Информационная безопасность
[RU] switch to English


Утечка информации в HP Network Node Manager i
дополнено с 6 апреля 2011 г.
Опубликовано:31 октября 2011 г.
Источник:
SecurityVulns ID:11567
Тип:удаленная
Уровень опасности:
5/10
Затронутые продукты:HP : Network Node Manager i 9.0
CVE:CVE-2011-1534 (Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x allows remote authenticated users to obtain access to processes via unknown vectors.)
 CVE-2011-0898 (Cross-site scripting (XSS) vulnerability in HP Network Node Manager i (NNMi) 9.00 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.)
 CVE-2011-0897 (Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.00 allows local users to read arbitrary files via unknown vectors.)
 CVE-2011-0895 (Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x and 8.1x allows remote authenticated users to obtain sensitive information via unknown vectors.)
 CVE-2010-4476 (The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a crafted string that triggers an infinite loop of estimations during conversion to a double-precision binary floating-point number, as demonstrated using 2.2250738585072012e-308.)
 CVE-2010-0738 (The JMX-Console web application in JBossAs in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 performs access control only for the GET and POST methods, which allows remote attackers to send requests to this application's GET handler by using a different method.)
Оригинальный текстdocumentHP, [security bulletin] HPSBMU02714 SSRT100244 rev.1 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Unauthorized Disclosure of Information (31.10.2011)
 documentHP, [security bulletin] HPSBMA02659 SSRT100440 rev.1 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Unauthorized Access (19.04.2011)
 documentHP, [security bulletin] HPSBMA02643 SSRT100416 rev.2 - HP Network Node Manager i (NNMi), Local Unauthorized Read Access to Files, Remote Cross Site Scripting (XSS) (14.04.2011)
 documentHP, [security bulletin] HPSBUX02642 SSRT100415 rev.1 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows running Java, Remote Denial of Service (DoS) (14.04.2011)
 documentHP, [security bulletin] HPSBMA02652 SSRT100432 rev.2 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Information Disclosure (06.04.2011)

Обход защиты в коммутаторах Cisco Nexus
дополнено с 13 сентября 2011 г.
Опубликовано:31 октября 2011 г.
Источник:
SecurityVulns ID:11907
Тип:удаленная
Уровень опасности:
6/10
Описание:Возможно обойти ограничения ACL. Возможно выполнение кода.
Затронутые продукты:CISCO : Cisco MDS 9000
 CISCO : Cisco Nexus 5000
 CISCO : Cisco Nexus 7000
 CISCO : Cisco Nexus 3000
 CISCO : Cisco Nexus 2000
 CISCO : Cisco Nexus 4000
CVE:CVE-2011-2581 (The ACL implementation in Cisco NX-OS 5.0(2) and 5.0(3) before 5.0(3)N2(1) on Nexus 5000 series switches, and NX-OS before 5.0(3)U1(2a) on Nexus 3000 series switches, does not properly handle comments in conjunction with deny statements, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances by sending packets, aka Bug IDs CSCto09813 and CSCtr61490.)
 CVE-2011-2569 (Cisco Nexus OS (aka NX-OS) 4.2 and 5.0 and Cisco Unified Computing System with software 1.4 and 2.0 do not properly restrict command-line options, which allows local users to gain privileges via unspecified vectors, aka Bug IDs CSCtf40008, CSCtg18363, CSCtr44645, CSCts10195, and CSCts10188.)
Оригинальный текстdocumentCISCO, RE: [CVE-2011-2569] Cisco Nexus OS (NX-OS) - Command "injection" / sanitization issues. (31.10.2011)
 document0x9950_(at)_gmail.com, [CVE-2011-2569] Cisco Nexus OS (NX-OS) - Command "injection" / sanitization issues. (26.10.2011)
 documentCISCO, Cisco Security Advisory: Cisco Nexus 5000 and 3000 Series Switches Access Control List Bypass Vulnerability (13.09.2011)

Многочисленные уязвимости безопасности в Adobe Acrobat / Reader
дополнено с 16 сентября 2011 г.
Опубликовано:31 октября 2011 г.
Источник:
SecurityVulns ID:11911
Тип:клиент
Уровень опасности:
7/10
Описание:Повышение привилегий, утечка памяти, выполнение кода, многочисленные переполнения буфера.
Затронутые продукты:ADOBE : Reader 10.1
 ADOBE : Acrobat 10.1
CVE:CVE-2011-2442 (Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allow attackers to execute arbitrary code via unspecified vectors, related to a "logic error vulnerability.")
 CVE-2011-2441 (Multiple stack-based buffer overflows in CoolType.dll in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allow attackers to execute arbitrary code via unspecified vectors.)
 CVE-2011-2440 (Use-after-free vulnerability in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allows attackers to execute arbitrary code via unspecified vectors.)
 CVE-2011-2439 (Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allow attackers to execute arbitrary code via unspecified vectors, related to a "memory leakage condition vulnerability.")
 CVE-2011-2438 (Multiple stack-based buffer overflows in the image-parsing library in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allow attackers to execute arbitrary code via unspecified vectors.)
 CVE-2011-2437 (Heap-based buffer overflow in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2433 and CVE-2011-2434.)
 CVE-2011-2436 (Heap-based buffer overflow in the image-parsing library in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allows attackers to execute arbitrary code via unspecified vectors.)
 CVE-2011-2435 (Buffer overflow in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allows attackers to execute arbitrary code via unspecified vectors.)
 CVE-2011-2434 (Heap-based buffer overflow in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2433 and CVE-2011-2437.)
 CVE-2011-2433 (Heap-based buffer overflow in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2434 and CVE-2011-2437.)
 CVE-2011-2432 (Buffer overflow in the U3D TIFF Resource in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allows attackers to execute arbitrary code via unspecified vectors.)
 CVE-2011-2431 (Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allow attackers to execute arbitrary code via unspecified vectors, related to a "security bypass vulnerability.")
 CVE-2011-2411 (Unspecified vulnerability on HP NonStop Servers with software H06.x through H06.23.00 and J06.x through J06.12.00, when Samba is used, allows remote authenticated users to execute arbitrary code via unknown vectors.)
 CVE-2011-1353 (Unspecified vulnerability in Adobe Reader 10.x before 10.1.1 on Windows allows local users to gain privileges via unknown vectors.)
Оригинальный текстdocumentZDI, ZDI-11-296 : Adobe Reader BMP Image RLE Decoding Remote Code Execution Vulnerability (31.10.2011)
 documentZDI, ZDI-11-297 : Adobe Reader U3D PCX Parsing Remote Code Execution Vulnerability (31.10.2011)
 documentZDI, ZDI-11-298 : Adobe Reader U3D IFF RGBA Parsing Remote Code Execution Vulnerability (31.10.2011)
 documentZDI, ZDI-11-299 : Adobe Reader PICT Parsing Remote Code Execution Vulnerability (31.10.2011)
 documentZDI, ZDI-11-300 : Adobe Reader U3D PICT 10h Encoding Remote Code Execution Vulnerability (31.10.2011)
 documentZDI, ZDI-11-301 : Adobe Reader U3D PICT 0Eh Encoding Remote Code Execution Vulnerability (31.10.2011)
 documentZDI, ZDI-11-302 : Adobe Reader U3D TIFF Resource Buffer Overflow Remote Code Execution Vulnerability (31.10.2011)
 documentZDI, ZDI-11-310 : Adobe Reader Compound Glyph Index Sign Extension Remote Code Execution Vulnerability (31.10.2011)
 documentVUPEN Security Research, VUPEN Security Research - Adobe Acrobat and Reader TIFF BitsPerSample Heap Overflow Vulnerability (16.09.2011)
 documentVUPEN Security Research, VUPEN Security Research - Adobe Acrobat and Reader Picture Dimensions Heap Overflow Vulnerability (16.09.2011)
 documentVUPEN Security Research, VUPEN Security Research - Adobe Acrobat and Reader IFF Processing Heap Overflow Vulnerability (16.09.2011)
 documentVUPEN Security Research, VUPEN Security Research - Adobe Acrobat and Reader PCX Processing Heap Overflow Vulnerability (16.09.2011)
 documentVUPEN Security Research, VUPEN Security Research - Adobe Acrobat and Reader BMP Dimensions Heap Overflow Vulnerability (16.09.2011)
 documentVUPEN Security Research, VUPEN Security Research - Adobe Acrobat and Reader Picture Processing Stack Overflow Vulnerability (16.09.2011)
 documentIDEFENSE, iDefense Security Advisory 09.13.11: Adobe Reader and Acrobat JPEG Processing Use After Free Vulnerability (16.09.2011)
 documentADOBE, Security updates available for Adobe Reader and Acrobat (16.09.2011)

DoS против Cisco Video Surveillance
Опубликовано:31 октября 2011 г.
Источник:
SecurityVulns ID:12004
Тип:удаленная
Уровень опасности:
5/10
Описание:Отказ при разборе RTSP-пакета.
Затронутые продукты:CISCO : Video Surveillance 2500
 CISCO : Video Surveillance 2421
 CISCO : Video Surveillance 2600
CVE:CVE-2011-3318 (Cisco Video Surveillance 2421 and 2500 series cameras with software 1.1.x and 2.x before 2.4.0 and Video Surveillance 2600 series cameras with software before 4.2.0-13 allow remote attackers to cause a denial of service (device reload) by sending crafted RTSP packets over TCP, aka Bug IDs CSCtj96312, CSCtj39462, and CSCtl80175.)
Оригинальный текстdocumentCISCO, Cisco Security Advisory: Denial of Service Vulnerability in Cisco Video Surveillance IP Cameras (31.10.2011)

Переполнение буфера в Novell iPrint
Опубликовано:31 октября 2011 г.
Источник:
SecurityVulns ID:12006
Тип:удаленная
Уровень опасности:
6/10
Описание:Переполнение буфера в функции GetDriverSettings
CVE:CVE-2011-3173 (Stack-based buffer overflow in the GetDriverSettings function in nipplib.dll in the iPrint client in Novell Open Enterprise Server 2 (aka OES2) SP3 allows remote attackers to execute arbitrary code via a long (1) hostname or (2) port field.)
Оригинальный текстdocumentZDI, ZDI-11-309 : Novell iPrint Client nipplib.dll GetDriverSettings Remote Code Execution Vulnerability (31.10.2011)

Повышение привилегий в HP-UX Containers
Опубликовано:31 октября 2011 г.
Источник:
SecurityVulns ID:12007
Тип:локальная
Уровень опасности:
5/10
Затронутые продукты:HP : HP-UX 11.31
CVE:CVE-2011-3164 (Unspecified vulnerability in HP-UX Containers (formerly HP-UX Secure Resource Partitions (SRP)) A.03.00, A.03.00.002, and A.03.01, when running with patch PHKL_42310, allows local users to gain privileges via unknown vectors.)
Оригинальный текстdocumentHP, [security bulletin] HPSBUX02715 SSRT100623 rev.2 - HP-UX Containers (SRP), Local Unauthorized Access and Increased Privileges (31.10.2011)

Утечка информации в tor
Опубликовано:31 октября 2011 г.
Источник:
SecurityVulns ID:12008
Тип:m-i-t-m
Уровень опасности:
5/10
Описание:Возможна различные комбинированные атаки на деанонимизацию пользователя.
Затронутые продукты:TOR : tor 0.2
CVE:CVE-2011-2769 (Tor before 0.2.2.34, when configured as a bridge, accepts the CREATE and CREATE_FAST values in the Command field of a cell within an OR connection that it initiated, which allows remote relays to enumerate bridges by using these values.)
 CVE-2011-2768 (Tor before 0.2.2.34, when configured as a client or bridge, sends a TLS certificate chain as part of an outgoing OR connection, which allows remote relays to bypass intended anonymity properties by reading this chain and then determining the set of entry guards that the client or bridge had selected.)
Оригинальный текстdocumentDEBIAN, [SECURITY] [DSA 2331-1] tor security update (31.10.2011)

Обратный путь в каталогах Cisco Unified Communications Manager / Cisco Unified Contact Center Express
дополнено с 31 октября 2011 г.
Опубликовано:11 ноября 2011 г.
Источник:
SecurityVulns ID:12003
Тип:удаленная
Уровень опасности:
5/10
Описание:Обратный путь в каталогах во встроенных веб-службах на портах TCP/8080 и TCP/9080.
Затронутые продукты:CISCO : Unified Communications Manager 6.1
 CISCO : Unified Communications Manager 7.1
 CISCO : Unified Communications Manager 8.0
 CISCO : Unified Communications Manager 8.5
 CISCO : Unified Contact Center Express 6.0
 CISCO : Unified Contact Center Express 7.0
 CISCO : Unified Contact Center Express 8.0
 CISCO : Unified Contact Center Express 8.5
CVE:CVE-2011-3315 (Directory traversal vulnerability in Cisco Unified Communications Manager (CUCM) 5.x and 6.x before 6.1(5)SU2, 7.x before 7.1(5b)SU2, and 8.x before 8.0(3), and Cisco Unified Contact Center Express (aka Unified CCX or UCCX) and Cisco Unified IP Interactive Voice Response (Unified IP-IVR) before 6.0(1)SR1ES8, 7.0(x) before 7.0(2)ES1, 8.0(x) through 8.0(2)SU3, and 8.5(x) before 8.5(1)SU2, allows remote attackers to read arbitrary files via a crafted URL, aka Bug IDs CSCth09343 and CSCts44049.)
Оригинальный текстdocumententomology, Cisco CUCM - Multiple Vulnerabilities (11.11.2011)
 documentddivulnalert_(at)_ddifrontline.com, DDIVRT-2011-35 Cisco Unified Contact Center Express Directory Traversal [CVE-2011-3315] (31.10.2011)
 documentCISCO, Cisco Security Advisory: Cisco Unified Contact Center Express Directory Traversal Vulnerability (31.10.2011)
 documentCISCO, Cisco Security Advisory: Cisco Unified Communications Manager Directory Traversal Vulnerability (31.10.2011)

Переполнение буфера в Cisco WebEx Player
дополнено с 31 октября 2011 г.
Опубликовано:9 апреля 2012 г.
Источник:
SecurityVulns ID:12005
Тип:клиент
Уровень опасности:
5/10
Описание:Переполнение буфера при разборе файлов .WRF
Затронутые продукты:CISCO : WebEx Player T26
 CISCO : WebEx Player T27
CVE:CVE-2011-3319 (Buffer overflow in the WRF parsing functionality in the Cisco WebEx Recording Format (WRF) player T26 before SP49 EP40 and T27 before SP28 allows remote attackers to execute arbitrary code via a crafted WRF file.)
Оригинальный текстdocumentCISCO, Cisco Security Advisory: Buffer Overflow Vulnerabilities in the Cisco WebEx Player (09.04.2012)
 documentZDI, ZDI-11-341 : Cisco WebEx Player WRF Type 0 Parsing Remote Code Execution Vulnerability (11.12.2011)
 documentCISCO, ZDI-11-308 : Cisco WebEx Player ATAS32.DLL linesProcessed Remote Code Execution Vulnerability (31.10.2011)
 documentCISCO, Cisco Security Advisory: Buffer Overflow Vulnerabilities in the Cisco WebEx Player (31.10.2011)

Многочисленные уязвимости безопасности в Apple QuickTime
дополнено с 31 октября 2011 г.
Опубликовано:20 августа 2012 г.
Источник:
SecurityVulns ID:12002
Тип:удаленная
Уровень опасности:
7/10
Описание:Многочисленные повреждения памяти при разборе различных форматов данных, межсайтовый скриптинг.
Затронутые продукты:APPLE : QuickTime 7.7
CVE:CVE-2011-3251 (Apple QuickTime before 7.7.1 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted TKHD atoms in a QuickTime movie file.)
 CVE-2011-3250 (Integer overflow in Apple QuickTime before 7.7.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with JPEG2000 encoding.)
 CVE-2011-3249 (Buffer overflow in Apple QuickTime before 7.7.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with FLC encoding.)
 CVE-2011-3248 (Integer signedness error in Apple QuickTime before 7.7.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted font table in a QuickTime movie file.)
 CVE-2011-3247 (Integer overflow in Apple QuickTime before 7.7.1 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PICT file.)
 CVE-2011-3228 (QuickTime in Apple Mac OS X before 10.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file.)
 CVE-2011-3223 (Buffer overflow in QuickTime in Apple Mac OS X before 10.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FLIC movie file.)
 CVE-2011-3222 (Buffer overflow in QuickTime in Apple Mac OS X before 10.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FlashPix file.)
 CVE-2011-3221 (QuickTime in Apple Mac OS X before 10.7.2 does not properly handle the atom hierarchy in movie files, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted file.)
 CVE-2011-3220 (QuickTime in Apple Mac OS X before 10.7.2 does not properly process URL data handlers in movie files, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted file.)
 CVE-2011-3219 (Buffer overflow in CoreMedia, as used in Apple iTunes before 10.5, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with H.264 encoding.)
 CVE-2011-3218 (The "Save for Web" selection in QuickTime Player in Apple Mac OS X through 10.6.8 exports HTML documents that contain an http link to a script file, which allows man-in-the-middle attackers to conduct cross-site scripting (XSS) attacks by spoofing the http server during local viewing of an exported document.)
Оригинальный текстdocumentZDI, ZDI-12-136 : Apple QuickTime Invalid Public Movie Atom Remote Code Execution Vulnerability (20.08.2012)
 documentZDI, ZDI-12-004 : Apple Quicktime JPEG2000 COD Remote Code Execution Vulnerability (09.01.2012)
 documentZDI, ZDI-12-005 : Apple Quicktime RLE BGRA Decoding Remote Code Execution Vulnerability (09.01.2012)
 documentZDI, ZDI-11-340 : Apple Quicktime Font Table Signed Length Remote Code Execution Vulnerability (11.12.2011)
 documentZDI, ZDI-11-316 : Apple QuickTime H264 Matrix Conversion Remote Code Execution Vulnerability (31.10.2011)
 documentZDI, ZDI-11-315 : Apple QuickTime FLC Delta Decompression Remote Code Execution Vulnerability (31.10.2011)
 documentZDI, ZDI-11-314 : Apple Quicktime PnPixPat PatType 3 Parsing Remote Code Execution Vulnerability (31.10.2011)
 documentZDI, ZDI-11-312 : Apple QuickTime Atom Hierarachy Argument Size Mismatch Remote Code Execution Vulnerability (31.10.2011)
 documentZDI, ZDI-11-313 : Apple QuickTime FLC RLE Packet Count Decompression Remote Code Execution Vulnerability (31.10.2011)
 documentZDI, ZDI-11-311 : Apple Quicktime Empty URL Data Handler Remote Code Execution Vulnerability (31.10.2011)
 documentZDI, ZDI-11-303 : Apple QuickTime H264 Stream frame_cropping Remote Code Execution Vulnerability (31.10.2011)
 documentZDI, ZDI-11-304 : Apple Quicktime Advanced Audio Codec Frame Parsing Remote Code Execution Vulnerability (31.10.2011)
 documentAPPLE, APPLE-SA-2011-10-26-1 QuickTime 7.7.1 (31.10.2011)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород