Computer Security
[EN] securityvulns.ru no-pyccku


GnuPG security vulnerabilities
Published:12.10.2013
Source:
SecurityVulns ID:13360
Type:library
Threat Level:
5/10
Description:Protection bypass, DoS.
Affected:GNU : GnuPG 2.1
CVE:CVE-2013-4402 (GnuPG 1.4.x before 1.4.15 and 2.0.x before 2.0.22 allows remote attackers to cause a denial of service (infinite recursion) via a crafted OpenPGP message.)
 CVE-2013-4351 (GnuPG 1.4.x, 2.0.x, and 2.1.x treats a key flags subpacket with all bits cleared (no usage permitted) as if it has all bits set (all usage permitted), which might allow remote attackers to bypass intended cryptographic protection mechanisms by leveraging the subkey.)
Original documentdocumentMANDRIVA, [ MDVSA-2013:247 ] gnupg (12.10.2013)

xinetd privilege escalation
Published:12.10.2013
Source:
SecurityVulns ID:13361
Type:remote
Threat Level:
5/10
Description:tcpmux-server service is executed with root privileges.
Affected:XINETD : xinetd 2.1
CVE:CVE-2013-4342 (xinetd does not enforce the user and group configuration directives for TCPMUX services, which causes these services to be run as root and makes it easier for remote attackers to gain privileges by leveraging another vulnerability in a service.)
Original documentdocumentMANDRIVA, [ MDVSA-2013:248 ] xinetd (12.10.2013)

Cyrus SASL DoS
Published:12.10.2013
Source:
SecurityVulns ID:13363
Type:library
Threat Level:
5/10
Description:Crash on some values for password's salt.
Affected:CYRUS : libsasl 2.1
CVE:CVE-2013-4122 (Cyrus SASL 2.1.23, 2.1.26, and earlier does not properly handle when a NULL value is returned upon an error by the crypt function as implemented in glibc 2.17 and later, which allows remote attackers to cause a denial of service (thread crash and consumption) via (1) an invalid salt or, when FIPS-140 is enabled, a (2) DES or (3) MD5 encrypted password, which triggers a NULL pointer dereference.)
Original documentdocumentUBUNTU, [USN-1988-1] Cyrus SASL vulnerability (12.10.2013)

HP Business Process Monitor security vulnerabilities
Published:12.10.2013
Source:
SecurityVulns ID:13364
Type:remote
Threat Level:
6/10
Description:Information leak, code execution.
Affected:HP : Business Process Monitor 9.22
CVE:CVE-2013-4804 (Unspecified vulnerability in HP Business Process Monitor 9.13.1 patch 1 and 9.22 patch 1 allows remote attackers to execute arbitrary code and obtain sensitive information via unknown vectors.)
 CVE-2013-2366 (Unspecified vulnerability in HP Business Process Monitor 9.13.1 patch 1 and 9.22 patch 1 allows remote attackers to execute arbitrary code and obtain sensitive information via unknown vectors, aka ZDI-CAN-1802.)
Original documentdocumentHP, [security bulletin] HPSBMU02901 rev.1 - HP Business Process Monitor running on Windows, Remote Execution of Arbitrary Code and Disclosure of Information (12.10.2013)

systemd security vulnerabilities
Published:12.10.2013
Source:
SecurityVulns ID:13365
Type:local
Threat Level:
6/10
Description:Integer overflow, protection bypass, privilege escalation.
CVE:CVE-2013-4394 (The SetX11Keyboard function in systemd, when PolicyKit Local Authority (PKLA) is used to change the group permissions on the X Keyboard Extension (XKB) layouts description, allows local users in the group to modify the Xorg X11 Server configuration file and possibly gain privileges via vectors involving "special and control characters.")
 CVE-2013-4391 (Integer overflow in the valid_user_field function in journal/journald-native.c in systemd allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large journal data field, which triggers a heap-based buffer overflow.)
 CVE-2013-4327 (systemd does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec process, a related issue to CVE-2013-4288.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 2777-1] systemd security update (12.10.2013)

Network Audio System security vulnerabilities
updated since 02.10.2013
Published:12.10.2013
Source:
SecurityVulns ID:13300
Type:remote
Threat Level:
5/10
Description:Code execution, Denial of service.
Affected:NAS : nas 1.9
CVE:CVE-2013-4258 (Format string vulnerability in the osLogMsg function in server/os/aulog.c in Network Audio System (NAS) 1.9.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in unspecified vectors, related to syslog.)
 CVE-2013-4257 (** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-4256. Reason: This issue was MERGED into CVE-2013-4256 because it is the same type of vulnerability. Notes: All CVE users should reference CVE-2013-4256 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.)
 CVE-2013-4256 (Multiple stack-based and heap-based buffer overflows in Network Audio System (NAS) 1.9.3 allow local users to cause a denial of service (crash) or possibly execute arbitrary code via the (1) display command argument to the ProcessCommandLine function in server/os/utils.c; (2) ResetHosts function in server/os/access.c; (3) open_unix_socket, (4) open_isc_local, (5) open_xsight_local, (6) open_att_local, or (7) open_att_svr4_local function in server/os/connection.c; the (8) AUDIOHOST environment variable to the CreateWellKnownSockets or (9) AmoebaTCPConnectorThread function in server/os/connection.c; or (10) unspecified vectors related to logging in the osLogMsg function in server/os/aulog.c.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 2771-1] nas security update (12.10.2013)
 documentUBUNTU, [USN-1986-1] Network Audio System (NAS) vulnerabilities (02.10.2013)

ejabberd weak cypher
updated since 12.10.2013
Published:19.01.2014
Source:
SecurityVulns ID:13362
Type:m-i-t-m
Threat Level:
4/10
Description:Weak cyphers vulnerability allows to lower protocol version.
Affected:EJABBERD : ejabberd 2.1
CVE:CVE-2013-6169 (The TLS driver in ejabberd before 2.1.12 supports (1) SSLv2 and (2) weak SSL ciphers, which makes it easier for remote attackers to obtain sensitive information via a brute-force attack.)
Original documentdocumentMANDRIVA, [ MDVSA-2014:005 ] ejabberd (19.01.2014)
 documentDEBIAN, [SECURITY] [DSA 2775-1] ejabberd security update (12.10.2013)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod