Computer Security
[EN] securityvulns.ru no-pyccku


ejabberd weak cypher
updated since 12.10.2013
Published:19.01.2014
Source:
SecurityVulns ID:13362
Type:m-i-t-m
Threat Level:
4/10
Description:Weak cyphers vulnerability allows to lower protocol version.
Affected:EJABBERD : ejabberd 2.1
CVE:CVE-2013-6169 (The TLS driver in ejabberd before 2.1.12 supports (1) SSLv2 and (2) weak SSL ciphers, which makes it easier for remote attackers to obtain sensitive information via a brute-force attack.)
Original documentdocumentMANDRIVA, [ MDVSA-2014:005 ] ejabberd (19.01.2014)
 documentDEBIAN, [SECURITY] [DSA 2775-1] ejabberd security update (12.10.2013)

libxslt DoS
updated since 02.04.2013
Published:19.01.2014
Source:
SecurityVulns ID:12980
Type:library
Threat Level:
5/10
Description:Crash on XSLT documents parsing.
Affected:LIBXSLT : libxslt 1.1
CVE:CVE-2013-4520 (xslt.c in libxslt before 1.1.25 allows context-dependent attackers to cause a denial of service (crash) via a stylesheet that embeds a DTD, which causes a structure to be accessed as a different type. NOTE: this issue is due to an incomplete fix for CVE-2012-2825.)
 CVE-2012-6139 (libxslt before 1.1.28 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an (1) empty match attribute in a XSL key to the xsltAddKey function in keys.c or (2) uninitialized variable to the xsltDocumentFunction function in functions.c.)
 CVE-2012-2825 (The XSL implementation in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service (incorrect read operation) via unspecified vectors.)
Original documentdocumentMANDRIVA, [ MDVSA-2014:006 ] libxslt (19.01.2014)
 documentUBUNTU, [USN-1784-1] libxslt vulnerability (02.04.2013)

cups information leakage
Published:19.01.2014
Source:
SecurityVulns ID:13530
Type:local
Threat Level:
5/10
Description:lppasswd allows to read information from local files.
Affected:CUPS : cups 1.7
CVE:CVE-2013-6891 (lppasswd in CUPS before 1.7.1, when running with setuid privileges, allows local users to read portions of arbitrary files via a modified HOME environment variable and a symlink attack involving .cups/client.conf.)
Original documentdocumentUBUNTU, [USN-2082-1] CUPS vulnerability (19.01.2014)

bsnmpd buffer overflow
Published:19.01.2014
Source:
SecurityVulns ID:13531
Type:remote
Threat Level:
7/10
Description:Buffer overflow on GETBULK request processing.
Affected:BNSMPD : bsnmpd 1.12
CVE:CVE-2014-1452 (Stack-based buffer overflow in lib/snmpagent.c in bsnmpd, as used in FreeBSD 8.3 through 10.0, allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a crafted GETBULK PDU request.)
Original documentdocumentFREEBSD, FreeBSD Security Advisory FreeBSD-SA-14:01.bsnmpd (19.01.2014)

Cisco Secure Access Control System multiple security vulnerabilities
Published:19.01.2014
Source:
SecurityVulns ID:13532
Type:remote
Threat Level:
7/10
Description:Uauthorized access, commands injection.
Affected:CISCO : Secure ACS 5.4
CVE:CVE-2014-0650 (The web interface in Cisco Secure Access Control System (ACS) 5.x before 5.4 Patch 3 allows remote attackers to execute arbitrary operating-system commands via a request to this interface, aka Bug ID CSCue65962.)
 CVE-2014-0648 (The RMI interface in Cisco Secure Access Control System (ACS) 5.x before 5.5 does not properly enforce authentication and authorization requirements, which allows remote attackers to obtain administrative access via a request to this interface, aka Bug ID CSCud75187.)
Files:Multiple Vulnerabilities in Cisco Secure Access Control System

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:19.01.2014
Source:
SecurityVulns ID:13533
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:PIVOTAL : Spring 3.2
 PIVOTAL : Spring 4.0
 MOVABLETYPE : Movable Type 6.0
 MOVABLETYPE : Movable Type 5.2
 QPULSE : Q-Pulse 0.6
 PLONE : Plone 4.3
 JOOMLA : Sexy Polling 1.0
 NAGIOS : Nagios 3.5
 NAGIOS : Nagios 4.0
 ICINGA : Icinga 1.10
CVE:CVE-2014-1238
 CVE-2014-0977 (Cross-site scripting (XSS) vulnerability in the Rich Text Editor in Movable Type 5.0x, 5.1x before 5.161, 5.2.x before 5.2.9, and 6.0.x before 6.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.)
 CVE-2013-7219 (SQL injection vulnerability in vote.php in the 2Glux Sexy Polling (com_sexypolling) component before 1.0.9 for Joomla! allows remote attackers to execute arbitrary SQL commands via the answer_id[] parameter.)
 CVE-2013-7205 (Off-by-one error in the process_cgivars function in contrib/daemonchk.c in Nagios Core 3.5.1, 4.0.2, and earlier allows remote authenticated users to obtain sensitive information from process memory or cause a denial of service (crash) via a long string in the last key value in the variable list, which triggers a heap-based buffer over-read.)
 CVE-2013-7108 (Multiple off-by-one errors in Nagios Core 3.5.1, 4.0.2, and earlier, and Icinga before 1.8.5, 1.9 before 1.9.4, and 1.10 before 1.10.2 allow remote authenticated users to obtain sensitive information from process memory or cause a denial of service (crash) via a long string in the last key value in the variable list to the process_cgivars function in (1) avail.c, (2) cmd.c, (3) config.c, (4) extinfo.c, (5) histogram.c, (6) notifications.c, (7) outages.c, (8) status.c, (9) statusmap.c, (10) summary.c, and (11) trends.c in cgi/, which triggers a heap-based buffer over-read.)
 CVE-2013-6430
 CVE-2013-6429 (The SourceHttpMessageConverter in Spring MVC in Spring Framework before 3.2.5 and 4.0.0.M1 through 4.0.0.RC1 does not disable external entity resolution, which allows remote attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via crafted XML, aka an XML External Entity (XXE) issue, and a different vulnerability than CVE-2013-4152 and CVE-2013-7315.)
 CVE-2013-4200 (The isURLInPortal method in the URLTool class in in_portal.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 treats URLs starting with a space as a relative URL, which allows remote attackers to bypass the allow_external_login_sites filtering property, redirect users to arbitrary web sites, and conduct phishing attacks via a space before a URL in the "next" parameter to acl_users/credentials_cookie_auth/require_login.)
 CVE-2013-4152 (The Spring OXM wrapper in Spring Framework before 3.2.4 and 4.0.0.M1, when using the JAXB marshaller, does not disable entity resolution, which allows context-dependent attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via an XML external entity declaration in conjunction with an entity reference in a (1) DOMSource, (2) StAXSource, (3) SAXSource, or (4) StreamSource, aka an XML External Entity (XXE) issue.)
Original documentdocumentali.hussein_(at)_helpag.com, [CVE-2014-1238] Cross Site Scripting(XSS) in q-pulse application (19.01.2014)
 documentDEBIAN, [SECURITY] [DSA 2841-1] movabletype-opensource security update (19.01.2014)
 documentPivotal Security Team, CVE-2013-6429 Fix for XML External Entity (XXE) injection (CVE-2013-4152) in Spring Framework was incomplete (19.01.2014)
 documentPivotal Security Team, CVE-2013-6430 Possible XSS when using Spring MVC (19.01.2014)
 documentAlexandre Herzog, CVE-2013-4200 - Plone URL redirection / Forwarding of cookie data (session hijack) in certain browsers (19.01.2014)
 documentHigh-Tech Bridge Security Research, SQL Injection in Sexy Polling Joomla Extension (19.01.2014)
 documentMANDRIVA, [ MDVSA-2014:004 ] nagios (19.01.2014)

Starbucks mobile application information leakage
Published:19.01.2014
Source:
SecurityVulns ID:13534
Type:local
Threat Level:
4/10
Description:Insecure user data storing.
Affected:STARBUCKS : Starbucks 2.6
CVE:CVE-2014-0647 (The Starbucks 2.6.1 application for iOS stores sensitive information in plaintext in the Crashlytics log file (/Library/Caches/com.crashlytics.data/com.starbucks.mystarbucks/session.clslog), which allows attackers to discover usernames, passwords, and e-mail addresses via an application that reads session.clslog.)
Original documentdocumentDaniel Wood, [CVE-2014-0647] Insecure Data Storage of User Data Elements in Starbucks v2.6.1 iOS mobile application (19.01.2014)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod