Computer Security
[EN] securityvulns.ru no-pyccku


Cisco PlayerPT ActiveX buffer overflow
Published:26.03.2012
Source:
SecurityVulns ID:12288
Type:client
Threat Level:
5/10
Description:Buffer overflow in SetSource() method.
Affected:CISCO : Linksys WVC200
Original documentdocumentrgod, Cisco Linksys WVC200 Wireless-G PTZ Internet Video Camera PlayerPT ActiveX Control PlayerPT.ocx sprintf Buffer Overflow Vulnerability (26.03.2012)

CA ARCserve Backup DoS
Published:26.03.2012
Source:
SecurityVulns ID:12289
Type:remote
Threat Level:
5/10
Description:Crash on network request parsing.
Affected:CA : ARCserve Backup 12.0
 CA : ARCserve Backup 12.5
 CA : ARCserve Backup 15
 CA : ARCserve Backup 16
Original documentdocumentCA, CA20120320-01: Security Notice for CA ARCserve Backup (26.03.2012)

GnuTLS / libtasn1 security vulnerabilities
Published:26.03.2012
Source:
SecurityVulns ID:12291
Type:library
Threat Level:
7/10
Description:Vulnerabilities on TLS and ASN.1 records parsing.
Affected:GNU : gnutls 3.0
 GNU : libtasn1 2.11
CVE:CVE-2011-4128 (Buffer overflow in the gnutls_session_get_data function in lib/gnutls_session.c in GnuTLS 2.12.x before 2.12.14 and 3.x before 3.0.7, when used on a client that performs nonstandard session resumption, allows remote TLS servers to cause a denial of service (application crash) via a large SessionTicket.)
Original documentdocumentMu Dynamics Research Team, Mu Dynamics, Inc. Security Advisories MU-201202-01 and MU-201202-02 for GnuTLS and Libtasn1 (26.03.2012)

gnash multiple security vulnerabilities
Published:26.03.2012
Source:
SecurityVulns ID:12292
Type:client
Threat Level:
5/10
Description:Ingerer overflow on SWF parsing, unsafe cookie handling, symbolic links vulnerability.
Affected:GNU : gnash 0.8
CVE:CVE-2012-1175 (Integer overflow in the GnashImage::size method in libbase/GnashImage.h in GNU Gnash 0.8.10 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted SWF file, which triggers a heap-based buffer overflow.)
 CVE-2011-4328 (plugin/npapi/plugin.cpp in Gnash before 0.8.10 uses weak permissions (word readable) for cookie files with predictable names in /tmp, which allows local users to obtain sensitive information.)
 CVE-2010-4337 (The configure script in gnash 0.8.8 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/gnash-configure-errors.$$, (2) /tmp/gnash-configure-warnings.$$, or (3) /tmp/gnash-configure-recommended.$$ files.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 2435-1] gnash security update (26.03.2012)

Microsoft .Net multiple security vulnerabilities
updated since 02.01.2012
Published:26.03.2012
Source:
SecurityVulns ID:12121
Type:library
Threat Level:
9/10
Description:DoS, multiple vulnerabilities in forms authentication.
Affected:MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
 MICROSOFT : Windows 7
CVE:CVE-2011-3417 (The Forms Authentication feature in the ASP.NET subsystem in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0, when sliding expiry is enabled, does not properly handle cached content, which allows remote attackers to obtain access to arbitrary user accounts via a crafted URL, aka "ASP.NET Forms Authentication Ticket Caching Vulnerability.")
 CVE-2011-3416 (The Forms Authentication feature in the ASP.NET subsystem in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0 allows remote authenticated users to obtain access to arbitrary user accounts via a crafted username, aka "ASP.Net Forms Authentication Bypass Vulnerability.")
 CVE-2011-3415 (Open redirect vulnerability in the Forms Authentication feature in the ASP.NET subsystem in Microsoft .NET Framework 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted return URL, aka "Insecure Redirect in .NET Form Authentication Vulnerability.")
 CVE-2011-3414 (The CaseInsensitiveHashProvider.getHashCode function in the HashTable implementation in the ASP.NET subsystem in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters, aka "Collisions in HashTable May Cause DoS Vulnerability.")
Original documentdocumentIrene Abezgauz, Seeker Advisory: Insecure Redirect in .NET Form Authentication - Redirect From Login Mechanism (ReturnURL Parameter) (26.03.2012)
 documentSEC Consult Vulnerability Lab, SEC Consult SA-20111230-0 :: Critical authentication bypass in Microsoft ASP.NET Forms - CVE-2011-3416 (02.01.2012)
Files:Microsoft Security Bulletin MS11-100 - Critical Vulnerabilities in .NET Framework Could Allow Elevation of Privilege (2638420)

Apache Traffic Server DoS
Published:26.03.2012
Source:
SecurityVulns ID:12286
Type:remote
Threat Level:
5/10
Description:Server crash on oversized Host: header.
CVE:CVE-2012-0256 (Apache Traffic Server 2.0.x and 3.0.x before 3.0.4 and 3.1.x before 3.1.3 does not properly allocate heap memory, which allows remote attackers to cause a denial of service (daemon crash) via a long HTTP Host header.)
Original documentdocumentAPACHE, [ANNOUNCE] Apache Traffic Server releases for security incident CVE-2012-0256 (26.03.2012)

raptor library (libreoffice / openoffice) file injection
updated since 26.03.2012
Published:02.04.2012
Source:
SecurityVulns ID:12287
Type:library
Threat Level:
5/10
Description:It's possible to inject file via XML
Affected:RAPTOR : raptor 1.4
CVE:CVE-2012-0037 (Redland Raptor (aka libraptor) before 2.0.7, as used by OpenOffice 3.3 and 3.4 Beta, LibreOffice before 3.4.6 and 3.5.x before 3.5.1, and other products, allows user-assisted remote attackers to read arbitrary files via a crafted XML external entity (XXE) declaration and reference in an RDF document.)
Original documentdocumentVSR Advisories, CVE-2012-0037: libraptor - XXE in RDF/XML File Interpretation (Multiple office products affected) (02.04.2012)
 documentDEBIAN, [SECURITY] [DSA 2438-1] raptor security update (26.03.2012)

Cyberoam Unified Threat Management security vulnerabilities
updated since 26.03.2012
Published:23.04.2012
Source:
SecurityVulns ID:12290
Type:remote
Threat Level:
5/10
Description:Command execution, information leakage.
Affected:CYBEROAM : Cyberoam CR50ia
 CYBEROAM : Cyberoam vCR300i
Original documentdocumentVulnerability Lab, Cyberoam UTM v10.01.2 build 059 - File Include Vulnerabilities (23.04.2012)
 documentSaurabh Harit, Cyberoam Unified Threat Management: OS Command Execution (26.03.2012)
 documentSaurabh Harit, Cyberoam Unified Threat Management: Insecure Password Handling (26.03.2012)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod