Computer Security
[EN] securityvulns.ru no-pyccku


stunnel crypto vulnerabilities
Published:20.04.2015
Source:
SecurityVulns ID:14417
Type:remote
Threat Level:
5/10
Description:Entropy pools are reused if fork() if used for threading.
Affected:STUNNEL : stunnel 4.0
CVE:CVE-2014-0016 (stunnel before 5.00, when using fork threading, does not properly update the state of the OpenSSL pseudo-random number generator (PRNG), which causes subsequent children with the same process ID to use the same entropy pool and allows remote attackers to obtain private keys for EC (ECDSA) or DSA certificates.)
Original documentdocumentMANDRIVA, [ MDVSA-2015:096 ] stunnel (20.04.2015)

snmplib / snmpd DoS
Published:20.04.2015
Source:
SecurityVulns ID:14418
Type:remote
Threat Level:
5/10
Description:Multiple DoS conditions.
Affected:NETSNMP : net-snmp 5.7
CVE:CVE-2014-3565 (snmplib/mib.c in net-snmp 5.7.0 and earlier, when the -OQ option is used, allows remote attackers to cause a denial of service (snmptrapd crash) via a crafted SNMP trap message, which triggers a conversion to the variable type designated in the MIB file, as demonstrated by a NULL type in an ifMtu trap message.)
 CVE-2014-2285 (The perl_trapd_handler function in perl/TrapReceiver/TrapReceiver.xs in Net-SNMP 5.7.3.pre3 and earlier, when using certain Perl versions, allows remote attackers to cause a denial of service (snmptrapd crash) via an empty community string in an SNMP trap, which triggers a NULL pointer dereference within the newSVpv function in Perl.)
 CVE-2014-2284 (The Linux implementation of the ICMP-MIB in Net-SNMP 5.5 before 5.5.2.1, 5.6.x before 5.6.2.1, and 5.7.x before 5.7.2.1 does not properly validate input, which allows remote attackers to cause a denial of service via unspecified vectors.)
Original documentdocumentMANDRIVA, [ MDVSA-2015:092 ] net-snmp (20.04.2015)

python-numpy symbolic links vulnerability
Published:20.04.2015
Source:
SecurityVulns ID:14419
Type:local
Threat Level:
5/10
Description:Symbolic links vulnerability on temporary files creation.
Affected:PYTHON : numpy 1.7
CVE:CVE-2014-1859
 CVE-2014-1858
Original documentdocumentMANDRIVA, [ MDVSA-2015:077 ] python-numpy (20.04.2015)

cabextract directory traversal
Published:20.04.2015
Source:
SecurityVulns ID:14420
Type:local
Threat Level:
5/10
Description:Directory traversal on files extraction.
Affected:CABEXTRACT : cabextract 1.5
CVE:CVE-2015-2060
Original documentdocumentMANDRIVA, [ MDVSA-2015:064 ] cabextract (20.04.2015)

libpng security vulnerabilities
updated since 15.05.2014
Published:20.04.2015
Source:
SecurityVulns ID:13773
Type:library
Threat Level:
6/10
Description:Few integer overflows lead to heap buffer overrun.
Affected:libpng : libpng 1.5
CVE:CVE-2014-9495 (Heap-based buffer overflow in the png_combine_row function in libpng before 1.5.21 and 1.6.x before 1.6.16, when running on 64-bit systems, might allow context-dependent attackers to execute arbitrary code via a "very wide interlaced" PNG image.)
 CVE-2014-0333 (The png_push_read_chunk function in pngpread.c in the progressive decoder in libpng 1.6.x through 1.6.9 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via an IDAT chunk with a length of zero.)
 CVE-2013-7354 (Multiple integer overflows in libpng before 1.5.14rc03 allow remote attackers to cause a denial of service (crash) via a crafted image to the (1) png_set_sPLT or (2) png_set_text_2 function, which triggers a heap-based buffer overflow.)
 CVE-2013-7353 (Integer overflow in the png_set_unknown_chunks function in libpng/pngset.c in libpng before 1.5.14beta08 allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a crafted image, which triggers a heap-based buffer overflow.)
Original documentdocumentMANDRIVA, [ MDVSA-2015:090 ] libpng (20.04.2015)
 documentMANDRIVA, [ MDVSA-2014:084 ] libpng (15.05.2014)

libarchive directory traversal
updated since 16.03.2015
Published:20.04.2015
Source:
SecurityVulns ID:14320
Type:library
Threat Level:
5/10
Description:Directory traversal and symbolic links vulnerability in cpio implementation.
Affected:LIBARCHIVE : libarchive 3.1
CVE:CVE-2015-2304 (Absolute path traversal vulnerability in bsdcpio in libarchive 3.1.2 and earlier allows remote attackers to write to arbitrary files via a full pathname in an archive.)
 CVE-2015-1197 (cpio 2.11, when using the --no-absolute-filenames option, allows local users to write to arbitrary files via a symlink attack on a file in an archive.)
Original documentdocumentMANDRIVA, [ MDVSA-2015:066 ] cpio (20.04.2015)
 documentDEBIAN, [SECURITY] [DSA 3180-1] libarchive security update (16.03.2015)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod