ESA-2014-027: RSA® NetWitness and RSA® Security Analytics Authentication Bypass Vulnerability

ESA-2014-027.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2014-027: RSA® NetWitness and RSA® Security Analytics Authentication Bypass Vulnerability EMC Identifier: ESA-2014-027 CVE Identifier: CVE-2014-0643 Severity Rating: CVSS v2 Base Score: 7.6 AV:N/AC:H/Au:N/C:C/I:C/A:C Affected...

[oss-security] CVE request: Qemu: usb: fix up post load checks

Hello, Correct post load checks: 1. dev-setuplen == sizeofdev-databuf seems fine, no need to fail migration 2. When state is DATA, passing index len will cause memcpy with negative length, resulting in heap overflow An user able to alter the saved VM dataeither on the disk or over the wire during...

[oss-security] Re: CVE request: Qemu: usb: fix up post load checks

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 http://article.gmane.org/gmane.comp.emulators.qemu/272322 Here, it appears that the only security fix to http://git.qemu.org/?p=qemu.git;a=blob;f=hw/usb/bus.c;h=e48b19fc29bd9f831cc05990be73ddf49936d6a9;hb=HEAD is the insertion of the "dev-setupindex...

EncFS multiple cryptography vulnerabilities

Multiple vulnerabilities...

[ MDVSA-2014:085 ] ldns

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:085 http://www.mandriva.com/en/support/security/ Package : ldns Date : May 12, 2014 Affected: Business Server 1.0 Problem Description: Updated ldns packages fix security vulnerability: ldns-keygen creates a...

[oss-security] CVE-2014-0222 Qemu: qcow1: Validate L2 table size

Hello, 'CVE-2014-0222' has been assigned to this issue. Too large L2 table sizes cause unbounded allocations. Images actually created by qemu-img only have 512 byte or 4k L2 tables. To keep things consistent with cluster sizes, allow ranges between 512 bytes and 64k in fact, down to 1 entry = 8...

QEMU multiple security vulnerabilities

DoS, memory corruptions, buffer overflow...

[ MDVSA-2014:084 ] libpng

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:084 http://www.mandriva.com/en/support/security/ Package : libpng Date : May 12, 2014 Affected: Business Server 1.0, Enterprise Server 5.0 Problem Description: Updated libpng packages fix security...

[SECURITY] [DSA 2926-1] linux security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2926-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 12, 2014 http://www.debian.org/security/faq -...

[oss-security] Fwd: [ANNOUNCE] X.Org Security Advisory: Multiple issues in libXfont

ANNOUNCE XOrg Security Advisory: Multiple issues in libXfont.eml Тема: ANNOUNCE X.Org Security Advisory: Multiple issues in libXfont От: Alan Coopersmith [email protected] Дата: 13.05.2014 19:08 Кому: [email protected] Копия: [email protected], [email protected] X.Org Securi...

ldns weak permissions

ldns-keygen can create world-readable private key file...

[oss-security] Xen Security Advisory 95 - input handling vulnerabilities loading guest kernel on ARM

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Xen Security Advisory XSA-95 version 2 input handling vulnerabilities loading guest kernel on ARM UPDATES IN VERSION 2 ==================== Public release. ISSUE DESCRIPTION ================= When loading a 32-bit ARM guest kernel the Xen tools did no...

[oss-security] CVE request: Drupal Flag 7.x-3.5 Module Vulnerability report: Arbitrary code execution due to improper input handling in flag importer

Good morning, Could a CVE please be assigned to http://seclists.org/fulldisclosure/2014/May/44 if one has not been already? Apart from version 7, drupal6-flag-2.1-1.fc20 looks affected - patch applies, but I did not test it. For an older version, drupal6-flag-1.3-3.fc19 appears unaffected. Cheers...

Multiple Stored XSS in FOG Image deployment system - FD

Vulnerability title: Multiple Stored Cross-Site scripting CVE: CVE-2014-3111 Vendor: FOG Project Product: FOG Imaging system Affected version: 0.27 – 0.32latest Fixed version: N/A Reported by: Dolev Farhi ---------------------------- VULNERABILITY Details: ---------------------------- Latest and...

libXfont multiple security vulnerabilities

DoS, memory corruptions...

[oss-security] Zenoss Open Source monitoring System - Open Redirect & Stored XSS Vulnerabilities

hi, Several security issues were found in Zenoss monitoring system. 1. Stored XSS. A persistent XSS vulnerability was found in Zenoss core, by creating a malicious host with the Title scriptalert"Xss"/script any user browsing to the relevant manufacturers page will get a client-side script execut...

EMC Documentum Foundation Services uneuthorized access

Unauthorized files access...

FD - Cobbler Arbitrary File Read CVE-2014-3225

Vulnerability title: Arbitrary file read CVE: CVE-2014-3225 Vendor: Cobbler Product: Cobbler Affected version: =2.6.0 Fixed version: N/A Reported by: Dolev Farhi ---------------------------- VULNERABILITY Details: ---------------------------- In all Cobbler versions = 2.6.0 an arbitrary system...

[oss-security] Mumble 1.2.6: Mumble-SA-2014-005 and Mumble-SA-2014-006

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi oss-security, The Mumble team has just released Mumble 1.2.6, which contains fixes for the two following vulnerabilities: Mumble-SA-2014-005 http://mumble.info/security/Mumble-SA-2014-005.txt - SVG images with local file references could trigger...

[oss-security] A number of EncFS issues

Hi, https://defuse.ca/audits/encfs.htm discusses a number of issues in EncFS: "Same Key Used for Encryption and Authentication" "Stream Cipher Used to Encrypt Last File Block" "Generating Block IV by XORing Block Number" "File Holes are Not Authenticated" "MACs Not Compared in Constant Time"...

libgadu buffer overflow

Buffer overflow on server response parsing...

[oss-security] libgadu vulnerability: possible memory corruption

I'd like to request a CVE ID for the following issue: A crafted message from the file relay server may cause memory to beoverwritten. The memory is not overwritten with data sent directly by the server, but security implications cannot be ruled out. The bug is public:...

[oss-security] OpenFiler - Arbitrary Code Execution & Stored XSS

hi, Multiple vulnerabilities were discovered in the latest version of OpenFiler appliance, 2.99.1 as reported herehttps://forums.openfiler.com/index.php?/topic/6720-arbitrary-code-execution-stored-xss-vulnerability-in-openfiler-latest-version-2991/, here http://www.exploit-db.com/exploits/33247 a...

[USN-2211-1] libXfont vulnerabilities

========================================================================== Ubuntu Security Notice USN-2211-1 May 14, 2014 libxfont vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

ESA-2014-005: EMC Documentum Foundation Services (DFS) Content Access Vulnerability

ESA-2014-005.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2014-005: EMC Documentum Foundation Services DFS Content Access Vulnerability EMC Identifier: ESA-2014-005 CVE Identifier: CVE-2014-0622 Severity Rating: CVSS v2 Base Score: 9 AV:N/AC:L/Au:S/C:C/I:C/A:C Affected products: • EMC DF...

CVE-2014-2046 - Unauthenticated Credential And Configuration Retrieval In Broadcom Ltd PIPA C211

Vulnerability title: Unauthenticated Credential And Configuration Retrieval In Broadcom Ltd PIPA C211 CVE: CVE-2014-2046 Vendor: Broadcom Ltd Product: PIPA C211 Affected version: Soft Rev: SR1.1, HW Rev: PIPA C211 rev2 Fixed version: N/A Reported by: Jerzy Kramarz Details: By sending a crafted PO...

[oss-security] CVE request: various NodeJS module vulnerabilities

Hi all, This is a request for CVEs for the following vulnerabilities discovered by the Node Security Project. I left out their advisories where I could find an assigned CVE; CVE-2013-7370 CVE-2013-7371 CVE-2013-6393 CVE-2013-4660 https://nodesecurity.io/advisories printer potential command...

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

Xen buffer overflow

Buffer overflow on guest system kernel image loading...

[oss-security] CVE request: Pyplate multiple vulnerabilities

Hello list, My friend Teemu V. "requested" security audit for Pyplate. While quickly checking quality of this software I noticed following issues. This is not a full security audit as I don't have much free time. Tested version: v0.08 still beta Vendor notification: 2014-05-13 Issue 1. Installati...

BROADCOM PIPA C211 authentication bypass

Device configuration may be accessed without authentication...

Microsoft Internet Explorer multiple security vulnerabilities

Multiple memory corruptions...

Microsoft Publisher uninitialized pointer dereference

Uninitialized pointer dereference on file parsing...

Microsoft SharePoint Server multiple security vulnerabilities

Code execution, crossite scripting...

Microsoft Windows multiple security vulnerabilities

Windows File Handling code execution, Group Policy Preferences privileges escalation. .Net privileges escalation. Windows Shell privileges escalation. iSCSI DoS...

Microsoft Office multiple security vulnerabilities

Memory corruptions, buffer overflows, protection bypass...

HP Fibre Channel switches information leakage

No description provided...

[oss-security] CVE Request ---- SOAPpy 0.12.5 Multiple Vulnerabilities

Advisory ID: HTB23210 Product: Offiria Vendor: Slashes Dots Sdn Bhd. Vulnerable Versions: 2.1.0 and probably prior Tested Version: 2.1.0 Advisory Publication: April 2, 2014 without technical details Vendor Notification: April 2, 2014 Public Disclosure: May 7, 2014 Vulnerability Type: Cross-Site...

HP Network Node Manager crossite scripting

No description provided...

OnApp SSH keys cloning

ECDSA host keys are not regenerated after system image cloning...

Directory Traversal Vulnerability in VMTurbo Operations Manager 4.5 or earlier

Product: VM Turbo Operations Manager Vendor: VM Turbo Vulnerable Versions: 4.5.x earlier Tested Version: 4.0 Advisory Publication: April 11, 2014 Vendor Notification: April 11, 2014 Public Disclosure: May 8, 2014 Vulnerability Type: Directory Traversal Discovered and Provided: Jamal Pecou Securit...

[oss-security] CVE request: Denial of Service attacks against Dovecot v1.1+

Hello, Can I get CVE identifier for DoS attacks against Dovecot v1.1+, thank you. http://permalink.gmane.org/gmane.mail.imap.dovecot/77499 """ There's an upper limit to how many IMAP/POP3 connections can exist that haven't logged in and separate limits for post-login. Normally when this limit is...

Cross-Site Scripting (XSS) in Offiria

Advisory ID: HTB23210 Product: Offiria Vendor: Slashes Dots Sdn Bhd. Vulnerable Versions: 2.1.0 and probably prior Tested Version: 2.1.0 Advisory Publication: April 2, 2014 without technical details Vendor Notification: April 2, 2014 Public Disclosure: May 7, 2014 Vulnerability Type: Cross-Site...

[ MDVSA-2014:081 ] apache-mod_security

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:081 http://www.mandriva.com/en/support/security/ Package : apache-modsecurity Date : May 8, 2014 Affected: Business Server 1.0, Enterprise Server 5.0 Problem Description: Updated apache-modsecurity packages...

[oss-security] CVE request: python-lxml clean_html() input sanitization flaw

Hi, can a CVE be assigned to the following issue? The lxml.html.clean module cleans up HTML by removing embedded or script content, special tags, CSS style annotations and much more. It was found 1 that the cleanhtml function, provided by the lxml.html.clean module, did not properly clean HTML...

GNU Emacs

Symbolic links vulnerability on temporary files creation...

SEC Consult SA-20140508-0 :: Multiple critical vulnerabilities in AVG Remote Administration

SEC Consult Vulnerability Lab Security Advisory 20140508-0 ======================================================================= title: Multiple critical vulnerabilities product: AVG Remote Administration vulnerable version: all - except issue 2 fixed version: none - except issue 2 impact:...

NVidia drivers privilege escalation

Privilege escalation via X.Org drivers...

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

[security bulletin] HPSBMU03035 rev.1 - HP Network Node Manager I (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Cross-Site Scripting (XSS)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04273695 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04273695 Version: 1 HPSBMU03035 rev....