Computer Security
[EN] securityvulns.ru no-pyccku


Openswan / Strongswan security vulnerabilities
updated since 07.04.2014
Published:07.05.2014
Source:
SecurityVulns ID:13670
Type:remote
Threat Level:
7/10
Description:Buffer overflow, DoS, protection bypass.
Affected:OPENSWAN : Openswan 2.6
 STRONGSWAN : strongSwan 5.1
CVE:CVE-2014-2891 (strongSwan before 5.1.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a crafted ID_DER_ASN1_DN ID payload.)
 CVE-2014-2338 (IKEv2 in strongSwan 4.0.7 before 5.1.3 allows remote attackers to bypass authentication by rekeying an IKE_SA during (1) initiation or (2) re-authentication, which triggers the IKE_SA state to be set to established.)
 CVE-2013-6466 (Openswan 2.6.39 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon restart) via IKEv2 packets that lack expected payloads.)
 CVE-2013-2053 (Buffer overflow in the atodn function in Openswan before 2.6.39, when Opportunistic Encryption is enabled and an RSA key is being used, allows remote attackers to cause a denial of service (pluto IKE daemon crash) and possibly execute arbitrary code via crafted DNS TXT records. NOTE: this might be the same vulnerability as CVE-2013-2052 and CVE-2013-2054.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 2922-1] strongswan security update (07.05.2014)
 documentDEBIAN, [SECURITY] [DSA 2903-1] strongswan security update (04.05.2014)
 documentDEBIAN, [SECURITY] [DSA 2893-1] openswan security update (07.04.2014)

Apache Struts multiple security vulnerabilities
updated since 02.05.2014
Published:07.05.2014
Source:
SecurityVulns ID:13701
Type:remote
Threat Level:
6/10
Description:Few ClassLoader manipulation vulnerabilities with potential RCE impact.
Affected:APACHE : Struts 2.3
 APACHE : Struts 1.3
CVE:CVE-2014-0114 (The ActionForm object in Apache Struts 1.x through 1.3.10 allows remote attackers to "manipulate" the ClassLoader and execute arbitrary code via the class parameter, which is passed to the getClass method.)
 CVE-2014-0112 (ParametersInterceptor in Apache Struts before 2.3.16.2 does not properly restrict access to the getClass method, which allows remote attackers to "manipulate" the ClassLoader and execute arbitrary code via a crafted request. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-0094.)
 CVE-2014-0094 (The ParametersInterceptor in Apache Struts before 2.3.16.1 allows remote attackers to "manipulate" the ClassLoader via the class parameter, which is passed to the getClass method.)
Original documentdocumentAPACHE, [ANN] Struts 2.3.16.3 GA release available - security fix (07.05.2014)
 documentAPACHE, [ANN][SECURITY] Struts 1 - CVE-2014-0114 -Mitigation Advice Available, Possible RCE Impact (02.05.2014)
 documentAPACHE, [ANN][SECURITY] ClassLoader manipulation issue confirmed for Struts 1 - CVE-2014-0114 (02.05.2014)
 documentAPACHE, [ANN] Struts 2.3.16.2 GA release available - security fix (02.05.2014)

OpenStack multiple security vulnerabilities
Published:07.05.2014
Source:
SecurityVulns ID:13750
Type:remote
Threat Level:
5/10
Description:Glance code execution, Neutron and Swift unauthorized access, Horizon crossite scripting, Quantum / Cinder / Oslo information leakage.
Affected:OPENSTACK : Cinder 2012.2
 OPENSTACK : Horizon 2013.2
 OPENSTACK : Glance 2013.2
 OPENSTACK : Neutron 2013.2
 OPENSTACK : Swift 1.10
 OPENSTACK : Oslo 2013.2
 OPENSTACK : Quantum 2012.2
CVE:CVE-2014-0162 (The Sheepdog backend in OpenStack Image Registry and Delivery Service (Glance) 2013.2 before 2013.2.4 and icehouse before icehouse-rc2 allows remote authenticated users with permission to insert or modify an image to execute arbitrary commands via a crafted location.)
 CVE-2014-0157 (Cross-site scripting (XSS) vulnerability in the Horizon Orchestration dashboard in OpenStack Dashboard (aka Horizon) 2013.2 before 2013.2.4 and icehouse before icehouse-rc2 allows remote attackers to inject arbitrary web script or HTML via the description field of a Heat template.)
 CVE-2014-0056 (The l3-agent in OpenStack Neutron 2012.2 before 2013.2.3 does not check the tenant id when creating ports, which allows remote authenticated users to plug ports into the routers of arbitrary tenants via the device id in a port-create command.)
 CVE-2014-0006 (The TempURL middleware in OpenStack Object Storage (Swift) 1.4.6 through 1.8.0, 1.9.0 through 1.10.0, and 1.11.0 allows remote attackers to obtain secret URLs by leveraging an object name and a timing side-channel attack.)
 CVE-2013-6491 (The python-qpid client (common/rpc/impl_qpid.py) in OpenStack Oslo before 2013.2 does not enforce SSL connections when qpid_protocol is set to ssl, which allows remote attackers to obtain sensitive information by sniffing the network.)
Original documentdocumentUBUNTU, [USN-2208-2] OpenStack Quantum vulnerability (07.05.2014)
 documentUBUNTU, [USN-2208-1] OpenStack Cinder vulnerability (07.05.2014)
 documentUBUNTU, [USN-2193-1] OpenStack Glance vulnerability (07.05.2014)
 documentUBUNTU, [USN-2194-1] OpenStack Neutron vulnerability (07.05.2014)
 documentUBUNTU, [USN-2206-1] OpenStack Horizon vulnerability (07.05.2014)
 documentUBUNTU, [USN-2207-1] OpenStack Swift vulnerability (07.05.2014)

Cyberduck protection bypass
Published:07.05.2014
Source:
SecurityVulns ID:13751
Type:m-i-t-m
Threat Level:
5/10
Description:Invali FTP-SSL root ceritificates check.
Affected:CYBERDUCK : Cyberduck 4.4
CVE:CVE-2014-2845
Original documentdocumentMicha.Borrmann_(at)_SySS.de, CVE-2014-2845 - Cyberduck (Windows): Failure validating some certificates (using FTP-SSL) with untrusted root certificate authority (07.05.2014)

Citrix Netscaler security vulnerabilities
Published:07.05.2014
Source:
SecurityVulns ID:13752
Type:remote
Threat Level:
5/10
Description:Weak Diffie-Hellman protocol implementation, lack of SSL cerificate check.
Affected:CITRIX : NetScaler Application Delivery Controller 10.1
CVE:CVE-2014-2882 (Unspecified vulnerability in the management GUI in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 9.3-66.5 and 10.x before 10.1-122.17 has unspecified impact and vectors, related to certificate validation.)
 CVE-2014-2881 (Unspecified vulnerability in the Diffie-Hellman key agreement implementation in the management GUI Java applet in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 9.3-66.5 and 10.x before 10.1-122.17 has unknown impact and vectors.)
Original documentdocumentadvisories_(at)_portcullis-security.com, CVE-2014-2882 - Lack of SSL Certificate Validation in Citrix Netscaler (07.05.2014)
 documentadvisories_(at)_portcullis-security.com, CVE-2014-2881 - Poor Quality Implementation of Diffie-Hellman Key Exchange in Citrix Netscaler (07.05.2014)

IBM AIX security vulnerabilities
Published:07.05.2014
Source:
SecurityVulns ID:13753
Type:local
Threat Level:
5/10
Description:ptrace information leak and DoS.
CVE:CVE-2014-0930 (The ptrace system call in IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.2.x, allows local users to cause a denial of service (system crash) or obtain sensitive information from kernel memory via a crafted PT_LDINFO operation.)
Original documentdocumentadvisories_(at)_portcullis-security.com, CVE-2014-0930 - Kernel Memory Leak And Denial Of Service Condition in IBM AIX (07.05.2014)

libxml2 DoS
Published:07.05.2014
Source:
SecurityVulns ID:13754
Type:library
Threat Level:
5/10
Description:CPU exhaustion on XML parsing.
CVE:CVE-2014-0191 (Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 11.1.1.7.0, 12.1.2.0, and 12.1.3.0 allows remote attackers to affect availability via unknown vectors related to Web Listener, a different vulnerability than CVE-2013-0338, CVE-2013-2877, and CVE-2015-0386.)
Original documentdocumentStefan Cornelius, [oss-security] CVE-2014-0191 libxml2: external parameter entity loaded when entity substitution is disabled (07.05.2014)

libvirt security vulnerabilities
Published:07.05.2014
Source:
SecurityVulns ID:13755
Type:library
Threat Level:
5/10
Description:DoS, smbolic links vulnerability.
CVE:CVE-2013-7336 (The qemuMigrationWaitForSpice function in qemu/qemu_migration.c in libvirt before 1.1.3 does not properly enter a monitor when performing seamless SPICE migration, which allows local users to cause a denial of service (NULL pointer dereference and libvirtd crash) by causing domblkstat to be called at the same time as the qemuMonitorGetSpiceMigrationStatus function.)
 CVE-2013-6456 (The LXC driver (lxc/lxc_driver.c) in libvirt 1.0.1 through 1.2.1 allows local users to (1) delete arbitrary host devices via the virDomainDeviceDettach API and a symlink attack on /dev in the container; (2) create arbitrary nodes (mknod) via the virDomainDeviceAttach API and a symlink attack on /dev in the container; and cause a denial of service (shutdown or reboot host OS) via the (3) virDomainShutdown or (4) virDomainReboot API and a symlink attack on /dev/initctl in the container, related to "paths under /proc/$PID/root" and the virInitctlSetRunLevel function.)
Original documentdocumentUBUNTU, [USN-2209-1] libvirt vulnerabilities (07.05.2014)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod