have more than the allowed number of file descriptors for a single sendmsg call.)
 CVE-2014-3635 (Off-by-one error in D-Bus 1.3.0 through 1.6.x before 1.6.24 and 1.8.x before 1.8.8, when running on a 64-bit system and the max_message_unix_fds limit is set to an odd number, allows local users to cause a denial of service (dbus-daemon crash) or possibly execute arbitrary code by sending one more file descriptor than the limit, which triggers a heap-based buffer overflow or an assertion failure.)
Оригинальный текстdocumentUBUNTU, [USN-2425-1] DBus vulnerability (30.11.2014)
 documentDEBIAN, [SECURITY] [DSA 3026-1] dbus security update (21.09.2014)

Многочисленные уязвимости безопасности в ядре Linux
дополнено с 3 ноября 2014 г.
Опубликовано:30 ноября 2014 г.
Источник:
SecurityVulns ID:14068
Тип:библиотека
Уровень опасности:
7/10
Описание:Многочисленные ошибки в KVM, DoS в клиенте CIFS, удаленные DoS-условия, повшение привилегий через файловую систему, повышение привилегий и обход защиты через trace_syscalls.
Затронутые продукты:LINUX : kernel 3.16
CVE:CVE-2014-8369 (The kvm_iommu_map_pages function in virt/kvm/iommu.c in the Linux kernel through 3.17.2 miscalculates the number of pages during the handling of a mapping failure, which allows guest OS users to cause a denial of service (host OS page unpinning) or possibly have unspecified other impact by leveraging guest OS privileges. NOTE: this vulnerability exists because of an incorrect fix for CVE-2014-3601.)
 CVE-2014-7970 (The pivot_root implementation in fs/namespace.c in the Linux kernel through 3.17 does not properly interact with certain locations of a chroot directory, which allows local users to cause a denial of service (mount-tree loop) via . (dot) values in both arguments to the pivot_root system call.)
 CVE-2014-7826 (kernel/trace/trace_syscalls.c in the Linux kernel through 3.17.2 does not properly handle private syscall numbers during use of the ftrace subsystem, which allows local users to gain privileges or cause a denial of service (invalid pointer dereference) via a crafted application.)
 CVE-2014-7825 (kernel/trace/trace_syscalls.c in the Linux kernel through 3.17.2 does not properly handle private syscall numbers during use of the perf subsystem, which allows local users to cause a denial of service (out-of-bounds read and OOPS) or bypass the ASLR protection mechanism via a crafted application.)
 CVE-2014-7207 (A certain Debian patch to the IPv6 implementation in the Linux kernel 3.2.x through 3.2.63 does not properly validate arguments in ipv6_select_ident function calls, which allows local users to cause a denial of service (NULL pointer dereference and system crash) by leveraging (1) tun or (2) macvtap device access.)
 CVE-2014-7145 (The SMB2_tcon function in fs/cifs/smb2pdu.c in the Linux kernel before 3.16.3 allows remote CIFS servers to cause a denial of service (NULL pointer dereference and client system crash) or possibly have unspecified other impact by deleting the IPC$ share during resolution of DFS referrals.)
 CVE-2014-3690 (arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 3.17.2 on Intel processors does not ensure that the value in the CR4 control register remains the same after a VM entry, which allows host OS users to kill arbitrary processes or cause a denial of service (system disruption) by leveraging /dev/kvm access, as demonstrated by PR_SET_TSC prctl calls within a modified copy of QEMU.)
 CVE-2014-3688 (The SCTP implementation in the Linux kernel before 3.17.4 allows remote attackers to cause a denial of service (memory consumption) by triggering a large number of chunks in an association's output queue, as demonstrated by ASCONF probes, related to net/sctp/inqueue.c and net/sctp/sm_statefuns.c.)
 CVE-2014-3687 (The sctp_assoc_lookup_asconf_ack function in net/sctp/associola.c in the SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service (panic) via duplicate ASCONF chunks that trigger an incorrect uncork within the side-effect interpreter.)
 CVE-2014-3673 (The SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service (system crash) via a malformed ASCONF chunk, related to net/sctp/sm_make_chunk.c and net/sctp/sm_statefuns.c.)
 CVE-2014-3647 (arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel through 3.17.2 does not properly perform RIP changes, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application.)
 CVE-2014-3646 (arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel through 3.17.2 does not have an exit handler for the INVVPID instruction, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application.)
 CVE-2014-3645 (arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 3.12 does not have an exit handler for the INVEPT instruction, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application.)
 CVE-2014-3611 (Race condition in the __kvm_migrate_pit_timer function in arch/x86/kvm/i8254.c in the KVM subsystem in the Linux kernel through 3.17.2 allows guest OS users to cause a denial of service (host OS crash) by leveraging incorrect PIT emulation.)
 CVE-2014-3610 (The WRMSR processing functionality in the KVM subsystem in the Linux kernel through 3.17.2 does not properly handle the writing of a non-canonical address to a model-specific register, which allows guest OS users to cause a denial of service (host OS crash) by leveraging guest OS privileges, related to the wrmsr_interception function in arch/x86/kvm/svm.c and the handle_wrmsr function in arch/x86/kvm/vmx.c.)
Оригинальный текстdocumentMANDRIVA, [ MDVSA-2014:230 ] kernel (30.11.2014)
 documentDEBIAN, [SECURITY] [DSA 3060-1] linux security update (03.11.2014)
 documentUBUNTU, [USN-2394-1] Linux kernel (Trusty HWE) vulnerabilities (03.11.2014)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород