Computer Security
[EN] securityvulns.ru no-pyccku


HP ServiceCenter DoS
Published:11.03.2013
Source:
SecurityVulns ID:12930
Type:remote
Threat Level:
5/10
Affected:HP : HP ServiceCenter 6.2
CVE:CVE-2012-5214 (Unspecified vulnerability in HP ServiceCenter 6.2.8 before 6.2.8.10 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors.)
Original documentdocumentHP, [security bulletin] HPSBMU02849 SSRT101124 rev.1 - HP ServiceCenter, Remote Denial of Service (DoS) (11.03.2013)

HP LaserJet Pro printers unauthorized access
Published:11.03.2013
Source:
SecurityVulns ID:12931
Type:remote
Threat Level:
5/10
Affected:HP : LaserJet Pro P1102w
 HP : LaserJet Pro P1606dn
 HP : LaserJet Pro M1212nf
 HP : LaserJet Pro M1213nf
 HP : LaserJet Pro M1214nf
 HP : LaserJet Pro M1216nf
 HP : LaserJet Pro M1217nf
 HP : LaserJet Pro M1219nf
 HP : LaserJet Pro M1218nf
 HP : LaserJet Pro CP1025nw
CVE:CVE-2012-5215 (Unspecified vulnerability on the HP LaserJet Pro M1212nf, M1213nf, M1214nfh, M1216nfh, M1217nfw, and M1219nf, and HotSpot LaserJet Pro M1218nfs, with firmware before 20130211; LaserJet Pro CP1025nw with firmware before 20130212; and LaserJet Pro P1102w and P1606dn with firmware before 20130213 allows remote attackers to modify data or cause a denial of service via unknown vectors.)
Original documentdocumentHP, [security bulletin] HPSBPI02851 SSRT101078 rev.1 - Certain HP LaserJet Pro Printers, Unauthorized Access to Data (11.03.2013)

HP Intelligent Management Center multiple security vulnerabilities
Published:11.03.2013
Source:
SecurityVulns ID:12932
Type:remote
Threat Level:
6/10
Description:Crossite scripting, code execution, information disclosure.
CVE:CVE-2012-5213 (Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to obtain sensitive information via unknown vectors, aka ZDI-CAN-1662.)
 CVE-2012-5212 (Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka ZDI-CAN-1663.)
 CVE-2012-5211 (Unspecified vulnerability in HP Intelligent Management Center (iMC) User Access Manager (UAM) before 5.2 E0402 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka ZDI-CAN-1643.)
 CVE-2012-5210 (Unspecified vulnerability in HP Intelligent Management Center (iMC) TACACS+ Authentication Manager (TAM) before 5.2 E0401 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka ZDI-CAN-1646.)
 CVE-2012-5209 (Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1659.)
 CVE-2012-5208 (Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka ZDI-CAN-1615.)
 CVE-2012-5207 (Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka ZDI-CAN-1661.)
 CVE-2012-5206 (Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka ZDI-CAN-1660.)
 CVE-2012-5205 (Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka ZDI-CAN-1650.)
 CVE-2012-5204 (Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka ZDI-CAN-1614.)
 CVE-2012-5203 (Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka ZDI-CAN-1613.)
 CVE-2012-5202 (Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka ZDI-CAN-1612.)
 CVE-2012-5201 (Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1611.)
 CVE-2012-5200 (Cross-site scripting (XSS) vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.)
Original documentdocumentInshell Security, [IA32] HP Intelligent Management Center v5.1 E0202 topoContent.jsf Non-Persistent Cross-Site Scripting (11.03.2013)
 documentHP, [security bulletin] HPSBGN02854 SSRT100881 rev.1 - HP Intelligent Management Center (iMC), iMC TACACS+ Authentication Manager (TAM), and iMC User Access Manager (UAM), Cross Site Scripting (XSS), Remote Code Execution, (11.03.2013)

Verax NMS multiple security vulnerabilities
Published:11.03.2013
Source:
SecurityVulns ID:12933
Type:remote
Threat Level:
5/10
Description:Authentication bypass, replay attacks, hardcoded private key, information leakage.
Affected:VERAX : Verax NMS 2.0
CVE:CVE-2013-1631
 CVE-2013-1352
 CVE-2013-1351
 CVE-2013-1350
Original documentdocumentJust Bugs, Verax NMS Password Disclosure (CVE-2013-1631) (11.03.2013)
 documentJust Bugs, Verax NMS Hardcoded Private Key (CVE-2013-1352) (11.03.2013)
 documentJust Bugs, Verax NMS Password Replay Attack (CVE-2013-1351) (11.03.2013)
 documentJust Bugs, Verax NMS Authenication Bypass (CVE-2013-1350) (11.03.2013)

libosip2 / SIP Witch DoS
Published:11.03.2013
Source:
SecurityVulns ID:12935
Type:library
Threat Level:
5/10
Description:NULL pointer dereference
Affected:SIPWITCH : SIP Witch 0.7
 LIBOSIP : libosip2 4.0
Original documentdocumenttytusromekiatomek_(at)_hushmail.com, SIP Witch 0.7.4 w/libosip2-4.0.0 DoS via NULL pointer derefence in libosip2 (11.03.2013)

Samsung TV buffer overflow
Published:11.03.2013
Source:
SecurityVulns ID:12936
Type:remote
Threat Level:
4/10
Description:Buffer overflow on TCP/7676 SOAPACTION request processing.
Affected:SAMSUNG : Samsung ue55es6800
Original documentdocumenttytusromekiatomek_(at)_hushmail.com, Samsung TV DoS (possible overflow) via SOAPACTION (11.03.2013)

Apache mod_dav_svn DoS
Published:11.03.2013
Source:
SecurityVulns ID:12937
Type:remote
Threat Level:
5/10
Description:NULL pointer dereference on MKACTIVITY and PROPDINF requests processing.
Affected:APACHE : mod_dav_svn 1.6
Original documentdocumenttytusromekiatomek_(at)_hushmail.com, Apache Subversion mod_dav_svn DoS via MKACTIVITY/PROPFIND (11.03.2013)

Kaspersky Internet Security DoS
Published:11.03.2013
Source:
SecurityVulns ID:12939
Type:remote
Threat Level:
5/10
Description:Different DoS conditions on IPv6 processing.
Affected:KASPERSKY : Kaspersky Internet Security 2013
Original documentdocumentMarc Heuse, Remote system freeze thanks to Kaspersky Internet Security 2013 (11.03.2013)

xen multiple security vulnerabilities
Published:11.03.2013
Source:
SecurityVulns ID:12940
Type:local
Threat Level:
5/10
Description:Different DoS conditions.
CVE:CVE-2013-0153 (The AMD IOMMU support in Xen 4.2.x, 4.1.x, 3.3, and other versions, when using AMD-Vi for PCI passthrough, uses the same interrupt remapping table for the host and all guests, which allows guests to cause a denial of service by injecting an interrupt into other guests.)
 CVE-2012-5634 (Xen 4.2.x, 4.1.x, and 4.0, when using Intel VT-d for PCI passthrough, does not properly configure VT-d when supporting a device that is behind a legacy PCI Bridge, which allows local guests to cause a denial of service to other guests by injecting an interrupt.)
 CVE-2012-5511 (Stack-based buffer overflow in the dirty video RAM tracking functionality in Xen 3.4 through 4.1 allows local HVM guest OS administrators to cause a denial of service (crash) via a large bitmap image.)
 CVE-2012-4544 (The PV domain builder in Xen 4.2 and earlier does not validate the size of the kernel or ramdisk (1) before or (2) after decompression, which allows local guest administrators to cause a denial of service (domain 0 memory consumption) via a crafted (a) kernel or (b) ramdisk.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 2636-1] xen security update (11.03.2013)

rpi-update symlink vulnerability
Published:11.03.2013
Source:
SecurityVulns ID:12942
Type:local
Threat Level:
5/10
Description:Unsafe temp file creation.
Original documentdocumentlarry0_(at)_me.com, Re: rpi-update tmpfile vulnerability (11.03.2013)
 documentTechnion, rpi-update tmpfile vulnerability (11.03.2013)

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:11.03.2013
Source:
SecurityVulns ID:12944
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:MNOGOSEARCH : mnoGoSearch 3.3
 WORDPRESS : WordPress 3.3
 QUESTION2ANSWER : Question2Answer 1.5
 WORDPRESS : Count-Per-Day 3.2
 COSCMS : CosCms 1.721
 WORDPRESS : Events Manager 5.3
 APACHE : FileUpload 1.2
 DALIM : DALIM Dialog Server 6.0
 GWOS : GroundWork Monitor 6.7
 SWFUPLOAD : SWFUpload 2.2
CVE:CVE-2013-2501 (Cross-site scripting (XSS) vulnerability in the Terillion Reviews plugin before 1.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the ProfileId field.)
 CVE-2013-1668 (The uploadFile function in upload/index.php in CosCMS before 1.822 allows remote administrators to execute arbitrary commands via shell metacharacters in the name of an uploaded file.)
 CVE-2013-1413 (Multiple cross-site scripting (XSS) vulnerabilities in synetics i-doit open 0.9.9-7, i-doit pro 1.0 and earlier, and i-doit pro 1.0.2 when the 'sanitize user input' flag is not enabled, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.)
 CVE-2013-1407 (Multiple cross-site scripting (XSS) vulnerabilities in the Events Manager plugin before 5.3.5 and Events Manager Pro plugin before 2.2.9 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) scope parameter to index.php; (2) user_name, (3) dbem_phone, (4) user_email, or (5) booking_comment parameter to and event with registration enabled; or the (6) _wpnonce parameter to wp-admin/edit.php.)
Original documentdocumentMustLive, AoF, IAA and CSRF vulnerabilities in Question2Answer (11.03.2013)
 documentMustLive, Exploit for stealing admin's account in Question2Answer (11.03.2013)
 documentMustLive, CS and XSS vulnerabilities in SWFUpload (11.03.2013)
 documentEmmanuel FARCY, Stored XSS in Terillion Reviews Wordpress Plugin (11.03.2013)
 documentSEC Consult Vulnerability Lab, SEC Consult SA-20130308-1 :: Multiple vulnerabilities in GroundWork Monitor Enterprise (part 2) (11.03.2013)
 documentSEC Consult Vulnerability Lab, SEC Consult SA-20130308-0 :: Multiple critical vulnerabilities in GroundWork Monitor Enterprise (part 1) (11.03.2013)
 documentddivulnalert_(at)_ddifrontline.com, DDIVRT-2013-51 DALIM Dialog Server 'logfile' Local File Inclusion (11.03.2013)
 documentAPACHE, [SECURITY] CVE-2013-0248 Apache Commons FileUpload - Insecure examples (11.03.2013)
 documentHigh-Tech Bridge Security Research, Multiple XSS vulnerabilities in Events Manager WordPress plugin (11.03.2013)
 documentHigh-Tech Bridge Security Research, OS Command Injection in CosCms (11.03.2013)
 documentnoreply_(at)_ptsecurity.ru, [PT-2013-17] Arbitrary Files Reading in mnoGoSearch (11.03.2013)
 documentalejandr0.m0f0_(at)_gmail.com, WordPress Count-Per-Day plugin 3.2.5. Type-1 (reflected) Cross Site Scripting (XSS) (11.03.2013)
 documentstephan.rickauer_(at)_csnc.ch, CVE-2013-1413 (11.03.2013)

OpenAFS buffer overflow
Published:11.03.2013
Source:
SecurityVulns ID:12945
Type:remote
Threat Level:
6/10
Description:Few different buffer overflows.
Affected:MNOGOSEARCH : mnoGoSearch 3.3
 OPENAFS : OpenAFS 1.6
CVE:CVE-2013-1795 (Integer overflow in ptserver in OpenAFS before 1.6.2 allows remote attackers to cause a denial of service (crash) via a large list from the IdToName RPC, which triggers a heap-based buffer overflow.)
 CVE-2013-1794 (Buffer overflow in certain client utilities in OpenAFS before 1.6.2 allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a long fileserver ACL entry.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 2638-1] openafs security update (11.03.2013)

Linux kernel multiple security vulnerabilities
updated since 11.03.2013
Published:19.03.2013
Source:
SecurityVulns ID:12943
Type:local
Threat Level:
6/10
Description:DoS, privilege escalation, information leakage.
Affected:LINUX : kernel 3.0
 LINUX : kernel 3.7
CVE:CVE-2013-1796 (The kvm_set_msr_common function in arch/x86/kvm/x86.c in the Linux kernel through 3.8.4 does not ensure a required time_page alignment during an MSR_KVM_SYSTEM_TIME operation, which allows guest OS users to cause a denial of service (buffer overflow and host OS memory corruption) or possibly have unspecified other impact via a crafted application.)
 CVE-2013-1774 (The chase_port function in drivers/usb/serial/io_ti.c in the Linux kernel before 3.7.4 allows local users to cause a denial of service (NULL pointer dereference and system crash) via an attempted /dev/ttyUSB read or write operation on a disconnected Edgeport USB serial converter.)
 CVE-2013-1773 (Buffer overflow in the VFAT filesystem implementation in the Linux kernel before 3.3 allows local users to gain privileges or cause a denial of service (system crash) via a VFAT write operation on a filesystem with the utf8 mount option, which is not properly handled during UTF-8 to UTF-16 conversion.)
 CVE-2013-0349 (The hidp_setup_hid function in net/bluetooth/hidp/core.c in the Linux kernel before 3.7.6 does not properly copy a certain name field, which allows local users to obtain sensitive information from kernel memory by setting a long name and making an HIDPCONNADD ioctl call.)
 CVE-2013-0313 (The evm_update_evmxattr function in security/integrity/evm/evm_crypto.c in the Linux kernel before 3.7.5, when the Extended Verification Module (EVM) is enabled, allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via an attempted removexattr operation on an inode of a sockfs filesystem.)
 CVE-2013-0311 (The translate_desc function in drivers/vhost/vhost.c in the Linux kernel before 3.7 does not properly handle cross-region descriptors, which allows guest OS users to obtain host OS privileges by leveraging KVM guest OS privileges.)
 CVE-2013-0268 (The msr_open function in arch/x86/kernel/msr.c in the Linux kernel before 3.7.6 allows local users to bypass intended capability restrictions by executing a crafted application as root, as demonstrated by msr32.c.)
 CVE-2013-0231 (The pciback_enable_msi function in the PCI backend driver (drivers/xen/pciback/conf_space_capability_msi.c) in Xen for the Linux kernel 2.6.18 and 3.8 allows guest OS users with PCI device access to cause a denial of service via a large number of kernel log messages. NOTE: some of these details are obtained from third party information.)
 CVE-2013-0228 (The xen_iret function in arch/x86/xen/xen-asm_32.S in the Linux kernel before 3.7.9 on 32-bit Xen paravirt_ops platforms does not properly handle an invalid value in the DS segment register, which allows guest OS users to gain guest OS privileges via a crafted application.)
 CVE-2013-0217 (Memory leak in drivers/net/xen-netback/netback.c in the Xen netback functionality in the Linux kernel before 3.7.8 allows guest OS users to cause a denial of service (memory consumption) by triggering certain error conditions.)
 CVE-2013-0216 (The Xen netback functionality in the Linux kernel before 3.7.8 allows guest OS users to cause a denial of service (loop) by triggering ring pointer corruption.)
 CVE-2013-0190 (The xen_failsafe_callback function in Xen for the Linux kernel 2.6.23 and other versions, when running a 32-bit PVOPS guest, allows local users to cause a denial of service (guest crash) by triggering an iret fault, leading to use of an incorrect stack pointer and stack corruption.)
Original documentdocumentLINUX, [USN-1767-1] Linux kernel vulnerabilities (19.03.2013)
 documentUBUNTU, [USN-1756-1] Linux kernel vulnerabilities (11.03.2013)

libxml2 DoS
updated since 11.03.2013
Published:08.04.2013
Source:
SecurityVulns ID:12938
Type:library
Threat Level:
5/10
Description:CPU exhaustion.
Affected:LIBXML2 : libxml2 2.7
CVE:CVE-2013-0339 (libxml2 through 2.9.1 does not properly handle external entities expansion unless an application developer uses the xmlSAX2ResolveEntity or xmlSetExternalEntityLoader function, which allows remote attackers to cause a denial of service (resource consumption), send HTTP requests to intranet servers, or read arbitrary files via a crafted XML document, aka an XML External Entity (XXE) issue. NOTE: it could be argued that because libxml2 already provides the ability to disable external entity expansion, the responsibility for resolving this issue lies with application developers; according to this argument, this entry should be REJECTed and each affected application would need its own CVE.)
 CVE-2013-0338 (libxml2 2.9.0 and earlier allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via an XML file containing an entity declaration with long replacement text and many references to this entity, aka "internal entity expansion" with linear complexity.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 2652-1] libxml2 security update (08.04.2013)
 documentMANDRIVA, [ MDVSA-2013:017 ] libxml2 (11.03.2013)

Foscam cameras security vulnerabilities
updated since 11.03.2013
Published:29.07.2013
Source:
SecurityVulns ID:12941
Type:remote
Threat Level:
5/10
Description:Directory traversal, CSRF.
CVE:CVE-2013-2574
 CVE-2013-2560 (Directory traversal vulnerability in the web interface on Foscam devices with firmware before 11.37.2.49 allows remote attackers to read arbitrary files via a .. (dot dot) in the URI, as demonstrated by discovering (1) web credentials or (2) Wi-Fi credentials.)
Original documentdocumentCORE SECURITY TECHNOLOGIES ADVISORIES, CORE-2013-0613 - FOSCAM IP-Cameras Improper Access Restrictions (29.07.2013)
 documentshekyan_(at)_gmail.com, [CVE-REQUEST] Multiple CSRF vulnerabilities on Foscam IP cameras web UI (15.04.2013)
 documentFrederic Basse, [CVE-REQUEST] Foscam <= 11.37.2.48 path traversal vulnerability (11.03.2013)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod