[oss-security] CVE request: Linux kernel DoS with syscall auditing

Issuing a system call with a random large number will OOPS, depending on configuration. A configuration that will enable this bug is: auditctl -a exit,always -S open No privilege whatsoever is required to trigger the OOPS. It's possible that this can be extended to more than just a DoS -- with so...

CVE-2014-2881 - Poor Quality Implementation of Diffie-Hellman Key Exchange in Citrix Netscaler

Vulnerability title: Poor Quality Implementation of Diffie-Hellman Key Exchange in Citrix Netscaler CVE: CVE-2014-2881 Vendor: Citrix Product: Netscaler Affected version: All prior to 10.1-122.17/9.3-66.5 Fixed version: 10.1-122.17/9.3-66.5 Reported by: Graham Sutherland Details: The remote...

SAP Router timing attacks information leakage

It's possible to find a valid password via statistical attacks...

Ubuntu 12.04 LTS / 12.10 / 13.10 : thunderbird vulnerabilities (USN-2151-1)

Benoit Jacob, Olli Pettay, Jan Varga, Jan de Mooij, Jesse Ruderman, Dan Gohman and Christoph Diehl discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could potentially exploit these to cause...

USN-2151-1: Thunderbird vulnerabilities

Benoit Jacob, Olli Pettay, Jan Varga, Jan de Mooij, Jesse Ruderman, Dan Gohman and Christoph Diehl discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could potentially exploit these to cause...

Ubuntu Update for firefox USN-2150-1

Check for the Version of firefox OpenVAS Vulnerability Test $Id: gbubuntuUSN21501.nasl 7957 2017-12-01 06:40:08Z santu $ Ubuntu Update for firefox USN-2150-1 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software...

Ubuntu: Security Advisory (USN-2150-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Firefox < 28.0 Multiple Vulnerabilities (Mac OS X)

The installed version of Firefox is a version prior to version 28.0. It is, therefore, potentially affected by multiple vulnerabilities : - Memory issues exist that could lead to arbitrary code execution. CVE-2014-1493, CVE-2014-1494 - An issue exists where extracted files for updates are not...

Firefox < 28.0 Multiple Vulnerabilities

The installed version of Firefox is a version prior to 28.0 and is, therefore, potentially affected by the following vulnerabilities : - Memory issues exist that could lead to arbitrary code execution. CVE-2014-1493, CVE-2014-1494 - An issue exists where extracted files for updates are not...

Mozilla Thunderbird < 24.4 Multiple Vulnerabilities

The installed version of Thunderbird is a version prior to 24.4 and is, therefore, potentially affected the following vulnerabilities: - Memory issues exist that could lead to arbitrary code execution. CVE-2014-1493, CVE-2014-1494 - An issue exists where extracted files for updates are not...

Thunderbird < 24.4 Multiple Vulnerabilities (Mac OS X)

The installed version of Thunderbird is a version prior to version 24.4. It is, therefore, potentially affected by the following vulnerabilities : - Memory issues exist that could lead to arbitrary code execution. CVE-2014-1493, CVE-2014-1494 - An issue exists where extracted files for updates ar...

Firefox ESR 24.x < 24.4 Multiple Vulnerabilities (Mac OS X)

The installed version of Firefox ESR 24.x is prior to 24.4 and is, therefore, potentially affected by the following vulnerabilities : - Memory issues exist that could lead to arbitrary code execution. CVE-2014-1493, CVE-2014-1494 - A flaw exists in the checkHandshake function due to improper...

Firefox ESR 24.x < 24.4 Multiple Vulnerabilities

The installed version of Firefox ESR 24.x is a version prior to 24.4. It is, therefore, potentially affected by the following vulnerabilities : - Memory issues exist that could lead to arbitrary code execution. CVE-2014-1493, CVE-2014-1494 - A flaw exists in the checkHandshake function due to...

SVG filters information disclosure through feDisplacementMap — Mozilla

Mozilla developer Robert O'Callahan reported a mechanism for timing attacks involving SVG filters and displacements input to feDisplacementMap. This allows displacements to potentially be correlated with values derived from content. This is similar to the previously reported techniques used for S...

Information disclosure through polygon rendering in MathML — Mozilla

Security researcher Tyson Smith and Jesse Schwartzentruber of the BlackBerry Security Automated Analysis Team used the Address Sanitizer tool while fuzzing to discover an out-of-bounds read during polygon rendering in MathML. This can allow web content to potentially read protected memory...

Updated mediawiki packages fix multiple vulnerabilities

Updated mediawiki packages fix security vulnerabilities: MediaWiki before 1.22.3 does not block unsafe namespaces, such as a W3C XHTML namespace, in uploaded SVG files. Some client software may use these namespaces in a way that results in XSS. This was fixed by disallowing uploading SVG files...

MGASA-2014-0124 Updated mediawiki packages fix multiple vulnerabilities

Updated mediawiki packages fix security vulnerabilities: MediaWiki before 1.22.3 does not block unsafe namespaces, such as a W3C XHTML namespace, in uploaded SVG files. Some client software may use these namespaces in a way that results in XSS. This was fixed by disallowing uploading SVG files...

Dropbear SSH server timing attacks

Different timings for existent and nonexistent users...

PolarSSL multiple security vulnerabilities

DoS, buffer overflows, timing attacks...

Debian DSA-2782-1 : polarssl - several vulnerabilities

Multiple security issues have been discovered in PolarSSL, a lightweight crypto and SSL/TLS library : - CVE-2013-4623 Jack Lloyd discovered a denial of service vulnerability in the parsing of PEM-encoded certificates. - CVE-2013-5914 Paul Brodeur and TrustInSoft discovered a buffer overflow in th...