Computer Security
[EN] securityvulns.ru no-pyccku


Docker multiple security vulnerabilities
updated since 01.12.2014
Published:22.12.2014
Source:
SecurityVulns ID:14116
Type:local
Threat Level:
5/10
Description:Symbolic links vulnerability, directory traversal, privilege escalation.
Affected:DOCKER : Docker 1.3
CVE:CVE-2014-9358 (Docker before 1.3.3 does not properly validate image IDs, which allows remote attackers to conduct path traversal attacks and spoof repositories via a crafted image in a (1) "docker load" operation or (2) "registry communications.")
 CVE-2014-9357 (Docker 1.3.2 allows remote attackers to execute arbitrary code with root privileges via a crafted (1) image or (2) build in a Dockerfile in an LZMA (.xz) archive, related to the chroot for archive extraction.)
 CVE-2014-9356
 CVE-2014-5277 (Docker before 1.3.1 and docker-py before 0.5.3 fall back to HTTP when the HTTPS connection to the registry fails, which allows man-in-the-middle attackers to conduct downgrade attacks and obtain authentication and image data by leveraging a network position between the client and the registry to block HTTPS traffic.)
Original documentdocumentDOCKER, Docker 1.3.3 - Security Advisory [11 Dec 2014] (22.12.2014)
 documentDOCKER, Docker 1.3.2 - Security Advisory [24 Nov 2014] (01.12.2014)

Apple Xcode git client unauthorized files access
Published:22.12.2014
Source:
SecurityVulns ID:14154
Type:client
Threat Level:
5/10
Description:Invali processing of characters case in special files names.
Affected:APPLE : XCode 6.2
CVE:CVE-2014-9390
Original documentdocumentAPPLE, APPLE-SA-2014-12-18-1 Xcode 6.2 beta 3 (22.12.2014)

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:22.12.2014
Source:
SecurityVulns ID:14155
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:CREATIVEMINDSSOL : cm-download-manager 2.0
 BIRDFEEDER : Bird Feeder 1.2
 KONKART : Konakart 7.3
 FUZZYLIME : Fuzzylime 3.03
 MEDIAWIKI : mediawiki 1.19
 MORFYCMS : Morfy CMS 1.05
 REVIVEADSERVER : Revive Adserver 3,0
 RESOURCESPACE : ResourceSpace 6.4
 WORDPRESS : W3 Total Cache 0.9
 PAPOO : Papoo Light 6.0
 PHPMYADMIN : phpmyadmin 4.2
 PBBOARD : PBBoard 3.0
 CONCRETE5 : Concrete5 CMS 5.7
 PHPTRAFFICA : phpTrafficA 2.3
 TWIKI : Twiki 6.0
 ITWITTER : iTwitter 0.04
 JEASECMS : Jease CMS 2.11
 ELEFANTCMS : Elefant CMS 1.3
CVE:CVE-2014-9367 (Incomplete blacklist vulnerability in the urlEncode function in lib/TWiki.pm in TWiki 6.0.0 and 6.0.1 allows remote attackers to conduct cross-site scripting (XSS) attacks via a "'" (single quote) in the scope parameter to do/view/TWiki/WebSearch.)
 CVE-2014-9325 (Multiple cross-site scripting (XSS) vulnerabilities in TWiki 6.0.1 allow remote attackers to inject arbitrary web script or HTML via the (1) QUERYSTRING variable in lib/TWiki.pm or (2) QUERYPARAMSTRING variable in lib/TWiki/UI/View.pm, as demonstrated by the QUERY_STRING to do/view/Main/TWikiPreferences.)
 CVE-2014-9277 (The wfMangleFlashPolicy function in OutputHandler.php in MediaWiki before 1.19.22, 1.20.x through 1.22.x before 1.22.14, and 1.23.x before 1.23.7 allows remote attackers to conduct PHP object injection attacks via a crafted string containing <cross-domain-policy> in a PHP format request, which causes the string length to change when converting the request to <NOT-cross-domain-policy>.)
 CVE-2014-9219 (Cross-site scripting (XSS) vulnerability in the redirection feature in url.php in phpMyAdmin 4.2.x before 4.2.13.1 allows remote attackers to inject arbitrary web script or HTML via the url parameter.)
 CVE-2014-9218 (libraries/common.inc.php in phpMyAdmin 4.0.x before 4.0.10.7, 4.1.x before 4.1.14.8, and 4.2.x before 4.2.13.1 allows remote attackers to cause a denial of service (resource consumption) via a long password.)
 CVE-2014-9215 (SQL injection vulnerability in the CheckEmail function in includes/functions.class.php in PBBoard 3.0.1 before 20141128 allows remote attackers to execute arbitrary SQL commands via the email parameter in the register page to index.php. NOTE: the email parameter in the forget page vector is already covered by CVE-2012-4034.2.)
 CVE-2014-9129 (Cross-site request forgery (CSRF) vulnerability in the CreativeMinds CM Downloads Manager plugin before 2.0.7 for WordPress allows remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the addons_title parameter in the CMDM_admin_settings page to wp-admin/admin.php.)
 CVE-2014-8875 (The XML_RPC_cd function in lib/pear/XML/RPC.php in Revive Adserver before 3.0.6 allows remote attackers to cause a denial of service (CPU and memory consumption) via a crafted XML-RPC request, aka an XML Entity Expansion (XEE) attack.)
 CVE-2014-8793 (Cross-site scripting (XSS) vulnerability in lib/max/Admin/UI/Field/PublisherIdField.php in Revive Adserver before 3.0.6 allows remote attackers to inject arbitrary web script or HTML via the refresh_page parameter to www/admin/report-generate.php.)
 CVE-2014-8724 (Cross-site scripting (XSS) vulnerability in the W3 Total Cache plugin before 0.9.4.1 for WordPress, when debug mode is enabled, allows remote attackers to inject arbitrary web script or HTML via the "Cache key" in the HTML-Comments, as demonstrated by the PATH_INFO to the default URI.)
 CVE-2014-8340 (SQL injection vulnerability in Php/Functions/log_function.php in phpTrafficA 2.3 and earlier allows remote attackers to execute arbitrary SQL commands via a User-Agent HTTP header.)
 CVE-2014-2026 (Cross-site scripting (XSS) vulnerability in the search functionality in United Planet Intrexx Professional before 5.2 Online Update 0905 and 6.x before 6.0 Online Update 10 allows remote attackers to inject arbitrary web script or HTML via the request parameter.)
 CVE-2014-2025
Original documentdocumentpetri.iivonen_(at)_tmbc.gov.uk, ResourceSpace Multiple Cross Site Scripting, and HTML and SQL Injection Vulnerabilities (22.12.2014)
 documentDaniel Geerts, [CVE-2014-8340] phpTrafficA SQL injection (22.12.2014)
 documentsimo_(at)_morxploit.com, Concrete5 CMS Reflected Cross-Site Scripting Vulnerabilities (22.12.2014)
 documentsahm_(at)_post.com, CMS Made Simple PHP Code Injection Vulnerability (All versions) (22.12.2014)
 documenttien.d.tran_(at)_itas.vn, CVE-2014-9215 - SQL Injection in PBBoard CMS (22.12.2014)
 documenthenri_(at)_nerv.fi, CVE-2014-9129: XSS and CSRF in CM Download Manager plugin for WordPress (22.12.2014)
 documentDEBIAN, [SECURITY] [DSA 3100-1] mediawiki security update (22.12.2014)
 documentMANDRIVA, [ MDVSA-2014:243 ] phpmyadmin (22.12.2014)
 documentChristian Schneider, CVE-2014-2025 Remote Code Execution (RCE) in "Intrexx Professional" (22.12.2014)
 documentChristian Schneider, CVE-2014-2026 Reflected Cross-Site Scripting (XSS) in "Intrexx Professional" (22.12.2014)
 documentsteffen.roesemann1986_(at)_gmail.com, Persistent XSS Vulnerability in CMS Papoo Light v6.0.0 Rev. 4701 (22.12.2014)
 documentMazin Ahmed, W3TotalFail: W3 Total Cache v 0.9.4 CSRF Vulnerability that Leads to Full Deface (22.12.2014)
 documentVulnerability Lab, Elefant CMS v1.3.9 - Persistent Name Update Vulnerability (22.12.2014)
 documentVulnerability Lab, Fuzzylime v3.03b CMS - CS Cross Scripting Vulnerability (22.12.2014)
 documentVulnerability Lab, Konakart v7.3.0.1 CMS - CS Cross Site Web Vulnerability (22.12.2014)
 documentMatteo Beccati, [REVIVE-SA-2014-002] Revive Adserver 3.0.6 and 3.1.0 fix multiple vulnerabilities (22.12.2014)
 documentTobias Glemser, secuvera-SA-2014-01: Reflected XSS in W3 Total Cache (22.12.2014)
 documentHigh-Tech Bridge Security Research, Cross-Site Scripting (XSS) in Revive Adserver (22.12.2014)
 documentVulnerability Lab, Bird Feeder v1.2.3 WP Plugin - CSRF & XSS Vulnerability (22.12.2014)
 documentVulnerability Lab, Morfy CMS v1.05 - Command Execution Vulnerability (22.12.2014)
 documentVulnerability Lab, Jease CMS v2.11 - Persistent UI Web Vulnerability (22.12.2014)
 documentVulnerability Lab, iTwitter v0.04 WP Plugin - XSS & CSRF Web Vulnerability (22.12.2014)
 documentVulnerability Lab, E-Journal CMS (ID) - Multiple Web Vulnerabilities (22.12.2014)
 documentOnur Yilmaz, TWiki Security Advisory - XSS Vulnerability - CVE-2014-9325 (22.12.2014)
 documentOnur Yilmaz, TWiki Security Advisory - XSS Vulnerability - CVE-2014-9367 (22.12.2014)

NetIQ eDirectory NDS iMonitor security vulnerabilities
Published:22.12.2014
Source:
SecurityVulns ID:14156
Type:remote
Threat Level:
5/10
Description:Crossite scripting, information leakage.
Affected:NETIQ : eDirectory NDS iMonitor 8.8
CVE:CVE-2014-5213 (nds/files/opt/novell/eDirectory/lib64/ndsimon/public/images in iMonitor in Novell eDirectory before 8.8 SP8 Patch 4 allows remote authenticated users to obtain sensitive information from process memory via a direct request.)
 CVE-2014-5212 (Cross-site scripting (XSS) vulnerability in nds/search/data in iMonitor in Novell eDirectory before 8.8 SP8 Patch 4 allows remote attackers to inject arbitrary web script or HTML via the rdn parameter.)
Original documentdocumentSEC Consult Vulnerability Lab, SEC Consult SA-20141219-0 :: XSS & Memory Disclosure vulnerabilities in NetIQ eDirectory NDS iMonitor (22.12.2014)

NetIQ Access Manager multiple security vulnerabilities
Published:22.12.2014
Source:
SecurityVulns ID:14157
Type:remote
Threat Level:
6/10
Description:XXE, CSRF, XXS, information leakage.
Affected:NETIQ : NetIQ Access Manager 4.0
CVE:CVE-2014-5217 (Cross-site request forgery (CSRF) vulnerability in nps/servlet/webacc in the Administration Console server in NetIQ Access Manager (NAM) 4.x before 4.1 allows remote attackers to hijack the authentication of administrators for requests that change the administrative password via an fw.SetPassword action.)
 CVE-2014-5216 (Multiple cross-site scripting (XSS) vulnerabilities in NetIQ Access Manager (NAM) 4.x before 4.0.1 HF3 allow remote attackers to inject arbitrary web script or HTML via (1) the location parameter in a dev.Empty action to nps/servlet/webacc, (2) the error parameter to nidp/jsp/x509err.jsp, (3) the lang parameter to sslvpn/applet_agent.jsp, or (4) the secureLoggingServersA parameter to roma/system/cntl, a different issue than CVE-2014-9412.)
 CVE-2014-5215 (NetIQ Access Manager (NAM) 4.x before 4.0.1 HF3 allows remote authenticated administrators to discover service-account passwords via a request to (1) roma/jsp/volsc/monitoring/dev_services.jsp or (2) roma/jsp/debug/debug.jsp.)
 CVE-2014-5214 (nps/servlet/webacc in iManager in the Administration Console server in NetIQ Access Manager (NAM) 4.x before 4.0.1 HF3 allows remote authenticated novlwww users to read arbitrary files via a query parameter containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.)
Original documentdocumentSEC Consult Vulnerability Lab, SEC Consult SA-20141218-2 :: Multiple high risk vulnerabilities in NetIQ Access Manager (22.12.2014)

SAP applications multiple security vulnerabilities
updated since 04.08.2014
Published:22.12.2014
Source:
SecurityVulns ID:13902
Type:remote
Threat Level:
7/10
Description:Unauthorized access, crossite scripting, backdoor account, authentication bypass, unencrypted password transfer.
CVE:CVE-2013-3678 (Multiple unspecified vulnerabilities in SAP Governance, Risk, and Compliance (GRC) allow remote authenticated users to gain privileges and execute arbitrary programs via a crafted (1) RFC or (2) SOAP-RFC request.)
Original documentdocumentOnapsis Research Labs, [Onapsis Security Advisory 2014-034] SAP Business Objects Search Token Privilege Escalation via CORBA (22.12.2014)
 documentESNC Security, [ESNC-2039348] Multiple Critical Security Vulnerabilities in SAP Governance, Risk and Compliance (SAP GRC) (01.12.2014)
 documentAlexandre Herzog, SAP Security Note 1908531 - XXE in BusinessObjects Explorer (14.10.2014)
 documentAlexandre Herzog, SAP Security Note 1908647 - Cross Site Flashing in BusinessObjects Explorer (14.10.2014)
 documentAlexandre Herzog, SAP Security Note 1908562 - Port scanning in BusinessObjects Explorer (14.10.2014)
 documentOnapsis Research Labs, [Onapsis Security Advisory 2014-032] SAP BusinessObjects Persistent Cross Site Scripting (14.10.2014)
 documentOnapsis Research Labs, [Onapsis Security Advisory 2014-029] SAP Business Objects Information Disclosure (14.10.2014)
 documentOnapsis Research Labs, [Onapsis Security Advisory 2014-030] SAP Business Objects Denial of Service via CORBA (14.10.2014)
 documentOnapsis Research Labs, [Onapsis Security Advisory 2014-031] SAP Business Objects Information Disclosure via CORBA (14.10.2014)
 documentOnapsis Research Labs, [Onapsis Security Advisory 2014-033] SAP Business Warehouse Missing Authorization Check (14.10.2014)
 documentOnapsis Research Labs, [Onapsis Security Advisory 2014-027] SAP HANA Multiple Reflected Cross Site Scripting Vulnerabilities (14.10.2014)
 documentOnapsis Research Labs, [Onapsis Security Advisory 2014-028] SAP HANA Web-based Development Workbench Code Injection (14.10.2014)
 documentOnapsis Research Labs, [Onapsis Security Advisory 2014-026] Missing authorization check in function modules of BW-SYS-DB-DB4 (04.08.2014)
 documentOnapsis Research Labs, [Onapsis Security Advisory 2014-025] Multiple Cross Site Scripting Vulnerabilities in SAP HANA XS Administration Tool (04.08.2014)
 documentOnapsis Research Labs, [Onapsis Security Advisory 2014-024] Hard-coded Username in SAP FI Manager Self-Service (04.08.2014)
 documentOnapsis Research Labs, [Onapsis Security Advisory 2014-023] HTTP verb tampering issue in SAP_JTECHS (04.08.2014)
 documentOnapsis Research Labs, [Onapsis Security Advisory 2014-022] SAP HANA IU5 SDK Authentication Bypass (04.08.2014)
 documentOnapsis Research Labs, [Onapsis Security Advisory 2014-021] SAP HANA XS Missing encryption in form-based authentication (04.08.2014)

GParted code execution
Published:22.12.2014
Source:
SecurityVulns ID:14158
Type:local
Threat Level:
5/10
Description:Commands injections.
Affected:GPARTED : GParted 0.15
CVE:CVE-2014-7208 (GParted before 0.15.0 allows local users to execute arbitrary commands with root privileges via shell metacharacters in a crafted filesystem label.)
Original documentdocumentSEC Consult Vulnerability Lab, SEC Consult SA-20141218-1 :: OS command execution vulnerability in GParted (22.12.2014)

HP OpenVMS POP3 DoS
Published:22.12.2014
Source:
SecurityVulns ID:14159
Type:remote
Threat Level:
5/10
Affected:HP : OpenVMS TCPIP 5.7
CVE:CVE-2014-7880 (Multiple unspecified vulnerabilities in the POP implementation in HP OpenVMS TCP/IP 5.7 before ECO5 allow remote attackers to cause a denial of service via unspecified vectors.)
Original documentdocumentHP, [security bulletin] HPSBOV03225 rev.1 - HP OpenVMS running POP, Remote Denial of Service (DoS) (22.12.2014)

Different mailx versions security vulnerabilities
Published:22.12.2014
Source:
SecurityVulns ID:14160
Type:library
Threat Level:
7/10
Description:Shell characters injection.
CVE:CVE-2014-7844
 CVE-2004-2771 (The expand function in fio.c in Heirloom mailx 12.5 and earlier and BSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in an email address.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 3104-1] bsd-mailx security update (22.12.2014)
 documentDEBIAN, [SECURITY] [DSA 3105-1] heirloom-mailx security update (22.12.2014)

ettercap multiple security vulnerabilities
Published:22.12.2014
Source:
SecurityVulns ID:14161
Type:remote
Threat Level:
6/10
Description:Multiple memory corruptions in different protocols dissectors.
Affected:ETTERCAP : Ettercap 8.1
CVE:CVE-2014-9381 (Integer signedness error in the dissector_cvs function in dissectors/ec_cvs.c in Ettercap 0.8.1 allows remote attackers to cause a denial of service (crash) via a crafted password, which triggers a large memory allocation.)
 CVE-2014-9380 (The dissector_cvs function in dissectors/ec_cvs.c in Ettercap 0.8.1 allows remote attackers to cause a denial of service (out-of-bounds read) via a packet containing only a CVS_LOGIN signature.)
 CVE-2014-9379 (The radius_get_attribute function in dissectors/ec_radius.c in Ettercap 0.8.1 performs an incorrect cast, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via unspecified vectors, which triggers a stack-based buffer overflow.)
 CVE-2014-9378 (Ettercap 0.8.1 does not validate certain return values, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted (1) name to the parse_line function in mdns_spoof/mdns_spoof.c or (2) base64 encoded password to the dissector_imap function in dissectors/ec_imap.c.)
 CVE-2014-9377 (Heap-based buffer overflow in the nbns_spoof function in plug-ins/nbns_spoof/nbns_spoof.c in Ettercap 0.8.1 allows remote attackers to cause a denial of service or possibly execute arbitrary code via a large netbios packet.)
 CVE-2014-9376 (Integer underflow in Ettercap 0.8.1 allows remote attackers to cause a denial of service (out-of-bounds write) and possibly execute arbitrary code via a small (1) size variable value in the dissector_dhcp function in dissectors/ec_dhcp.c, (2) length value to the dissector_gg function in dissectors/ec_gg.c, or (3) string length to the get_decode_len function in ec_utils.c or a request without a (4) username or (5) password to the dissector_TN3270 function in dissectors/ec_TN3270.c.)
 CVE-2014-6396 (The dissector_postgresql function in dissectors/ec_postgresql.c in Ettercap before 0.8.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted password length, which triggers a 0 character to be written to an arbitrary memory location.)
 CVE-2014-6395 (Heap-based buffer overflow in the dissector_postgresql function in dissectors/ec_postgresql.c in Ettercap before 0.8.1 allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted password length value that is inconsistent with the actual length of the password.)
Original documentdocumentn.sampanis_(at)_obrela.com, "Ettercap 8.0 - 8.1" multiple vulnerabilities (22.12.2014)

CA LISA Release Automation multiple security vulnerabilities
Published:22.12.2014
Source:
SecurityVulns ID:14162
Type:remote
Threat Level:
5/10
Description:XSS, CSRF, SQL injection.
Affected:CA : LISA Release Automation 4.7
CVE:CVE-2014-8248 (SQL injection vulnerability in CA Release Automation (formerly iTKO LISA Release Automation) before 4.7.1 b448 allows remote authenticated users to execute arbitrary SQL commands via a crafted query.)
 CVE-2014-8247 (Cross-site scripting (XSS) vulnerability in CA Release Automation (formerly iTKO LISA Release Automation) before 4.7.1 b448 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.)
 CVE-2014-8246 (Cross-site request forgery (CSRF) vulnerability in CA Release Automation (formerly iTKO LISA Release Automation) before 4.7.1 b448 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.)
Original documentdocumentCA, CA20141215-01: Security Notice for CA LISA Release Automation (22.12.2014)

Apache mod_wsgi privilege escalation
Published:22.12.2014
Source:
SecurityVulns ID:14163
Type:local
Threat Level:
5/10
Description:Invalid error processing can lead to privilege escalation.
Affected:APACHE : mod_wsgi 4.2
CVE:CVE-2014-8583 (mod_wsgi before 4.2.4 for Apache, when creating a daemon process group, does not properly handle when group privileges cannot be dropped, which might allow attackers to gain privileges via unspecified vectors.)
Original documentdocumentMANDRIVA, [ MDVSA-2014:253 ] apache-mod_wsgi (22.12.2014)

Mozilla nss information leakage
Published:22.12.2014
Source:
SecurityVulns ID:14164
Type:library
Threat Level:
6/10
Description:Information leakage in QuickDER decoder.
Affected:MOZILLA : nss 3.17
CVE:CVE-2014-3566 (The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.)
 CVE-2014-1569 (The definite_length_decoder function in lib/util/quickder.c in Mozilla Network Security Services (NSS) before 3.16.2.4 and 3.17.x before 3.17.3 does not ensure that the DER encoding of an ASN.1 length is properly formed, which allows remote attackers to conduct data-smuggling attacks by using a long byte sequence for an encoding, as demonstrated by the SEC_QuickDERDecodeItem function's improper handling of an arbitrary-length encoding of 0x00.)
Original documentdocumentMANDRIVA, [ MDVSA-2014:252 ] nss (22.12.2014)

Ekahau Real-Time Location Tracking System weak encryption
Published:22.12.2014
Source:
SecurityVulns ID:14165
Type:remote
Threat Level:
5/10
Description:It's possible to read and generate messages.
Affected:EKAHAU : B4 staff badge tag 5.7
CVE:CVE-2014-2716 (Ekahau B4 staff badge tag 5.7 with firmware 1.4.52, Real-Time Location System (RTLS) Controller 6.0.5-FINAL, and Activator 3 reuses the RC4 cipher stream, which makes it easier for remote attackers to obtain plaintext messages via an XOR operation on two ciphertexts.)
Original documentdocumentmodzero security, Vulnerabilities in Ekahau Real-Time Location Tracking System [MZ-14-01] (22.12.2014)

RPM security vulnerabilities
Published:22.12.2014
Source:
SecurityVulns ID:14166
Type:local
Threat Level:
5/10
Description:Integer oveflow, code execution.
Affected:RPM : RPM 4.12
CVE:CVE-2014-8118 (Integer overflow in RPM 4.12 and earlier allows remote attackers to execute arbitrary code via a crafted CPIO header in the payload section of an RPM file, which triggers a stack-based buffer overflow.)
 CVE-2013-6435 (Race condition in RPM 4.11.1 and earlier allows remote attackers to execute arbitrary code via a crafted RPM file whose installation extracts the contents to temporary files before validating the signature, as demonstrated by installing a file in the /etc/cron.d directory.)
Original documentdocumentMANDRIVA, [ MDVSA-2014:251 ] rpm (22.12.2014)

GNU cpio buffer overflow
Published:22.12.2014
Source:
SecurityVulns ID:14167
Type:local
Threat Level:
5/10
Description:Buffer overflow in process_copy_in() function.
Affected:GNU : cpio 2.11
CVE:CVE-2014-9112 (Heap-based buffer overflow in the process_copy_in function in GNU Cpio 2.11 allows remote attackers to cause a denial of service via a large block value in a cpio archive.)
Original documentdocumentMANDRIVA, [ MDVSA-2014:250 ] cpio (22.12.2014)

libYAML DoS
Published:22.12.2014
Source:
SecurityVulns ID:14168
Type:library
Threat Level:
5/10
Description:Assertion on strings parsing.
Affected:YAML : LibYAML 0.1
CVE:CVE-2014-9130 (scanner.c in LibYAML 0.1.5 and 0.1.6, as used in the YAML-LibYAML (aka YAML-XS) module for Perl, allows context-dependent attackers to cause a denial of service (assertion failure and crash) via vectors involving line-wrapping.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 3102-1] libyaml security update (22.12.2014)

c-icap DoS
Published:22.12.2014
Source:
SecurityVulns ID:14169
Type:remote
Threat Level:
5/10
Description:Few different DoS conditions.
Affected:ICAP : c-icap 0.2
CVE:CVE-2013-7402 (Multiple unspecified vulnerabilities in request.c in c-icap 0.2.x allow remote attackers to cause a denial of service (crash) via a crafted ICAP request.)
 CVE-2013-7401 (The parse_request function in request.c in c-icap 0.2.x allows remote attackers to cause a denial of service (crash) via a URI without a " " or "?" character in an ICAP request, as demonstrated by use of the OPTIONS method.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 3101-1] c-icap security update (22.12.2014)

getmail security vulnerabilities
Published:22.12.2014
Source:
SecurityVulns ID:14170
Type:m-i-t-m
Threat Level:
5/10
Description:Multiple vulnerabilities in certificates check.
Affected:GETMAIL : getmail 4.44
CVE:CVE-2014-7275 (The POP3-over-SSL implementation in getmail 4.0.0 through 4.44.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof POP3 servers and obtain sensitive information via a crafted certificate.)
 CVE-2014-7274 (The IMAP-over-SSL implementation in getmail 4.44.0 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) field of the X.509 certificate, which allows man-in-the-middle attackers to spoof IMAP servers and obtain sensitive information via a crafted certificate from a recognized Certification Authority.)
 CVE-2014-7273 (The IMAP-over-SSL implementation in getmail 4.0.0 through 4.43.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof IMAP servers and obtain sensitive information via a crafted certificate.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 3091-1] getmail4 security update (22.12.2014)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod