Computer Security
[EN] securityvulns.ru no-pyccku


nbd privilege escalation
Published:01.12.2013
Source:
SecurityVulns ID:13433
Type:remote
Threat Level:
6/10
Description:Invalid access control lists processing.
Affected:NBD : nbd 3.2
Original documentdocumentDEBIAN, [SECURITY] [DSA 2806-1] nbd security update (01.12.2013)

Sup-mail commands injection
Published:01.12.2013
Source:
SecurityVulns ID:13435
Type:client
Threat Level:
5/10
Description:It's possible to inject commands via filename and Content-Type.
Affected:SUP : sup 0.12
CVE:CVE-2013-4479 (lib/sup/message_chunks.rb in Sup before 0.13.2.1 and 0.14.x before 0.14.1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the content_type of an email attachment.)
 CVE-2013-4478 (Sup before 0.13.2.1 and 0.14.x before 0.14.1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename of an email attachment.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 2805-1] sup-mail security update (01.12.2013)

HP Service Manager / HP ServiceCenter multiple security vulnerabilities
updated since 05.11.2013
Published:01.12.2013
Source:
SecurityVulns ID:13385
Type:remote
Threat Level:
6/10
Description:Code execution, privilege escalation, information leakage, XSS.
Affected:HP : HP Service Manager 9.32
CVE:CVE-2013-4844 (Unspecified vulnerability in HP Service Manager 7.11, 9.21, 9.30, 9.31, and 9.32, and ServiceCenter 6.2.8, allows remote attackers to execute arbitrary code via unknown vectors.)
 CVE-2013-4844 (Unspecified vulnerability in HP Service Manager 7.11, 9.21, 9.30, 9.31, and 9.32, and ServiceCenter 6.2.8, allows remote attackers to execute arbitrary code via unknown vectors.)
 CVE-2013-4833 (Cross-site scripting (XSS) vulnerability in HP Service Manager 9.30 through 9.32 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.)
 CVE-2013-4832 (HP Service Manager 9.30 through 9.32 allows remote authenticated users to obtain sensitive information via unspecified vectors.)
 CVE-2013-4831 (HP Service Manager 9.30 through 9.32 does not properly manage privileges, which allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors.)
 CVE-2013-4830 (HP Service Manager 9.30 through 9.32 allows remote attackers to execute arbitrary code via an unspecified "injection" approach.)
Original documentdocumentHP, [security bulletin] HPSBGN02942 rev.1 - HP Service Manager and ServiceCenter, Remote Code Execution (01.12.2013)
 documentHP, [security bulletin] HPSBMU02931 rev.2 - HP Service Manager, Injection of Arbitrary Code, Remote Privilege Elevation, Remote Disclosure of Privileged Information and Cross Site Scripting (XSS) (05.11.2013)

quagga security vulnerabilities
Published:01.12.2013
Source:
SecurityVulns ID:13436
Type:remote
Threat Level:
8/10
Description:OSPF parsing buffer overflow, BGP DoS.
Affected:QUAGGA : quagga 0.99
CVE:CVE-2013-6051 (The bgp_attr_unknown function in bgp_attr.c in Quagga 0.99.21 does not properly initialize the total variable, which allows remote attackers to cause a denial of service (bgpd crash) via a crafted BGP update.)
 CVE-2013-2236 (Stack-based buffer overflow in the new_msg_lsa_change_notify function in the OSPFD API (ospf_api.c) in Quagga before 0.99.22.2, when --enable-opaque-lsa and the -a command line option are used, allows remote attackers to cause a denial of service (crash) via a large LSA.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 2803-1] quagga security update (01.12.2013)

glibc security vulnerabilities
updated since 03.10.2013
Published:01.12.2013
Source:
SecurityVulns ID:13324
Type:library
Threat Level:
7/10
Description:Integer overflows in pvalloc, valloc, posix_memalign/memalign/aligned_alloc, invalid PTR_MANGLE implementation, getaddrinfo() stack overflow, strcoll_l.c integer overflow and buffer overflow.
Affected:GNU : glibc 2.15
 GNU : glibc 2.5
 GNU : glibc 2.18
CVE:CVE-2013-4788 (The PTR_MANGLE implementation in the GNU C Library (aka glibc or libc6) 2.4, 2.17, and earlier, and Embedded GLIBC (EGLIBC) does not initialize the random value for the pointer guard, which makes it easier for context-dependent attackers to control execution flow by leveraging a buffer-overflow vulnerability in an application and using the known zero value pointer guard to calculate a pointer address.)
 CVE-2013-4458 (Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in GNU C Library (aka glibc or libc6) 2.18 and earlier allows remote attackers to cause a denial of service (crash) via a (1) hostname or (2) IP address that triggers a large number of AF_INET6 address results. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-1914.)
 CVE-2013-4332 (Multiple integer overflows in malloc/malloc.c in the GNU C Library (aka glibc or libc6) 2.18 and earlier allow context-dependent attackers to cause a denial of service (heap corruption) via a large value to the (1) pvalloc, (2) valloc, (3) posix_memalign, (4) memalign, or (5) aligned_alloc functions.)
 CVE-2012-4424 (Stack-based buffer overflow in string/strcoll_l.c in the GNU C Library (aka glibc or libc6) 2.17 and earlier allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string that triggers a malloc failure and use of the alloca function.)
 CVE-2012-4412 (Integer overflow in string/strcoll_l.c in the GNU C Library (aka glibc or libc6) 2.17 and earlier allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string, which triggers a heap-based buffer overflow.)
Original documentdocumentMANDRIVA, [ MDVSA-2013:284 ] glibc (01.12.2013)
 documentgeinblues_(at)_gmail.com, glibc 2.5 <= reloc types to crash bug (28.10.2013)
 documentSLACKWARE, [slackware-security] glibc (SSA:2013-260-01) (03.10.2013)

Ruby security vulnerabilities
updated since 01.12.2013
Published:29.05.2014
Source:
SecurityVulns ID:13434
Type:library
Threat Level:
5/10
Description:DoS, restrictions bypass.
Affected:RUBY : Ruby 2.1
CVE:CVE-2013-4164 (Heap-based buffer overflow in Ruby 1.8, 1.9 before 1.9.3-p484, 2.0 before 2.0.0-p353, 2.1 before 2.1.0 preview2, and trunk before revision 43780 allows context-dependent attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a string that is converted to a floating point value, as demonstrated using (1) the to_f method or (2) JSON.parse.)
 CVE-2013-2065 ((1) DL and (2) Fiddle in Ruby 1.9 before 1.9.3 patchlevel 426, and 2.0 before 2.0.0 patchlevel 195, do not perform taint checking for native functions, which allows context-dependent attackers to bypass intended $SAFE level restrictions.)
Original documentdocumentAPPLE, APPLE-SA-2014-15-20-1 OS X Server 3.1.2 (29.05.2014)
 documentUBUNTU, [USN-2035-1] Ruby vulnerabilities (01.12.2013)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod