Medium: krb5

Issue Overview: It was found that if a KDC served multiple realms, certain requests could cause the setupserverrealm function to dereference a NULL pointer. A remote, unauthenticated attacker could use this flaw to crash the KDC using a specially crafted request. CVE-2013-1418, CVE-2013-6800 A NU...

Medium: wireshark

Issue Overview: Multiple flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. CVE-2014-6429, CVE-2014-6430, CVE-2014-6431, CVE-2014-6432 Several denial ...

Medium: python27

Issue Overview: It was discovered http://bugs.python.org/issue21766 that Python built-in module CGIHTTPServer does not properly handle URL-encoded path separators in URLs which may enable attackers to disclose a CGI script's source code or execute arbitrary scripts in the server's document root...

Medium: ruby20

Issue Overview: The REXML parser in Ruby 1.9.x before 1.9.3-p550, 2.0.x before 2.0.0-p594, and 2.1.x before 2.1.4 allows remote attackers to cause a denial of service memory consumption via a crafted XML document, aka an XML Entity Expansion XEE attack. Affected Packages: ruby20 Issue Correction:...

Medium: ruby21

Issue Overview: The REXML parser in Ruby 1.9.x before 1.9.3-p550, 2.0.x before 2.0.0-p594, and 2.1.x before 2.1.4 allows remote attackers to cause a denial of service memory consumption via a crafted XML document, aka an XML Entity Expansion XEE attack. Affected Packages: ruby21 Issue Correction:...

Medium: wget

Issue Overview: Absolute path traversal vulnerability in GNU Wget before 1.16, when recursion is enabled, allows remote FTP servers to write to arbitrary files, and consequently execute arbitrary code, via a LIST response that references the same filename within two entries, one of which indicate...

Important: php54

Issue Overview: An out of bounds read flaw was found in the way the xmlrpc extension parsed dates in the ISO 8601 format. A specially crafted XML-RPC request or response could possibly cause a PHP application to crash. CVE-2014-3668 An integer overflow flaw was found in the way custom objects wer...

Important: php55

Issue Overview: An out of bounds read flaw was found in the way the xmlrpc extension parsed dates in the ISO 8601 format. A specially crafted XML-RPC request or response could possibly cause a PHP application to crash. CVE-2014-3668 An integer overflow flaw was found in the way custom objects wer...

Medium: xerces-j2

Issue Overview: A resource consumption issue was found in the way Xerces-J handled XML declarations. A remote attacker could use an XML document with a specially crafted declaration using a long pseudo-attribute name that, when parsed by an application using Xerces-J, would cause that application...

Medium: cups

Issue Overview: A cross-site scripting XSS flaw was found in the CUPS web interface. An attacker could use this flaw to perform a cross-site scripting attack against users of the CUPS web interface. CVE-2014-2856 It was discovered that CUPS allowed certain users to create symbolic links in certai...

Medium: golang

Issue Overview: crpyto/tls in Go 1.1 before 1.3.2, when SessionTicketsDisabled is enabled, allows man-in-the-middle attackers to spoof clients via unspecified vectors. Affected Packages: golang Issue Correction: Run yum update golang or yum update --advisory ALAS-2014-437 to update your system. N...

Important: squid

Issue Overview: A flaw was found in the way Squid handled malformed HTTP Range headers. A remote attacker able to send HTTP requests to the Squid proxy could use this flaw to crash Squid. CVE-2014-3609 A buffer overflow flaw was found in Squid's DNS lookup module. A remote attacker able to send...

Important: java-1.6.0-openjdk

Issue Overview: Multiple flaws were discovered in the Libraries, 2D, and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. CVE-2014-6506, CVE-2014-6531, CVE-2014-6502, CVE-2014-6511, CVE-2014-6504, CVE-2014-65...

Important: mysql55

Issue Overview: Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: SERVER:SSL:yaSSL. Supported versions that are affected are 5.5.39 and earlier and 5.6.20 and earlier. Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols...

Important: java-1.7.0-openjdk

Issue Overview: Multiple flaws were discovered in the Libraries, 2D, and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. CVE-2014-6506, CVE-2014-6531, CVE-2014-6502, CVE-2014-6511, CVE-2014-6504, CVE-2014-65...

Important: nss

Issue Overview: A flaw was found in the way SSL 3.0 handled padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining CBC mode. This flaw allows a man-in-the-middle MITM attacker to decrypt a selected byte of a cipher text in as few as 256 tries if they are abl...

Important: java-1.8.0-openjdk

Issue Overview: It was discovered that the Libraries component in OpenJDK failed to properly handle ZIP archives that contain entries with a NUL byte used in the file names. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions. CVE-2014-6562 Multiple fla...

Important: openssl

Issue Overview: A memory leak flaw was found in the way OpenSSL parsed the DTLS Secure Real-time Transport Protocol SRTP extension data. A remote attacker could send multiple specially crafted handshake messages to exhaust all available memory of an SSL/TLS or DTLS server. CVE-2014-3513 A memory...

Important: openssl

Issue Overview: Bodo Moller, Thai Duong and Krzysztof Kotowicz of Google discovered a flaw in the design of SSL version 3.0 that would allow an attacker to calculate the plaintext of secure connections, allowing, for example, secure HTTP cookies to be stolen...

Medium: python-oauth2

Issue Overview: The Server.verifyrequest function in SimpleGeo python-oauth2 does not check the nonce, which allows remote attackers to perform replay attacks via a signed URL. The 1 makenonce, 2 generatenonce, and 3 generateverifier functions in SimpleGeo python-oauth2 uses weak random numbers t...

Medium: nginx

Issue Overview: A virtual host confusion issue was found in nginx, allowing HTTPS connections for one origin to be redirected to the virtual host of a different origin. This leads to a variety of issues, such as cookie theft and session hijacking. It could be triggered from a cross-site scripting...

Important: nss-util

Issue Overview: A flaw was found in the way NSS parsed ASN.1 Abstract Syntax Notation One input from certain RSA signatures. A remote attacker could use this flaw to forge RSA certificates by providing a specially crafted signature to an application using NSS. Affected Packages: nss-util Issue...

Important: nss-softokn

Issue Overview: A flaw was found in the way NSS parsed ASN.1 Abstract Syntax Notation One input from certain RSA signatures. A remote attacker could use this flaw to forge RSA certificates by providing a specially crafted signature to an application using NSS. Affected Packages: nss-softokn Issue...

Important: nss

Issue Overview: A flaw was found in the way NSS parsed ASN.1 Abstract Syntax Notation One input from certain RSA signatures. A remote attacker could use this flaw to forge RSA certificates by providing a specially crafted signature to an application using NSS. Affected Packages: nss Issue...

Medium: GraphicsMagick

Issue Overview: A buffer overflow flaw affecting ImageMagick and GraphicsMagic when handling PSD images was reported. Affected Packages: GraphicsMagick Issue Correction: Run yum update GraphicsMagick or yum update --advisory ALAS-2014-420 to update your system. New Packages: i686: ...

Important: bash

Issue Overview: GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vecto...

Critical: bash

Issue Overview: This ALAS is superceded by ALAS-2014-419 https://alas.aws.amazon.com/ALAS-2014-419.html". A flaw was found in the way Bash evaluated certain specially crafted environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell...

Medium: php55

Issue Overview: A denial of service flaw was found in the way the File Information fileinfo extension parsed certain Composite Document Format CDF files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted CDF file. gdctx.c in the GD component i...

Medium: kernel

Issue Overview: fs/namespace.c in the Linux kernel through 3.16.1 does not properly restrict clearing MNTNODEV, MNTNOSUID, and MNTNOEXEC and changing MNTATIMEMASK during a remount of a bind mount, which allows local users to gain privileges, interfere with backups and auditing on systems that had...

Medium: json-c

Issue Overview: The hash functionality in json-c before 0.12 allows context-dependent attackers to cause a denial of service CPU consumption via crafted JSON data, involving collisions. Buffer overflow in the printbuf APIs in json-c before 0.12 allows remote attackers to cause a denial of service...

Medium: subversion

Issue Overview: The Serf RA layer in Apache Subversion 1.4.0 through 1.7.x before 1.7.18 and 1.8.x before 1.8.10 does not properly handle wildcards in the Common Name CN or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof servers via a crafted...

Important: axis

Issue Overview: It was discovered that Axis incorrectly extracted the host name from an X.509 certificate subject's Common Name CN field. A man-in-the-middle attacker could use this flaw to spoof an SSL server using a specially crafted X.509 certificate. CVE-2014-3596 Affected Packages: axis Issu...

Low: httpd

Issue Overview: The modheaders module in the Apache HTTP Server 2.2.22 allows remote attackers to bypass "RequestHeader unset" directives by placing a header in the trailer portion of data sent with chunked transfer coding. NOTE: the vendor states "this is not a security issue in httpd as such."...

Medium: libxcb

Issue Overview: Integer overflow in X.org libxcb 1.9 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the readpacket function. Affected Packages: libxcb Issue Correction: Run yum update libxcb or yum update --advisory...

Medium: libXtst

Issue Overview: Integer overflow in X.org libXtst 1.2.1 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the XRecordGetContext function. Affected Packages: libXtst Issue Correction: Run yum update libXtst or yum update --adviso...

Medium: glibc

Issue Overview: A directory traveral flaw was found in the way glibc loaded locale files. An attacker able to make an application use a specially crafted locale name value for example, specified in an LC environment variable could possibly use this flaw to execute arbitrary code with the privileg...

Medium: libXfont

Issue Overview: Multiple integer overflows in the 1 fsgetreply, 2 fsallocglyphs, and 3 fsreadextentinfo functions in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 allow remote font servers to execute arbitrary code via a crafted xfs reply, which triggers a buffer overflow. Multiple...

Medium: libXext

Issue Overview: Multiple integer overflows in X.org libXext 1.3.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the 1 XcupGetReservedColormapEntries, 2 XcupStoreColors, 3 XdbeGetVisualInfo, 4 XeviGetVisualInfo, 5...

Medium: curl

Issue Overview: libcurl wrongly allows cookies to be set for TLDs, thus making them much broader then they are supposed to be allowed to. This can allow arbitrary sites to set cookies that then would get sent to a different and unrelated site or domain. By not detecting and rejecting domain names...

Medium: lua

Issue Overview: Buffer overflow in the vararg functions in ldo.c in Lua 5.1 through 5.2.x before 5.2.3 allows context-dependent attackers to cause a denial of service crash via a small number of arguments to a function with a large number of fixed arguments. Affected Packages: lua Issue Correctio...

Low: automake19

Issue Overview: It was found that the distcheck rule in Automake-generated Makefiles made a directory world-writable when preparing source archives. If a malicious, local user could access this directory, they could execute arbitrary code with the privileges of the user running "make distcheck"...

Medium: fwsnort

Issue Overview: Untrusted search path vulnerability in fwsnort before 1.6.4, when not running as root, allows local users to execute arbitrary code via a Trojan horse fwsnort.conf in the current working directory. Affected Packages: fwsnort Issue Correction: Run yum update fwsnort or yum update...

Important: squid

Issue Overview: A flaw was found in the way Squid handled malformed HTTP Range headers. A remote attacker able to send HTTP requests to the Squid proxy could use this flaw to crash Squid. CVE-2014-3609 A buffer overflow flaw was found in Squid's DNS lookup module. A remote attacker able to send...

Important: procmail

Issue Overview: A heap-based buffer overflow flaw was found in procmail's formail utility. A remote attacker could send an email with specially crafted headers that, when processed by formail, could cause procmail to crash or, possibly, execute arbitrary code as the user running formail...

Important: jakarta-commons-httpclient

Issue Overview: Apache Commons HttpClient 3.x, as used in Amazon Flexible Payments Service FPS merchant Java SDK and other products, does not verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows...

Medium: libserf

Issue Overview: The 1 serfsslcertissuer, 2 serfsslcertsubject, and 3 serfsslcertcertificate functions in Serf 0.2.0 through 1.3.x before 1.3.7 does not properly handle a NUL byte in a domain name in the subject's Common Name CN field of an X.509 certificate, which allows man-in-the-middle attacke...

Important: glibc

Issue Overview: An off-by-one heap-based buffer overflow flaw was found in glibc's internal gconvtranslitfind function. An attacker able to make an application call the iconvopen function with a specially crafted argument could possibly use this flaw to execute arbitrary code with the privileges ...

Medium: file

Issue Overview: Integer overflow in the cdfreadpropertyinfo function in cdf.c in file through 5.19, as used in the Fileinfo component in PHP before 5.4.32 and 5.5.x before 5.5.16, allows remote attackers to cause a denial of service application crash via a crafted CDF file. NOTE: this vulnerabili...

Medium: php-ZendFramework

Issue Overview: The implementation of the ORDER BY SQL statement in ZendDbSelect of Zend Framework 1 contains a potential SQL injection when the query string passed contains parentheses, as discussed in http://framework.zend.com/security/advisory/ZF2014-04. Affected Packages: php-ZendFramework...

Low: exim

Issue Overview: expand.c in Exim before 4.83 expands mathematical comparisons twice, which allows local users to gain privileges and execute arbitrary commands via a crafted lookup value. Affected Packages: exim Issue Correction: Run yum update exim or yum update --advisory ALAS-2014-395 to updat...