Computer Security
[EN] securityvulns.ru no-pyccku


Cisco Unified Computing System E DoS
Published:10.09.2014
Source:
SecurityVulns ID:13953
Type:remote
Threat Level:
5/10
Description:SSH DoS in built in management controller.
Affected:CISCO : Cisco UCS E140
 CISCO : Cisco UCS E160
 CISCO : Cisco UCS EN120
CVE:CVE-2014-3348 (The SSH module in the Integrated Management Controller (IMC) before 2.3.1 in Cisco Unified Computing System on E-Series blade servers allows remote attackers to cause a denial of service (IMC hang) via a crafted SSH packet, aka Bug ID CSCuo69206.)
Files:Cisco Unified Computing System E-Series Blade Servers Cisco Integrated Management Controller SSH Denial of Service Vulnerability

IBM WebSphere Application Server XSS
Published:10.09.2014
Source:
SecurityVulns ID:13954
Type:remote
Threat Level:
5/10
Description:Integrated Solutions Console crossite scripting.
Affected:IBM : WebSphere Application Server (WAS) Integrated Solutions Console 7.0
Original documentdocumentmain_(at)_gsmcnamara.com, IBM WebSphere Application Server (WAS) Integrated Solutions Console Login Page username Parameter Reflected XSS Security Vulnerability (10.09.2014)

ppp privilege escalation
Published:10.09.2014
Source:
SecurityVulns ID:13955
Type:remote
Threat Level:
5/10
Description:Access to privileged options is possible.
CVE:CVE-2014-3158 (Integer overflow in the getword function in options.c in pppd in Paul's PPP Package (ppp) before 2.4.7 allows attackers to "access privileged options" via a long word in an options file, which triggers a heap-based buffer overflow that "[corrupts] security-relevant variables.")
Original documentdocumentMANDRIVA, [ MDVSA-2014:178 ] ppp (10.09.2014)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod