The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of NETASQ

computer vulnerability CVE-2014-3566

SSL 3.0: decrypting session, POODLE

Synthesis of the vulnerability

An attacker, located as a Man-in-the-Middle, can decrypt a SSL 3.0 session, in order to obtain sensitive information.
Impacted products: Stormshield Endpoint Security, Stormshield Network Security, Apache httpd, Arkoon FAST360, ArubaOS, Asterisk Open Source, BES, ProxyAV, ProxySG, GAiA, CheckPoint IP Appliance, IPSO, SecurePlatform, CheckPoint Security Appliance, CheckPoint Security Gateway, Cisco ASR, Cisco ACE, ASA, AsyncOS, Cisco CSS, Cisco ESA, IOS Cisco, IOS XE Cisco, IOS XR Cisco, IronPort Email, Cisco Nexus, NX-OS, Cisco Prime, WebNS, Cisco Router xx00 Series, Clearswift Email Gateway, Clearswift Web Gateway, CUPS, Debian, Black Diamond, ExtremeXOS, Ridgeline, Summit, BIG-IP Appliance, Fedora, FortiGate, FortiGate Virtual Appliance, FortiManager, FortiManager Virtual Appliance, FortiOS, FreeBSD, F-Secure AV, HP BSM, HP NNMi, HP Operations, ProCurve Switch, SiteScope, HP Switch, TippingPoint IPS, HP-UX, AIX, Security Directory Server, SPSS Data Collection, Tivoli System Automation, Tivoli Workload Scheduler, WebSphere AS, WebSphere MQ, WS_FTP Server, IVE OS, Juniper J-Series, JUNOS, Junos Space, Junos Space Network Management Platform, MAG Series, NSM Central Manager, NSMXpress, Juniper SA, Domino, Notes, MBS, McAfee Email and Web Security, McAfee Email Gateway, ePO, VirusScan, McAfee Web Gateway, IE, Windows 2003, Windows 2008 R0, Windows 2008 R2, Microsoft Windows 2012, Windows 7, Windows 8, Windows (platform), Windows RT, Windows Vista, NETASQ, NetBSD, NetIQ Sentinel, NetScreen Firewall, ScreenOS, nginx, OpenSSL, openSUSE, Solaris, PAN-OS, Polycom CMA, HDX, RealPresence Collaboration Server, RealPresence Distributed Media Application, Polycom VBP, Postfix, SSL/TLS, Puppet, RHEL, Red Hat JBoss EAP, RSA Authentication Manager, Slackware, Splunk, stunnel, SUSE Linux Enterprise Desktop, SLES, Synology DSM, Unix (platform), ESXi, vCenter, VMware vSphere, VMware vSphere Hypervisor, Wind River Linux.
Severity: 3/4.
Creation date: 15/10/2014.
Identifiers: 1589583, 1595265, 1653364, 1657963, 1663874, 1687167, 1687173, 1687433, 1687604, 1687611, 1690160, 1690185, 1690342, 1691140, 1692551, 1695392, 1696383, 1699051, 1700706, 2977292, 3009008, 7036319, aid-10142014, AST-2014-011, bulletinapr2015, bulletinjan2015, c04486577, c04487990, c04492722, c04497114, c04506802, c04510230, c04567918, c04616259, c04626982, c04676133, CERTFR-2014-ALE-007, CERTFR-2014-AVI-454, CERTFR-2014-AVI-509, CERTFR-2015-AVI-169, cisco-sa-20141015-poodle, CVE-2014-3566, DSA-3053-1, DSA-3253-1, ESA-2014-178, ESXi500-201502001, ESXi500-201502101-SG, ESXi510-201503001, ESXi510-201503001-SG, ESXi510-201503101-SG, ESXi550-201501001, ESXi550-201501101-SG, FEDORA-2014-12989, FEDORA-2014-12991, FEDORA-2014-13012, FEDORA-2014-13017, FEDORA-2014-13040, FEDORA-2014-13069, FEDORA-2014-13070, FEDORA-2014-13444, FEDORA-2014-13451, FEDORA-2014-13764, FEDORA-2014-13777, FEDORA-2014-13781, FEDORA-2014-13794, FEDORA-2014-14234, FEDORA-2014-14237, FEDORA-2014-15379, FEDORA-2014-15390, FEDORA-2014-15411, FEDORA-2014-17576, FEDORA-2014-17587, FreeBSD-SA-14:23.openssl, FSC-2014-8, HPSBGN03256, HPSBGN03305, HPSBGN03332, HPSBHF03156, HPSBHF03300, HPSBMU03152, HPSBMU03184, HPSBMU03213, HPSBUX03162, HPSBUX03194, JSA10656, MDVSA-2014:203, MDVSA-2014:218, MDVSA-2015:062, NetBSD-SA2014-015, openSUSE-SU-2014:1331-1, openSUSE-SU-2014:1384-1, openSUSE-SU-2014:1395-1, openSUSE-SU-2014:1426-1, PAN-SA-2014-0005, POODLE, RHSA-2014:1652-01, RHSA-2014:1653-01, RHSA-2014:1692-01, RHSA-2014:1920-01, RHSA-2014:1948-01, RHSA-2015:0010-01, RHSA-2015:0011-01, RHSA-2015:0012-01, SA83, SB10090, SB10104, sk102989, SOL15702, SP-CAAANKE, SP-CAAANST, SPL-91947, SPL-91948, SSA:2014-288-01, SSRT101767, STORM-2014-02-FR, SUSE-SU-2014:1357-1, SUSE-SU-2014:1361-1, SUSE-SU-2014:1386-1, SUSE-SU-2014:1387-1, SUSE-SU-2014:1387-2, SUSE-SU-2014:1409-1, SUSE-SU-2015:0010-1, T1021439, TSB16540, VIGILANCE-VUL-15485, VMSA-2015-0001, VMSA-2015-0001.1, VMSA-2015-0001.2, VN-2014-003, VU#577193.

Description of the vulnerability

An SSL/TLS session can be established using several protocols:
 - SSL 2.0 (obsolete)
 - SSL 3.0
 - TLS 1.0
 - TLS 1.1
 - TLS 1.2

An attacker can downgrade the version to SSLv3. However, with SSL 3.0, an attacker can change the padding position with a CBC encryption, in order to progressively guess clear text fragments.

This vulnerability is named POODLE (Padding Oracle On Downgraded Legacy Encryption).

An attacker, located as a Man-in-the-Middle, can therefore decrypt a SSL 3.0 session, in order to obtain sensitive information.
Complete Vigil@nce bulletin.... (free trial)

vulnerability alert CVE-2007-3725

ClamAV, unrar: denial of service

Synthesis of the vulnerability

An attacker can create a malicious RAR archive in order to stop ClamAV or unrar.
Impacted products: ClamAV, Debian, Mandriva Corporate, Mandriva Linux, NETASQ, NLD, OES, openSUSE, SLES, Unix (platform).
Severity: 2/4.
Creation date: 11/07/2007.
Identifiers: BID-24866, CERTA-2002-AVI-136, CERTA-2007-AVI-306, CVE-2007-3725, DSA-1340-1, MDKSA-2007:150, SUSE-SR:2007:015, VIGILANCE-VUL-6991.

Description of the vulnerability

The ClamAV antivirus and the unrar tool share the same vulnerability.

The execute_standard_filter() function of unrarvm.c does not check if one of the sizes indicated in the RAR file is too small. This error forces ClamAV to read data at an invalid address, which leads to a segmentation error.

An attacker can therefore create a malicious RAR archive in order to stop ClamAV or unrar.
Complete Vigil@nce bulletin.... (free trial)

computer vulnerability CVE-2007-2650 CVE-2007-3023 CVE-2007-3024

ClamAV: several vulnerabilities

Synthesis of the vulnerability

Several vulnerabilities of ClamAV lead to denials of service or to code execution.
Impacted products: ClamAV, Debian, Fedora, Mandriva Corporate, Mandriva Linux, NETASQ, openSUSE.
Severity: 3/4.
Creation date: 31/05/2007.
Identifiers: BID-24289, BID-24316, BID-24358, CVE-2007-2650, CVE-2007-3023, CVE-2007-3024, CVE-2007-3025, CVE-2007-3122, CVE-2007-3123, DSA-1320-1, FEDORA-2007-1154, MDKSA-2007:115, SUSE-SA:2007:033, VIGILANCE-VUL-6855.

Description of the vulnerability

Several vulnerabilities of ClamAV lead to denials of service or to code execution.

The %v parameter is not correctly checked in fresclam/manager.c. [severity:3/4]

Malicious RAR headers are not correctly handled in libclamav/unrar/unrar.c. [severity:3/4; BID-24289, CVE-2007-3122]

Size of data is not correctly computed in libclamav/unsp.c. [severity:3/4; CVE-2007-3023]

Permissions of temporary files created by cli_gentempstream() are not sufficiently strict. [severity:3/4; CVE-2007-3024]

A malicious OLE file can generate an infinite loop in libclamav/ole2_extract.c. [severity:3/4; BID-24316, CVE-2007-2650]

An unknown vulnerability affects libclamav/phishcheck.c. [severity:3/4; CVE-2007-3025]

An unknown vulnerability affects libclamav/unrar/unrar.c. [severity:3/4; CVE-2007-3123]

An unknown vulnerability affects libclamav/pdf.c. [severity:3/4]
Complete Vigil@nce bulletin.... (free trial)

vulnerability CVE-2007-1745 CVE-2007-1997 CVE-2007-2029

ClamAV: vulnerabilities of CHM, CAB and PDF

Synthesis of the vulnerability

An attacker can create CHM, CAB and PDF files leading to denials of service or to code execution on ClamAV.
Impacted products: ClamAV, Debian, Mandriva Corporate, Mandriva Linux, NETASQ, openSUSE.
Severity: 3/4.
Creation date: 13/04/2007.
Revision date: 17/04/2007.
Identifiers: BID-23473, BID-23656, CERTA-2002-AVI-088, CVE-2007-1745, CVE-2007-1997, CVE-2007-2029, DSA-1281-1, DSA-1281-2, MDKSA-2007:098, SUSE-SA:2007:026, VIGILANCE-VUL-6740.

Description of the vulnerability

Three vulnerabilities were announced in ClamAV antivirus.

When an error occurs during the analysis of a CHM file, the chm_decompress_stream() function of libclamav/chmunpack.c does not lock the temporary file containing the binary. [severity:3/4; CVE-2007-1745]

A malicious CAB archive can generate an integer overflow in cab_unstore() function of libclamav/cab.c, leading to code execution. [severity:3/4; CVE-2007-1997]

The PDF format is composed of a series of objects (pages, fonts, catalog, etc.), which can be compressed with zlib. The cli_pdf() function of libclamav/pdf.c stores compressed data in a temporary file, to uncompress them. However, if size of compressed data is null, the temporary file descriptor is not closed. [severity:3/4; BID-23656, CVE-2007-2029]
Complete Vigil@nce bulletin.... (free trial)

vulnerability alert CVE-2006-1614 CVE-2006-1615 CVE-2006-1630

ClamAV: several vulnerabilities

Synthesis of the vulnerability

An attacker can generate several errors in ClamAV leading to code execution or to a denial of service.
Impacted products: ClamAV, Debian, Mandriva Corporate, Mandriva Linux, NETASQ, openSUSE.
Severity: 2/4.
Creation date: 06/04/2006.
Revision date: 10/04/2006.
Identifiers: BID-17388, CERTA-2002-AVI-009, CERTA-2006-AVI-140, CVE-2006-1614, CVE-2006-1615, CVE-2006-1630, DSA-1024-1, MDKSA-2006:067, SUSE-SA:2006:020, VIGILANCE-VUL-5741.

Description of the vulnerability

The ClamAV antivirus has 3 vulnerabilities.

An integer overflow occurs during a PE header analyze, when ArchiveMaxFileSize option is deactivated (CVE-2006-1614).

Several format string attacks can occur in logging code (CVE-2006-1615).

A memory access error in cli_bitset_set() function stops service (CVE-2006-1630).
Complete Vigil@nce bulletin.... (free trial)

vulnerability note 5734

NetASQ: denial of service of ARP

Synthesis of the vulnerability

An attacker can generate a memory leak during transparent VLAN usage.
Impacted products: NETASQ.
Severity: 1/4.
Creation date: 03/04/2006.
Identifiers: na_rn_6151_001_fr, VIGILANCE-VUL-5734.

Description of the vulnerability

The NETASQ firewall supports transparent VLAN.

When an ARP packet is received on a transparent VLAN, memory is allocated but never freed.

A network attacker can therefore progressively saturate memory.
Complete Vigil@nce bulletin.... (free trial)

vulnerability alert CVE-2006-0162

ClamAV: buffer overflow of UPX

Synthesis of the vulnerability

An attacker can create a malicious UPX program in order to run code on ClamAV.
Impacted products: ClamAV, Debian, Mandriva Corporate, Mandriva Linux, NETASQ, OpenBSD.
Severity: 2/4.
Creation date: 10/01/2006.
Revision date: 13/01/2006.
Identifiers: BID-16191, CERTA-2006-AVI-012, CVE-2006-0162, DSA-947-1, DSA-947-2, MDKSA-2006:016, OPSA_20060114, VIGILANCE-VUL-5501, VU#385908, ZDI-06-001.

Description of the vulnerability

Programs can be packed in order to shrink their size and make their analyze more complex. ClamAV supports UPX packer (Ultimate Packer for eXecutables).

A program compacted with UPX can lead to a buffer overflow in libclamav/upx.c.

An attacker can therefore send a compacted program in order to run code or to conduct a denial of service.
Complete Vigil@nce bulletin.... (free trial)

computer vulnerability 5435

Netasq: denials of service

Synthesis of the vulnerability

An attacker can send HTTP or UDP data to stop the system.
Impacted products: NETASQ.
Severity: 2/4.
Creation date: 19/12/2005.
Identifiers: na_rn_6132_001, VIGILANCE-VUL-5435.

Description of the vulnerability

An attacker can conduct two independent denials of service.

The first is related to ASQ, when "Tunneling possible utilisant la méthode connect" is configured to "passer". In this case, an HTTP packet using CONNECT method stops system.

The second one is related to IPSec VPN, and to NAT-T (NAT Traversal). In this case, a fragmented UDP packet stops system.
Complete Vigil@nce bulletin.... (free trial)

vulnerability announce CVE-2005-3666 CVE-2005-3667 CVE-2005-3668

IPSec: vulnerabilities of some ISAKMP protocol implementations

Synthesis of the vulnerability

Several implementations of ISAKMP protocol are affected by the same vulnerabilities.
Impacted products: FW-1, VPN-1, ASA, Cisco Catalyst, IOS Cisco, Cisco VPN Concentrator, Cisco Router xx00 Series, Debian, Fedora, Tru64 UNIX, HP-UX, Juniper E-Series, Juniper J-Series, JUNOS, JUNOSe, Mandriva Linux, NETASQ, NetBSD, openSUSE, Openswan, Solaris, RHEL, ProPack, SEF, SGS, Unix (platform).
Severity: 3/4.
Creation date: 14/11/2005.
Revision date: 22/11/2005.
Identifiers: 102040, 102246, 10310, 20060501-01-U, 273756, 273756/NISCC/ISAKMP, 6317027, 6348585, 68158, BID-15401, BID-15402, BID-15416, BID-15420, BID-15474, BID-15479, BID-15516, BID-15523, BID-17030, BID-17902, c00602119, CERTA-2005-AVI-458, CERTA-2005-AVI-504, CQ/68020, CSCed94829, CSCei14171, CSCei15053, CSCei19275, CSCei46258, CSCsb15296, CVE-2005-3666, CVE-2005-3667, CVE-2005-3668, CVE-2005-3669, CVE-2005-3670, CVE-2005-3671, CVE-2005-3672, CVE-2005-3673, CVE-2005-3674, CVE-2005-3675, CVE-2005-3732, CVE-2005-3733, CVE-2005-3768, CVE-2006-2298, DSA-965-1, FEDORA-2005-1092, FEDORA-2005-1093, FLSA:190941, FLSA-2006:190941, HPSBTU02100, HPSBUX02076, MDKSA-2006:020, NetBSD-SA2006-003, NISCC/ISAKMP/273756, PR/61076, PR/61779, PSN-2005-11-007, RHSA-2006:026, RHSA-2006:0267-01, SEF8.0-20051114-00, sk31316, SSRT050979, SUSE-SA:2005:070, SYM05-025, VIGILANCE-VUL-5352, VU#226364.

Description of the vulnerability

The IPSec protocol is used to create VPN. To create an IPSec tunnel, SA (Security Associations: algorithm, key size, etc.) has to be shared between both ends. The SA can be set by administrator, or automatically exchanged. In this later case, IKE protocol (Internet Key Exchange) is used. IKE is based on ISAKMP (and Oakley/Skeme). The ISAKMP protocol (Internet Security Association and Key Management Protocol) defines a generic frame (format and mechanism). ISAKMP uses two phases: setup a secure connection (phase1, main mode or aggressive mode), then this connection is used to exchange one or several SA (phase 2, quick mode). The aggressive mode uses less packets than main mode, and is therefore not recommended.

Several products incorrectly implement phase 1 of ISAKMP/IKEv1 protocol. They contain buffer overflow, format string or denial of service vulnerabilities.

Depending on products, these vulnerabilities lead to code execution or to a denial of service.
Complete Vigil@nce bulletin.... (free trial)

vulnerability alert CVE-2005-3239 CVE-2005-3303 CVE-2005-3500

ClamAV: incorrect handling of mbox, TNEF, CAB, FSG and OLE files

Synthesis of the vulnerability

An attacker can create archives corrupting ClamAV memory, or leading to infinite loops.
Impacted products: ClamAV, Debian, Mandriva Corporate, Mandriva Linux, NETASQ, openSUSE.
Severity: 3/4.
Creation date: 04/11/2005.
Revision date: 07/11/2005.
Identifiers: BID-15316, BID-15317, BID-15318, CERTA-2005-AVI-437, CVE-2005-3239, CVE-2005-3303, CVE-2005-3500, CVE-2005-3501, DSA-887-1, iDEFENSE Security Advisory 11.04.05, MDKSA-2005:205, SUSE-SR:2005:026, VIGILANCE-VUL-5331, ZDI-05-002.

Description of the vulnerability

Several vulnerabilities were announced in Clam AntiVirus.

Mbox files whose attachments have an empty filename are not analyzed.

FSG tool is used to compress programs. File libclamav/fsg.c does not correctly compute buffer size in unfsg_133() function. Memory is then corrupted which leads to code execution.

TNEF files (Transport Neutral Encapsulation Format) generally contain Outlook or Exchange data. An infinite loop can occur in libclamav/tnef.c.

A Microsoft CAB archive can lead to an infinite loop in libclamav/mspack/cabd.c.

An infinite loop can occur in libclamav/ole2_extract.c.
Complete Vigil@nce bulletin.... (free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about NETASQ: