The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:

vulnerability announce CVE-2012-3949

Cisco IOS, Unified CM: denial of service via SIP SDP

Synthesis of the vulnerability

An attacker can send a malicious SIP packet containing an SDP message, in order to create a denial of service on Cisco IOS and Cisco Unified Communications Manager.
Impacted products: IOS by Cisco, Cisco Router, Cisco CUCM.
Severity: 3/4.
Consequences: denial of service on server, denial of service on service.
Provenance: internet client.
Creation date: 26/09/2012.
Identifiers: 26765, BID-55697, CERTA-2012-AVI-528, CERTA-2012-AVI-530, Cisco_ERP_sep12, cisco-sa-20120926-cucm, cisco-sa-20120926-sip, CSCtj33003, CSCtw66721, CSCtw84664, CVE-2012-3949, VIGILANCE-VUL-11982.

Description of the vulnerability

An attacker can send a malicious SIP packet containing an SDP message, in order to create a denial of service on Cisco IOS and Cisco Unified Communications Manager.
Full Vigil@nce bulletin... (Free trial)

vulnerability alert CVE-2012-4620

Cisco IOS: denial of service via IP Tunneling

Synthesis of the vulnerability

An attacker can send an IP tunneled packet to a Cisco 10000 Series router, in order to create a denial of service via a Queue Wedge.
Impacted products: IOS by Cisco, Cisco Router.
Severity: 3/4.
Consequences: denial of service on server, denial of service on service.
Provenance: internet client.
Creation date: 26/09/2012.
Identifiers: BID-55696, CERTA-2012-AVI-528, Cisco_ERP_sep12, cisco-sa-20120926-c10k-tunnels, CSCts66808, CVE-2012-4620, VIGILANCE-VUL-11981.

Description of the vulnerability

An attacker can send an IP tunneled packet to a Cisco 10000 Series router, in order to create a denial of service via a Queue Wedge.
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2012-4617

Cisco IOS: denial of service via BGP

Synthesis of the vulnerability

During a BGP session, an attacker can send malicious packets, in order to stop Cisco IOS.
Impacted products: Cisco ASR, IOS by Cisco, IOS XR Cisco, Cisco Router.
Severity: 3/4.
Consequences: denial of service on server.
Provenance: internet client.
Creation date: 26/09/2012.
Identifiers: BID-55694, CERTA-2012-AVI-528, Cisco_ERP_sep12, cisco-sa-20120926-bgp, CSCtt35379, CSCty58300, CSCtz62914, CSCtz63248, CVE-2012-4617, VIGILANCE-VUL-11980.

Description of the vulnerability

During a BGP session, an attacker can send malicious packets, in order to stop Cisco IOS.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note CVE-2012-5159

phpMyAdmin: backdoor in server_sync.php

Synthesis of the vulnerability

One server from SourceForge.net was distributing a phpMyAdmin archive with a backdoor.
Impacted products: phpMyAdmin.
Severity: 3/4.
Consequences: privileged access/rights, user access/rights.
Provenance: internet server.
Creation date: 26/09/2012.
Identifiers: BID-55672, CERTA-2012-AVI-523, CVE-2012-5159, PMASA-2012-5, VIGILANCE-VUL-11979.

Description of the vulnerability

The phpMyAdmin software is distributed via SourceForge.

The Korean "cdnetworks-kr-1" mirror contained an altered version of the archive phpMyAdmin-3.5.2.2-all-languages.zip. A new file named "server_sync.php" was added in the archive (VIGILANCE-ACTU-3590). This script evaluates the posted "c" variable (with "eval($_POST['c'])").

An attacker can therefore directly access to the web page "server_sync.php", in order to execute code on the server.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2012-4447

libtiff: buffer overflow via PixarLog

Synthesis of the vulnerability

An attacker can invite the victim to open a malicious TIFF image with an application linked to libtiff, in order to create a denial of service or to execute code.
Impacted products: BES, Debian, Fedora, Mandriva Linux, openSUSE, RHEL, Slackware, Unix (platform) ~ not comprehensive.
Severity: 2/4.
Consequences: user access/rights, denial of service on client.
Provenance: document.
Creation date: 26/09/2012.
Identifiers: 860198, BID-55673, BSRT-2013-003, CVE-2012-4447, DSA-2561-1, FEDORA-2012-20404, KB33425, MDVSA-2012:174, MDVSA-2013:046, openSUSE-SU-2013:0187-1, RHSA-2012:1590-01, SSA:2013-290-01, VIGILANCE-VUL-11978.

Description of the vulnerability

The libtiff library is used to process TIFF images.

A TIFF image can be compacted using the PixarLog format, which stores integers on 11 bit.

The PixarLogSetupDecode() function of file libtiff/tif_pixarlog.c prepares the memory area to store data. However, a short buffer is allocated because the number of strides is ignored.

An attacker can therefore invite the victim to open a malicious TIFF image with an application linked to libtiff, in order to create a denial of service or to execute code.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce 11977

Thomson SpeedTouch ST780: script injection in the administration page

Synthesis of the vulnerability

An attacker can setup a DNS redirect, and then invite the victim to display the help page of Thomson SpeedTouch ST780, in order to execute JavaScript code in the context of the administration web service.
Impacted products: SpeedTouch.
Severity: 1/4.
Consequences: privileged access/rights.
Provenance: intranet server.
Creation date: 25/09/2012.
Identifiers: VIGILANCE-VUL-11977, waraxe-2012-SA#090.

Description of the vulnerability

The administration interface of Thomson SpeedTouch ST780 uses an SSL/TLS encrypted session, so Man-in-the-Middle attacks cannot be used.

The help page of the administration interface includes a remote script:
  http://downloads.thomson.net/telecom/documentation/common/STFEH/R744/RES/en/anchors.js
However, as the url does not use https, if the attacker redirects "downloads.thomson.net" to a malicious web site, the "anchors.js" script will be loaded from attacker's web site.

An attacker can therefore setup a DNS redirect, and then invite the victim to display the help page of Thomson SpeedTouch ST780, in order to execute JavaScript code in the context of the administration web service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2012-3334

IBM Informix Dynamic Server: privilege elevation via COLLATION

Synthesis of the vulnerability

A local attacker can use the SET COLLATION command of IBM Informix Dynamic Server, in order to generate a buffer overflow, and to execute code with privileges of the service.
Impacted products: Informix Server.
Severity: 2/4.
Consequences: privileged access/rights.
Provenance: user account.
Creation date: 25/09/2012.
Identifiers: BID-55668, CERTA-2012-AVI-525, CVE-2012-3334, DCA-2011-0013, swg21611800, VIGILANCE-VUL-11976.

Description of the vulnerability

The "SET COLLATION" SQL command is used to define the sorting order of characters (most of the times, it depends on the locale). For example :
  SET COLLATION en_us.8859-1

However, if the parameter is too long, an overflow occurs.

A local attacker can therefore use the SET COLLATION command of IBM Informix Dynamic Server, in order to generate a buffer overflow, and to execute code with privileges of the service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2012-2287

RSA Authentication Agent, Client: user access

Synthesis of the vulnerability

When RSA Authentication Agent 7.1 or RSA Authentication Client 3.5 is installed on Windows XP/2003, an attacker can access to the system with only his Windows login/password.
Impacted products: RSA Authentication Agent, SecurID.
Severity: 2/4.
Consequences: privileged access/rights, user access/rights.
Provenance: user shell.
Creation date: 25/09/2012.
Identifiers: BID-55662, CERTA-2012-AVI-519, CVE-2012-2287, ESA-2012-037, VIGILANCE-VUL-11975.

Description of the vulnerability

The RSA Authentication Agent product uses a two factor authentication. The RSA Authentication Client product uses an authentication based on SecurID and a PIN code.

However, when RSA Authentication Agent 7.1 or RSA Authentication Client 3.5 is installed on Windows XP/2003, an attacker can access to the system with only his Windows login/password.
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2012-2170 CVE-2012-2190 CVE-2012-2191

WebSphere AS 6.1: five vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of WebSphere Application Server.
Impacted products: WebSphere AS Traditional.
Severity: 2/4.
Consequences: user access/rights, client access/rights, data reading, data creation/edition.
Provenance: document.
Number of vulnerabilities in this bulletin: 5.
Creation date: 24/09/2012.
Revision date: 25/09/2012.
Identifiers: BID-53755, BID-54819, BID-55149, BID-55185, BID-55309, BID-55678, CERTA-2012-AVI-475, CVE-2012-2170, CVE-2012-2190, CVE-2012-2191, CVE-2012-3293, CVE-2012-3304, CVE-2012-3325, PM54356, PM56183, PM60839, PM66218, PM71296, swg21611311, VIGILANCE-VUL-11974.

Description of the vulnerability

Five vulnerabilities were announced in WebSphere Application Server.

An attacker can obtain information via Application Snoop Servlet. [severity:1/4; BID-53755, CVE-2012-2170, PM56183]

An attacker can use a Cross Frame Scripting on the administrative console. [severity:2/4; BID-54819, BID-55149, CVE-2012-3293, PM60839]

When PM44303 is installed on IBM WebSphere Application Server, a local attacker can access to administration features (VIGILANCE-VUL-11907). [severity:2/4; BID-55309, CERTA-2012-AVI-475, CVE-2012-3325, PM71296]

The session identifier is not properly updated, so an attacker can gain privileges of the victim. [severity:2/4; BID-55678, CVE-2012-3304, PM54356]

An attacker can send malicious SSL packets, in order to create a denial of service (VIGILANCE-VUL-12037 and VIGILANCE-VUL-12038). [severity:2/4; BID-55185, CVE-2012-2190, CVE-2012-2191, PM66218]
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin CVE-2012-2190 CVE-2012-2191 CVE-2012-3293

WebSphere AS 7.0: seven vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of WebSphere Application Server.
Impacted products: WebSphere AS Traditional.
Severity: 2/4.
Consequences: user access/rights, client access/rights, data reading, data creation/edition.
Provenance: document.
Number of vulnerabilities in this bulletin: 7.
Creation date: 24/09/2012.
Revision date: 25/09/2012.
Identifiers: BID-54819, BID-55149, BID-55185, BID-55309, BID-55671, BID-55678, CERTA-2012-AVI-475, CERTA-2012-AVI-526, CVE-2012-2190, CVE-2012-2191, CVE-2012-3293, CVE-2012-3304, CVE-2012-3305, CVE-2012-3306, CVE-2012-3311, CVE-2012-3325, PM54356, PM60839, PM61388, PM62467, PM66218, PM66514, PM71296, swg21611313, swg27014463.html, VIGILANCE-VUL-11973.

Description of the vulnerability

Seven vulnerabilities were announced in WebSphere Application Server.

An attacker can use a Cross Frame Scripting on the administrative console. [severity:2/4; BID-54819, BID-55149, CVE-2012-3293, PM60839]

When a malicious application is deployed, script/executable files located outside the directory are overwritten. [severity:2/4; BID-55678, CVE-2012-3305, PM62467]

When PM44303 is installed on IBM WebSphere Application Server, a local attacker can access to administration features (VIGILANCE-VUL-11907). [severity:2/4; BID-55309, CERTA-2012-AVI-475, CVE-2012-3325, PM71296]

The session identifier is not properly updated, so an attacker can gain privileges of the victim. [severity:2/4; BID-55678, CVE-2012-3304, PM54356]

When a Federated Repository is used, WOLA (Optimized Local Adapters) connections are allowed to EJB applications. [severity:2/4; BID-55671, CVE-2012-3311, PM61388]

When there are several security domains, the authentication cache is not properly purged. [severity:2/4; BID-55678, CVE-2012-3306, PM66514]

An attacker can send malicious SSL packets, in order to create a denial of service (VIGILANCE-VUL-12037 and VIGILANCE-VUL-12038). [severity:2/4; BID-55185, CVE-2012-2190, CVE-2012-2191, PM66218]
Full Vigil@nce bulletin... (Free trial)

Previous page   Next page

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1061 1081 1101 1121 1131 1132 1133 1134 1135 1136 1137 1138 1139 1140 1141 1142 1143 1144 1145 1146 1147 1148 1149 1150 1151 1161 1181 1201 1221 1241 1261 1281 1301 1321 1341 1361 1381 1401 1421 1441 1461 1481 1501 1521 1541 1561 1581 1601 1621 1641 1661 1681 1701 1721 1741 1761 1781 1801 1821 1841 1861 1881 1901 1921 1941 1961 1981 2001 2021 2041 2061 2081 2101 2121 2141 2161 2181 2201 2221 2241 2261 2281 2301 2321 2341 2361 2381 2401 2421 2441 2461 2481 2501 2521 2541 2561 2581 2601 2621 2641 2661 2681 2701 2721 2741 2761 2775