Computer Security
[EN] securityvulns.ru no-pyccku


EMC Network Configuration Manager session fixation
Published:11.08.2014
Source:
SecurityVulns ID:13910
Type:remote
Threat Level:
5/10
Description:Report Advisor session fixation.
Affected:EMC : EMC Network Configuration Manager 9.2
CVE:CVE-2014-2509 (Session fixation vulnerability in the Report Advisor (RA) component in EMC Network Configuration Manager (NCM) before 9.3 allows remote attackers to hijack web sessions via a session cookie.)
Original documentdocumentEMC, ESA-2014-055: EMC Network Configuration Manager (NCM) Report Advisor Session Fixation Vulnerability (11.08.2014)

IPython code execution
Published:11.08.2014
Source:
SecurityVulns ID:13911
Type:library
Threat Level:
5/10
Description:notebook server doesn't check websocket source.
Affected:IPYTHON : IPython Notebook 0.12
CVE:CVE-2014-3429 (IPython Notebook 0.12 through 1.x before 1.2 does not validate the origin of websocket requests, which allows remote attackers to execute arbitrary code by leveraging knowledge of the kernel id and a crafted page.)
Original documentdocumentMANDRIVA, [ MDVSA-2014:157 ] ipython (11.08.2014)

HP Operations Agent privilege escalation
Published:11.08.2014
Source:
SecurityVulns ID:13912
Type:local
Threat Level:
5/10
Description:Privilege escalation via Glance.
Affected:HP : HP Operations Agent 11.00
CVE:CVE-2014-2630 (Unspecified vulnerability in HP Operations Agent 11.00, when Glance is used, allows local users to gain privileges via unknown vectors.)
Original documentdocumentHP, [security bulletin] HPSBMU03086 rev.1 - HP Operations Agent running Glance, Local Elevation of Privilege (11.08.2014)

HP desktops and notebooks code execution
Published:11.08.2014
Source:
SecurityVulns ID:13913
Type:local
Threat Level:
7/10
Description:UEFI firmware code execution.
CVE:CVE-2014-4860
 CVE-2014-4859
Original documentdocumentHP, [security bulletin] HPSBHF03084 rev.1 HP PCs with UEFI Firmware, Execution of Arbitrary Code (11.08.2014)

glibc use-after-free
Published:11.08.2014
Source:
SecurityVulns ID:13915
Type:library
Threat Level:
5/10
Description:posix_spawn_file_actions_addopen() use-fater-free.
Affected:GNU : glibc 2.14
CVE:CVE-2014-4043 (The posix_spawn_file_actions_addopen function in glibc before 2.20 does not copy its path argument in accordance with the POSIX specification, which allows context-dependent attackers to trigger use-after-free vulnerabilities.)
Original documentdocumentMANDRIVA, [ MDVSA-2014:152 ] glibc (11.08.2014)

readline library symbolic links vulnerability
Published:11.08.2014
Source:
SecurityVulns ID:13916
Type:library
Threat Level:
6/10
Description:Symbolic links vulnerability in _rl_tropen()
Affected:READLINE : readline 6.2
CVE:CVE-2014-2524 (The _rl_tropen function in util.c in GNU readline before 6.3 patch 3 allows local users to create or overwrite arbitrary files via a symlink attack on a /var/tmp/rltrace.[PID] file.)
Original documentdocumentMANDRIVA, [ MDVSA-2014:154 ] readline (11.08.2014)

Cisco IOS DoS
Published:11.08.2014
Source:
SecurityVulns ID:13917
Type:remote
Threat Level:
6/10
Description:EnergyWise module DoS, UDP/43440 and TCP/43440
Affected:CISCO : IOS 12.2
 CISCO : IOS 15.0
 CISCO : IOS 15.1
 CISCO : IOS 15.2
 CISCO : IOS XE 3.5
 CISCO : IOS 15.4
CVE:CVE-2014-3327 (The EnergyWise module in Cisco IOS 12.2, 15.0, 15.1, 15.2, and 15.4 and IOS XE 3.2.xXO, 3.3.xSG, 3.4.xSG, and 3.5.xE before 3.5.3E allows remote attackers to cause a denial of service (device reload) via a crafted IPv4 packet, aka Bug ID CSCup52101.)
Files:Cisco IOS Software and Cisco IOS XE Software EnergyWise Crafted Packet Denial of Service Vulnerability

Apache Cordova multiple security vulnerabilities
Published:11.08.2014
Source:
SecurityVulns ID:13918
Type:local
Threat Level:
5/10
Description:Cross application scripting, restrictions bypass, information leakage.
Affected:APACHE : Cordova 3.5
CVE:CVE-2014-3502 (Apache Cordova Android before 3.5.1 allows remote attackers to open and send data to arbitrary applications via a URL with a crafted URI scheme for an Android intent.)
 CVE-2014-3501 (Apache Cordova Android before 3.5.1 allows remote attackers to bypass the HTTP whitelist and connect to arbitrary servers by using JavaScript to open WebSocket connections through WebView.)
 CVE-2014-3500 (Apache Cordova Android before 3.5.1 allows remote attackers to change the start page via a crafted intent URL.)
Original documentdocumentDavid Kaplan, (CVE-2014-3501/2/3) Apache Cordova for Android - Multiple Vulnerabilities (11.08.2014)

GnuPG Made Easy memory corruption
Published:11.08.2014
Source:
SecurityVulns ID:13919
Type:library
Threat Level:
5/10
Description:Memory corruption on certificates parsing.
Affected:GNU : gpgme 1.4
CVE:CVE-2014-3564 (Multiple heap-based buffer overflows in the status_handler function in (1) engine-gpgsm.c and (2) engine-uiserver.c in GPGME before 1.5.1 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to "different line lengths in a specific order.")
Original documentdocumentUBUNTU, [USN-2307-1] GPGME vulnerability (11.08.2014)

HP Application Lifecycle Management / Quality Center privilege escalation
Published:11.08.2014
Source:
SecurityVulns ID:13920
Type:remote
Threat Level:
5/10
Affected:HP : Application Lifecycle Management 12.0
CVE:CVE-2014-2631 (Unspecified vulnerability in HP Application Lifecycle Management (aka Quality Center) 11.5x and 12.0x allows local users to gain privileges via unknown vectors, aka ZDI-CAN-2138.)
Original documentdocumentHP, [security bulletin] HPSBMU03085 rev.1 - HP Application Lifecycle Management / Quality Center, Elevation of Privilege (11.08.2014)

Snack insufficient certificate check
Published:11.08.2014
Source:
SecurityVulns ID:13921
Type:library
Threat Level:
5/10
Description:Server hostname is not checked.
Affected:SMACK : smack 4.0
CVE:CVE-2014-5075 (The Ignite Realtime Smack XMPP API 4.x before 4.0.2, and 3.x and 2.x when a custom SSLContext is used, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.)
Original documentdocumentGeorg Lukas, CVE-2014-5075 MitM Vulnerability in the Smack XMPP Library for Java (11.08.2014)

dhcpcd DoS
Published:11.08.2014
Source:
SecurityVulns ID:13922
Type:remote
Threat Level:
5/10
Description:Infinite loop on server response parsing.
Affected:DHCPCD : dhcpcd 6.0
Original documentdocumentSLACKWARE, [slackware-security] dhcpcd (SSA:2014-213-02) (11.08.2014)

Linux kernel multiple security vulnerabilities
updated since 11.08.2014
Published:18.08.2014
Source:
SecurityVulns ID:13914
Type:local
Threat Level:
7/10
Description:DoS via ptrace syscall, filesystems mount options limitation bypass.
Affected:LINUX : kernel 3.15
CVE:CVE-2014-5207 (fs/namespace.c in the Linux kernel through 3.16.1 does not properly restrict clearing MNT_NODEV, MNT_NOSUID, and MNT_NOEXEC and changing MNT_ATIME_MASK during a remount of a bind mount, which allows local users to gain privileges, interfere with backups and auditing on systems that had atime enabled, or cause a denial of service (excessive filesystem updating) on systems that had atime disabled via a "mount -o remount" command within a user namespace.)
 CVE-2014-5206 (The do_remount function in fs/namespace.c in the Linux kernel through 3.16.1 does not maintain the MNT_LOCK_READONLY bit across a remount of a bind mount, which allows local users to bypass an intended read-only restriction and defeat certain sandbox protection mechanisms via a "mount -o remount" command within a user namespace.)
 CVE-2014-4699 (The Linux kernel before 3.15.4 on Intel processors does not properly restrict use of a non-canonical value for the saved RIP address in the case of a system call that does not use IRET, which allows local users to leverage a race condition and gain privileges, or cause a denial of service (double fault), via a crafted application that makes ptrace and fork system calls.)
Original documentdocumentUBUNTU, [USN-2318-1] Linux kernel vulnerabilities (18.08.2014)
 documentUBUNTU, [USN-2274-1] Linux kernel vulnerability (11.08.2014)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod