Computer Security
[EN] securityvulns.ru no-pyccku


OpenSSL security vulnerabilities
updated since 08.04.2014
Published:30.05.2014
Source:
SecurityVulns ID:13679
Type:library
Threat Level:
10/10
Description:Information leakage, key recovery. This vulnerability is actively used in-the-wild.
Affected:APPLE : AirPort Extreme
 OPENSSL : OpenSSL 1.0
 HP : HP Service Manager 9.33
 RUCKUS : Smart Cell Gateway 1.1
 HP : HP Asset Manager 9.40
 HP : HP CIT 9.53
 HP : HP Executive Scorecard 9.41
 HP : HP Server Automation 10.01
 HP : HP Diagnostics 9.23
 HP : LoadRunner 12.0
 HP : LoadRunner 11.52
 HP : HP Performance Center 12.0
 HP : HP Performance Center 11.52
 HP : HP BladeSystem c-Class Onboard Administrator 4.20
 HP : HP Smart Update Manager 6.3
 HP : HP System Management Homepage 7.3
 HP : HP XP P9500
 HP : HP Autonomy WorkSite Server 9.0
 HP : Insight Control server deployment 7.2
 HP : HP P2000
 HP : HP MSA 2040
 HP : HP Version Control Agent 7.3
 HP : BladeSystem c-Class Onboard Administrator 4.20
 HP : Connect-IT 9.53
 HP : HP BladeSystem c-Class Virtual Connect Support Utility 1.9
 HP : HP Version Control Repository Manager 7.3
 HP : ThinPro OS 4.4
 HP : HP Smart Zero Core Services 4.4
 HP : 3PAR OS 3.1
 HP : IceWall MCRP 3.0
 HP : WMI Mapper for HP Systems Insight Manager 7.3
 HP : StoreEver ESL G3
 HP : HP Insight Management VCEM Web Client SDK 7.3
 HP : HP Insight Control 7.3
 HP : IBRIX X9320
 HP : HP StoreVirtual 4000
 HP : HP P4000
 APPLE : AirPort Time Capsule
 HP : HP Multimedia Service Environment 2.1
 HP : HP Network Interactive Voice Response 2.1
 CA : ARCserve D2D 16.5
 CA : ARCserve High Availability 16.5
 CA : ARCserve Replication 16.5
 CA : ecoMeter 4.2
 CA : eHealth 6.3
 CA : Layer 7 API Gateway 8.1
 CA : Layer 7 API Portal 2.6
 CA : Layer 7 Mobile Access Gateway 8.1
 CA : CA Mobile Device Management 2014
 HP : HP Business Process Monitor 9.24
CVE:CVE-2014-0160 (The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug.)
 CVE-2014-0076 (The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack.)
Original documentdocumentHP, [security bulletin] HPSBMU03044 rev.1 - HP Business Process Monitor, running OpenSSL, Remote Disclosure of Information (30.05.2014)
 documentCA, CA20140413-01: Security Notice for OpenSSL Heartbleed Vulnerability (29.05.2014)
 documentHP, [security bulletin] HPSBMU03037 rev.1 - HP Multimedia Service Environment (MSE), (HP Network Interactive Voice Response (NIVR)), Remote Disclosure of Information (07.05.2014)
 documentAPPLE, APPLE-SA-2014-04-22-4 AirPort Base Station Firmware Update 7.7.3 (04.05.2014)
 documentHP, [security bulletin] HPSBPI03014 rev.1 - HP LaserJet Pro MFP Printers, HP Color LaserJet Pro MFP Printers, Remote Disclosure of Information (04.05.2014)
 documentHP, [security bulletin] HPSBST03027 rev.1 - HP StoreVirtual 4000 Storage and HP P4000 G2 Storage using HP System Management Homepage (SMH) running OpenSSL, Remote Disclosure of Information (02.05.2014)
 documentHP, [security bulletin] HPSBMU03009 rev.2 - HP CloudSystem Foundation and Enterprise Software v8.0 running OpenSSL, Remote Disclosure of Information (02.05.2014)
 documentHP, [security bulletin] HPSBMU03032 rev.1 - HP Virtual Connect Firmware Smart Components Installer Software running OpenSSL, Remote Disclosure of Information (02.05.2014)
 documentHP, [security bulletin] HPSBST03004 rev.1 - HP IBRIX X9320 Storage running OpenSSL, Remote Disclosure of Information (02.05.2014)
 documentHP, [security bulletin] HPSBMU03030 rev.1 - HP Service Pack for ProLiant (SPP) Bundled Software running OpenSSL, Remote Disclosure of Information (02.05.2014)
 documentHP, [security bulletin] HPSBMU03033 rev.1 - HP Insight Control Software Components running OpenSSL, Remote Disclosure of Information (02.05.2014)
 documentHP, [security bulletin] HPSBMU03028 rev.1 - HP Matrix Operating Environment and CloudSystem Matrix Software Components running OpenSSL, Remote Disclosure of Information (02.05.2014)
 documentHP, [security bulletin] HPSBMU03029 rev.1 - HP Insight Control Server Migration running OpenSSL, Remote Disclosure of Information (02.05.2014)
 documentHP, [security bulletin] HPSBPI03031 rev.1 - HP Officejet Pro X Printers, Certain Officejet Pro Printers, Remote Disclosure of Information (01.05.2014)
 documentHP, [security bulletin] HPSBMU03012 rev.1 - HP Insight Management VCEM Web Client SDK (VCEMSDK) running OpenSSL, Remote Disclosure of Information (01.05.2014)
 documentHP, [security bulletin] HPSBMU02994 rev.2 - HP BladeSystem c-Class Onboard Administrator (OA) running OpenSSL, Remote Disclosure of Information (01.05.2014)
 documentHP, [security bulletin] HPSBMU03019 rev.1 - HP Software UCMDB Browser and Configuration Manager running OpenSSL, Remote Disclosure of Information (01.05.2014)
 documentHP, [security bulletin] HPSBMU03018 rev.1 - HP Software Asset Manager running OpenSSL, Remote Disclosure of Information (01.05.2014)
 documentHP, [security bulletin] HPSBST03000 rev.1 - HP StoreEver ESL G3 Tape Library and Enterprise Library LTO-6 Tape Drives running OpenSSL, Remote Disclosure of Information (01.05.2014)
 documentHP, [security bulletin] HPSBMU03013 rev.1 - WMI Mapper for HP Systems Insight Manager running OpenSSL, Remote Disclosure of Information (01.05.2014)
 documentHP, [security bulletin] HPSBGN03011 rev.1 - HP IceWall MCRP running OpenSSL on Red Hat Enterprise Linux 6 (RHEL6), Remote Disclosure of Information (01.05.2014)
 documentHP, [security bulletin] HPSBST03015 rev.2 - HP 3PAR OS running OpenSSL, Remote Disclosure of Information (01.05.2014)
 documentHP, [security bulletin] HPSBHF03021 rev.1 - HP Thin Client with ThinPro OS or Smart Zero Core Services, Running OpenSSL, Remote Disclosure of Information (01.05.2014)
 documentHP, [security bulletin] HPSBMU03020 rev.1 - HP Version Control Agent (VCA) and Version Control Repository Manager (VCRM) running OpenSSL on Linux and Windows, Remote Disclosure of Information (01.05.2014)
 documentHP, [security bulletin] HPSBMU03023 rev.1 - HP BladeSystem c-Class Virtual Connect Support Utility (VCSU) running OpenSSL on Linux and Windows, Remote Disclosure of Information (01.05.2014)
 documentHP, [security bulletin] HPSBMU03017 rev.2 - HP Software Connect-IT running OpenSSL, Remote Disclosure of Information (01.05.2014)
 documentHP, [security bulletin] HPSBMU02994 rev.3 - HP BladeSystem c-Class Onboard Administrator (OA) running OpenSSL, Remote Disclosure of Information (01.05.2014)
 documentHP, [security bulletin] HPSBMU03025 rev.1 - HP Diagnostics running OpenSSL, Remote Disclosure of Information (01.05.2014)
 documentHP, [security bulletin] HPSBMU03022 rev.1 - HP Systems Insight Manager (SIM) Bundled Software running OpenSSL, Remote Disclosure of Information (01.05.2014)
 documentHP, [security bulletin] HPSBMU03020 rev.2 - HP Version Control Agent (VCA) and Version Control Repository Manager (VCRM) running OpenSSL on Linux and Windows, Remote Disclosure of Information (01.05.2014)
 documentHP, security bulletin] HPSBST03016 rev.2 - HP P2000 G3 MSA Array Systems, HP MSA 2040 Storage, and HP MSA 1040 Storage running OpenSSL, Remote Disclosure of Information (01.05.2014)
 documentHP, [security bulletin] HPSBMU03024 rev.1 - HP Insight Control Server Deployment on Linux and Windows running OpenSSL with System Management Homepage and Systems Insight Manager, Remote Disclosure of Information (01.05.2014)
 documentFREEBSD, FreeBSD Security Advisory FreeBSD-SA-14:06.openssl [REVISED] (20.04.2014)
 documentHP, [security bulletin] HPSBMU02999 rev.1 - HP Software Autonomy WorkSite Server (On-Premises Software), Running OpenSSL, Remote Disclosure of Information (20.04.2014)
 documentHP, HP Autonomy WorkSite Server v9.0 (20.04.2014)
 documentHP, [security bulletin] HPSBST03001 rev.1 - HP XP P9500 Disk Array running OpenSSL, Remote Disclosure of Information (20.04.2014)
 documentHP, [security bulletin] HPSBMU02998 rev.1 - HP System Management Homepage (SMH) running OpenSSL on Linux and Windows, Remote Disclosure of Information (20.04.2014)
 documentHP, [security bulletin] HPSBMU02997 rev.1 - HP Smart Update Manager (SUM) running OpenSSL, Remote Disclosure of Information (20.04.2014)
 documentHP, [security bulletin] HPSBMU02994 rev.1 - HP BladeSystem c-Class Onboard Administrator (OA) running OpenSSL, Remote Disclosure of Information (20.04.2014)
 documentHP, [security bulletin] HPSBGN03010 rev.1 - HP Software Server Automation, "HeartBleed" OpenSSL Vulnerability, Remote Disclosure of Information (20.04.2014)
 documentHP, [security bulletin] HPSBGN03008 rev.1 - HP Software Service Manager, "HeartBleed" OpenSSL Vulnerability, Remote Disclosure of Information (20.04.2014)
 documentRuckus Product Security Team, RUCKUS ADVISORY ID 041414: OpenSSL 1.0.1 library's "Heart bleed" vulnerability - CVE-2014-0160 (20.04.2014)
 documentHP, [security bulletin] HPSBMU02995 rev.1 - HP Software HP Service Manager, Asset Manager, UCMDB Browser, Executive Scorecard, Server Automation, Diagnostics, LoadRunner, Performance Center, "HeartBleed" OpenSSL Vulnerability, Remote Disclosure (20.04.2014)
 documentUBUNTU, [USN-2165-1] OpenSSL vulnerabilities (08.04.2014)
Files:OpenSSL Heartbeat Extension Vulnerability in Multiple Cisco Products

torque buffer overflow
updated since 29.05.2014
Published:30.05.2014
Source:
SecurityVulns ID:13788
Type:remote
Threat Level:
6/10
Description:Buffer overflow on task processing.
Affected:TORQUE : Terascale Open-Source Resource and Queue Manager 2.5
CVE:CVE-2014-0749 (Stack-based buffer overflow in lib/Libdis/disrsi_.c in Terascale Open-Source Resource and Queue Manager (aka TORQUE Resource Manager) 2.5.x through 2.5.13 allows remote attackers to execute arbitrary code via a large count value.)
Original documentdocumentjohn.fitzpatrick_(at)_mwrinfosecurity.com, [CVE-2014-0749] TORQUE Buffer Overflow (30.05.2014)
 documentDEBIAN, [SECURITY] [DSA 2936-1] torque security update (29.05.2014)

Apple Mac OS X multiple security vulnerabilities
Published:30.05.2014
Source:
SecurityVulns ID:13795
Type:library
Threat Level:
8/10
Description:Information disclosures, memory corruptions, DoS, privilege escalations, protection bypass.
Affected:APPLE : Mac OS X 10.9
CVE:CVE-2014-1322 (The kernel in Apple OS X through 10.9.2 places a kernel pointer into an XNU object data structure accessible from user space, which makes it easier for local users to bypass the ASLR protection mechanism by reading an unspecified attribute of the object.)
 CVE-2014-1321 (Power Management in Apple OS X 10.9.x through 10.9.2 allows physically proximate attackers to bypass an intended transition into the locked-screen state by touching (1) a key or (2) the trackpad during a lid-close action.)
 CVE-2014-1320 (IOKit in Apple iOS before 7.1.1, Apple OS X through 10.9.2, and Apple TV before 6.1.1 places kernel pointers into an object data structure, which makes it easier for local users to bypass the ASLR protection mechanism by reading unspecified attributes of the object.)
 CVE-2014-1319 (Buffer overflow in ImageIO in Apple OS X 10.9.x through 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG image.)
 CVE-2014-1318 (The Intel Graphics Driver in Apple OS X through 10.9.2 does not properly validate a certain pointer, which allows attackers to execute arbitrary code via a crafted application.)
 CVE-2014-1316 (Heimdal, as used in Apple OS X through 10.9.2, allows remote attackers to cause a denial of service (abort and daemon exit) via ASN.1 data encountered in the Kerberos 5 protocol.)
 CVE-2014-1315 (Format string vulnerability in CoreServicesUIAgent in Apple OS X 10.9.x through 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via format string specifiers in a URL.)
 CVE-2014-1314 (WindowServer in Apple OS X through 10.9.2 does not prevent session creation by a sandboxed application, which allows attackers to bypass the sandbox protection mechanism and execute arbitrary code via a crafted application.)
 CVE-2014-1296 (CFNetwork in Apple iOS before 7.1.1, Apple OS X through 10.9.2, and Apple TV before 6.1.1 does not ensure that a Set-Cookie HTTP header is complete before interpreting the header's value, which allows remote attackers to bypass intended access restrictions by triggering the closing of a TCP connection during transmission of a header, as demonstrated by an HTTPOnly restriction.)
 CVE-2014-1295 (Secure Transport in Apple iOS before 7.1.1, Apple OS X 10.8.x and 10.9.x through 10.9.2, and Apple TV before 6.1.1 does not ensure that a server's X.509 certificate is the same during renegotiation as it was before renegotiation, which allows man-in-the-middle attackers to obtain sensitive information or modify TLS session data via a "triple handshake attack.")
 CVE-2013-6393 (The yaml_parser_scan_tag_uri function in scanner.c in LibYAML before 0.1.5 performs an incorrect cast, which allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted tags in a YAML document, which triggers a heap-based buffer overflow.)
 CVE-2013-5170 (Buffer underflow in CoreGraphics in Apple Mac OS X before 10.9 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document.)
 CVE-2013-4164 (Heap-based buffer overflow in Ruby 1.8, 1.9 before 1.9.3-p484, 2.0 before 2.0.0-p353, 2.1 before 2.1.0 preview2, and trunk before revision 43780 allows context-dependent attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a string that is converted to a floating point value, as demonstrated using (1) the to_f method or (2) JSON.parse.)
Files:About Security Update 2014-002

PHP privilege escalation
Published:30.05.2014
Source:
SecurityVulns ID:13796
Type:local
Threat Level:
5/10
Description:Weak unix socket permissions.
Affected:PHP : PHP 5.5
CVE:CVE-2014-0185 (sapi/fpm/fpm/fpm_unix.c in the FastCGI Process Manager (FPM) in PHP before 5.4.28 and 5.5.x before 5.5.12 uses 0666 permissions for the UNIX socket, which allows local users to gain privileges via a crafted FastCGI client.)
Original documentdocumentMANDRIVA, [ MDVSA-2014:087 ] php (30.05.2014)

HP Operations Manager i code execution
Published:30.05.2014
Source:
SecurityVulns ID:13797
Type:remote
Threat Level:
6/10
Affected:HP : HP Operations Manager i 9.24
CVE:CVE-2014-2607 (Unspecified vulnerability in HP Operations Manager i 9.1 through 9.13 and 9.2 through 9.24 allows remote authenticated users to execute arbitrary code by leveraging the OMi operator role.)
Original documentdocumentHP, [security bulletin] HPSBMU03042 rev.1 - HP Operations Manager i, Execution of Arbitrary Code (30.05.2014)

Cisco Wide Area Application Services code execution
Published:30.05.2014
Source:
SecurityVulns ID:13798
Type:remote
Threat Level:
5/10
Description:SharePoint prefetch memory corruption.
Affected:CISCO : Wide Area Application Services 5.1
CVE:CVE-2014-2196 (Cisco Wide Area Application Services (WAAS) 5.1.1 before 5.1.1e, when SharePoint prefetch optimization is enabled, allows remote SharePoint servers to execute arbitrary code via a malformed response, aka Bug ID CSCue18479.)
Files:Cisco Wide Area Application Services Remote Code Execution Vulnerability

Cisco NX-OS multiple security vulnerabilities
Published:30.05.2014
Source:
SecurityVulns ID:13799
Type:remote
Threat Level:
7/10
Description:Privilege escalation, buffer overflow, DoS.
Affected:CISCO : Cisco 1000
CVE:CVE-2014-3261 (Buffer overflow in the Smart Call Home implementation in Cisco NX-OS on Fabric Interconnects in Cisco Unified Computing System 1.4 before 1.4(1i), NX-OS 5.0 before 5.0(3)U2(2) on Nexus 3000 devices, NX-OS 4.1 before 4.1(2)E1(1l) on Nexus 4000 devices, NX-OS 5.x before 5.1(3)N1(1) on Nexus 5000 devices, NX-OS 5.2 before 5.2(3a) on Nexus 7000 devices, and CG-OS CG4 before CG4(2) on Connected 1000 Connected Grid Routers allows remote SMTP servers to execute arbitrary code via a crafted reply, aka Bug IDs CSCtk00695, CSCts56633, CSCts56632, CSCts56628, CSCug14405, and CSCuf61322.)
 CVE-2014-2201 (The Message Transfer Service (MTS) in Cisco NX-OS before 6.2(7) on MDS 9000 devices and 6.0 before 6.0(2) on Nexus 7000 devices allows remote attackers to cause a denial of service (NULL pointer dereference and kernel panic) via a large volume of crafted traffic, aka Bug ID CSCtw98915.)
 CVE-2014-2200 (Cisco NX-OS 5.0 before 5.0(5) on Nexus 7000 devices, when local authentication and multiple VDCs are enabled, allows remote authenticated users to gain privileges within an unintended VDC via an SSH session to a management interface, aka Bug ID CSCti11629.)
 CVE-2013-1191 (Cisco NX-OS 6.1 before 6.1(5) on Nexus 7000 devices, when local authentication and multiple VDCs are enabled, allows remote authenticated users to gain privileges within an unintended VDC via crafted SSH key data in an SSH session to a management interface, aka Bug ID CSCud88400.)
Files:Multiple Vulnerabilities in Cisco NX-OS-Based Products

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod