MGASA-2014-0508 Updated yaml & perl-YAML-LibYAML packages fix CVE-2014-9130

Updated yaml and perl-YAML-LibYAML packages fix security vulnerability: An assertion failure was found in the way the libyaml library parsed wrapped strings. An attacker able to load specially crafted YAML input into an application using libyaml could cause the application to crash CVE-2014-9130...

Updated yaml & perl-YAML-LibYAML packages fix CVE-2014-9130

Updated yaml and perl-YAML-LibYAML packages fix security vulnerability: An assertion failure was found in the way the libyaml library parsed wrapped strings. An attacker able to load specially crafted YAML input into an application using libyaml could cause the application to crash CVE-2014-9130...

openSUSE Security Update : zeromq (openSUSE-SU-2014:1493-1)

zeromq was updated to version 4.0.5 to fix two security issues and various other bugs. These security issues were fixed : - Did not validate the other party's security handshake properly, allowing a man-in-the-middle downgrade attack CVE-2014-7202. - Did not implement a uniqueness check on...

CVE-2014-8415

Race condition in the chanpjsip channel driver in Asterisk Open Source 12.x before 12.7.1 and 13.x before 13.0.1 allows remote attackers to cause a denial of service assertion failure and crash via a cancel request for a SIP session with a queued action to 1 answer a session or 2 send ringing...

openSUSE Security Update : zeromq (openSUSE-SU-2014:1381-1)

This udpate for zeromq fixes the following non-security and security-issues: Update to version 4.0.4, for a detailed description see /usr/share/doc/packages/zeromq-devel/NEWS - Add libsodium dep for testsuite where possible - Version bump to 4.0.5 fixes bnc898917 CVE-2014-7202 and CVE-2014-7203 :...

CVE-2014-3955

routed in FreeBSD 8.4 through 10.1-RC2 allows remote attackers to cause a denial of service assertion failure and daemon exit via an RIP request from a source not on a directly connected network...

Authentication flaw

routed in FreeBSD 8.4 through 10.1-RC2 allows remote attackers to cause a denial of service assertion failure and daemon exit via an RIP request from a source not on a directly connected network...

CVE-2014-3955

CVE-2014-3955 affects FreeBSD routed(8). The input path of RIP queries will accept from any source, but the output path assumes the reply is to a directly connected network, causing an assertion failure and daemon exit when a query originates off-subnet. Impact is a denial of service (routing tab...

齐博整站/地方门户SQL注入漏洞

简要描述： 继 http://wooyun.org/bugs/wooyun-2014-079938 后第二发，依旧是直接注入非盲注，绝不鸡肋。 看看乌云的奖励怎么样，好的话还有第三发。 详细说明： 一个比较有意思的点，因为安全策略造成的注入。 就拿齐博整站系统为例。 看到/member/userinfo.php，112到114行： //过滤不健康的字 $truename=replacebadword$truename; $introduce=replacebadword$introduce; $address=replacebadword$address;...

CXF: The SecurityTokenService accepts certain invalid SAML Tokens as valid

It was found that the SecurityTokenService STS, provided as a part of Apache CXF, could under certain circumstances accept invalid SAML tokens as valid. A remote attacker could use a specially crafted SAML token to gain access to an application that uses STS for validation of SAML tokens...

CVE-2014-3635

Off-by-one error in D-Bus 1.3.0 through 1.6.x before 1.6.24 and 1.8.x before 1.8.8, when running on a 64-bit system and the maxmessageunixfds limit is set to an odd number, allows local users to cause a denial of service dbus-daemon crash or possibly execute arbitrary code by sending one more fil...

Heap overflow

Off-by-one error in D-Bus 1.3.0 through 1.6.x before 1.6.24 and 1.8.x before 1.8.8, when running on a 64-bit system and the maxmessageunixfds limit is set to an odd number, allows local users to cause a denial of service dbus-daemon crash or possibly execute arbitrary code by sending one more fil...

CVE-2014-3635

Off-by-one error in D-Bus 1.3.0 through 1.6.x before 1.6.24 and 1.8.x before 1.8.8, when running on a 64-bit system and the maxmessageunixfds limit is set to an odd number, allows local users to cause a denial of service dbus-daemon crash or possibly execute arbitrary code by sending one more fil...

CVE-2014-2685

The GenericConsumer class in the Consumer component in ZendOpenId before 2.0.2 and the ZendOpenIdConsumer class in Zend Framework 1 before 1.12.4 violate the OpenID 2.0 protocol by ensuring only that at least one field is signed, which allows remote attackers to bypass authentication by leveragin...

squid security update

7:3.3.8-12 - Resolves: 1134933 - CVE-2014-3609 assertion failure in header processing...

squid security update

7:3.1.10-22 - Resolves: 1134936 - CVE-2013-4115 buffer overflow when processing overly long DNS names 7:3.1.10-21 - Resolves: 1134936 - CVE-2014-3609 assertion failure in header processing...

Directory traversal

Multiple directory traversal vulnerabilities in crs.exe in the Cell Request Service in HP Data Protector allow remote attackers to create arbitrary files via an opcode-1091 request, or create or delete arbitrary files via an opcode-305 request. NOTE: the vendor reportedly asserts that this behavi...

Design/Logic Flaw

The cdfreadshortsector function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial of service assertion failure and application exit via a crafted CDF file...

CVE-2014-0207

The cdfreadshortsector function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial of service assertion failure and application exit via a crafted CDF file...

CVE-2014-0207

CVE-2014-0207 affects the PHP fileinfo extension’s handling of Composite Document Format (CDF) files. The vulnerability is in the cdf_read_short_sector() function (cdf.c) when used with PHP builds prior to 5.4.30 and 5.5.x prior to 5.5.14, where insufficient boundary checks allow a remote attacke...