The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:

computer vulnerability CVE-2013-4484

Varnish: denial of service via spaces

Synthesis of the vulnerability

An attacker can send a malformed GET query to Varnish, in order to trigger a denial of service.
Impacted products: Debian, Fedora, openSUSE, Varnish.
Severity: 2/4.
Consequences: denial of service on service.
Provenance: internet client.
Creation date: 30/10/2013.
Identifiers: 1367, BID-63451, CVE-2013-4484, DSA-2814-1, FEDORA-2013-24018, FEDORA-2013-24023, MDVSA-2014:036, openSUSE-SU-2013:1679-1, openSUSE-SU-2013:1683-1, VIGILANCE-VUL-13675.

Description of the vulnerability

The Varnish error manager can indicate to restart VCL (vcl_recv) when an error occurs :
  sub vcl_error {
    return(restart);
  }

An HTTP GET query should use the syntax "GET /page HTTP/1.1". However, if the HTTP GET query only contains spaces, an assertion occurs during the error processing.

An attacker can therefore send a malformed GET query to Varnish, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2013-5543 CVE-2013-5545 CVE-2013-5546

Cisco IOS XE: four denial of service

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Cisco IOS XE.
Impacted products: Cisco ASR, IOS XE Cisco.
Severity: 3/4.
Consequences: denial of service on server.
Provenance: internet client.
Number of vulnerabilities in this bulletin: 4.
Creation date: 30/10/2013.
Identifiers: BID-63436, BID-63439, BID-63443, BID-63444, CERTA-2013-AVI-615, cisco-sa-20131030-asr1000, CSCtt26470, CSCud72509, CSCuf08269, CSCuh19936, CVE-2013-5543, CVE-2013-5545, CVE-2013-5546, CVE-2013-5547, VIGILANCE-VUL-13674.

Description of the vulnerability

Several vulnerabilities were announced in Cisco IOS XE.

An attacker can send ICMP packets, in order to trigger a denial of service of the Zone-Based Firewall. [severity:3/4; BID-63443, CSCtt26470, CVE-2013-5543]

An attacker can send NATed PPTP packets, in order to trigger a denial of service. [severity:3/4; BID-63444, CSCuh19936, CVE-2013-5545]

An attacker can send TCP packets to reassemble, in order to trigger a denial of service. [severity:3/4; BID-63436, CSCud72509, CVE-2013-5546]

An attacker can send EoGRE packets, in order to trigger a denial of service. [severity:3/4; BID-63439, CSCuf08269, CVE-2013-5547]
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin CVE-2013-4483

Linux kernel: denial of service via ipc_rcu_putref

Synthesis of the vulnerability

A local attacker can progressively force the Linux kernel to use all its memory, in order to trigger a denial of service.
Impacted products: Linux, openSUSE, RHEL, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 1/4.
Consequences: denial of service on server.
Provenance: user shell.
Creation date: 30/10/2013.
Identifiers: BID-63445, CERTFR-2014-AVI-241, CERTFR-2014-AVI-256, CERTFR-2014-AVI-416, CERTFR-2015-AVI-085, CVE-2013-4483, MDVSA-2013:265, openSUSE-SU-2014:0247-1, RHSA-2014:0285-01, RHSA-2014:1392-01, RHSA-2015:0284-03, SUSE-SU-2014:0536-1, USN-2221-1, USN-2223-1, USN-2227-1, USN-2233-1, USN-2234-1, USN-2238-1, VIGILANCE-VUL-13673.

Description of the vulnerability

The RCU (Read Copy Update) feature is used to synchronize events, with no interruption of reading operations.

The ipc_rcu_putref() function uses RCU. However, sometimes, the number of users of a memory area is not decremented. The counter thus never reaches zero, and the memory area is never freed.

A local attacker can therefore progressively force the Linux kernel to use all its memory, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce CVE-2013-3287

EMC Unisphere for VMAX: password disclosure

Synthesis of the vulnerability

A physical attacker can look the EMC Unisphere for VMAX console, in order to obtain the LDAP password.
Impacted products: Unisphere EMC.
Severity: 1/4.
Consequences: privileged access/rights.
Provenance: user console.
Creation date: 30/10/2013.
Identifiers: BID-63425, CERTA-2013-AVI-614, CVE-2013-3287, ESA-2013-074, VIGILANCE-VUL-13672.

Description of the vulnerability

The EMC Unisphere for VMAX product can be configured to use LDAP.

However, when the administrator enables the LDAP debugging, the LDAP Bind password is displayed in clear text on the console.

A physical attacker can therefore look the EMC Unisphere for VMAX console, in order to obtain the LDAP password.
Full Vigil@nce bulletin... (Free trial)

vulnerability alert 13671

WordPress Rockhoist Ratings: SQL injection

Synthesis of the vulnerability

An attacker can use a SQL injection of WordPress Rockhoist Ratings, in order to read or alter data.
Impacted products: WordPress Plugins ~ not comprehensive.
Severity: 2/4.
Consequences: data reading, data creation/edition, data deletion.
Provenance: internet client.
Creation date: 30/10/2013.
Identifiers: BID-63441, VIGILANCE-VUL-13671.

Description of the vulnerability

The WordPress Rockhoist Ratings plugin is used to vote for pages.

However, user's data are directly inserted in a SQL query.

An attacker can therefore use a SQL injection of WordPress Rockhoist Ratings, in order to read or alter data.
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2013-5555

Cisco Unified Communications Manager: denial of service via SIP

Synthesis of the vulnerability

An attacker can send a special SIP message to Cisco Unified Communications Manager, in order to trigger a denial of service.
Impacted products: Cisco CUCM.
Severity: 2/4.
Consequences: denial of service on server.
Provenance: intranet client.
Creation date: 30/10/2013.
Identifiers: BID-63407, CSCub54349, CVE-2013-5555, VIGILANCE-VUL-13670.

Description of the vulnerability

An attacker can send a special SIP message to Cisco Unified Communications Manager, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note CVE-2013-5551

Cisco ASA: denial of service via SSL VPN Rewriter

Synthesis of the vulnerability

An attacker can generate an error in the SSL VPN Rewriter of Cisco ASA, in order to trigger a denial of service.
Impacted products: ASA.
Severity: 2/4.
Consequences: denial of service on server.
Provenance: user account.
Creation date: 30/10/2013.
Identifiers: BID-63406, CSCui51199, CVE-2013-5551, VIGILANCE-VUL-13669.

Description of the vulnerability

The Cisco ASA product allows authenticated users to browse in the Clientless SSL VPN Portal.

However, when same-security-traffic and management-access are configured, an attacker can modify his url, to create an infinite recursive call.

An attacker can therefore generate an error in the SSL VPN Rewriter of Cisco ASA, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2013-5548

Cisco IOS: IKEv2 replay

Synthesis of the vulnerability

An attacker can replay a SA exchange on Cisco IOS, in order to traverse the IPsec tunnel.
Impacted products: IOS by Cisco, Cisco Router.
Severity: 2/4.
Consequences: data flow.
Provenance: internet client.
Creation date: 30/10/2013.
Identifiers: BID-6342, CSCuj47795, CVE-2013-5548, VIGILANCE-VUL-13668.

Description of the vulnerability

A Phase 2 IPsec Security Associations can use the following algorithms:
 - AES Galois/Counter Mode (AES-GCM)
 - AES Galois Message Authentication Code (AES-GMAC)

However, in this case, the IPsec Phase 2 SA anti-replay algorithm is not correctly implemented.

An attacker can therefore replay a SA exchange on Cisco IOS, in order to traverse the IPsec tunnel.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce 13667

WordPress MoneyTheme: PHP code execution

Synthesis of the vulnerability

An attacker can upload a PHP file via WordPress MoneyTheme, in order to execute PHP code.
Impacted products: WordPress Plugins ~ not comprehensive.
Severity: 2/4.
Consequences: user access/rights.
Provenance: internet client.
Creation date: 30/10/2013.
Identifiers: BID-63412, VIGILANCE-VUL-13667.

Description of the vulnerability

The MoneyTheme theme can be installed on WordPress.

It can be used to upload a file. However, a PHP file can be uploaded on the server, and then executed.

An attacker can therefore upload a PHP file via WordPress MoneyTheme, in order to execute PHP code.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2013-1739 CVE-2013-5590 CVE-2013-5591

Firefox, Thunderbird, SeaMonkey: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Firefox, Thunderbird and SeaMonkey.
Impacted products: Debian, Fedora, Firefox, SeaMonkey, Thunderbird, openSUSE, RHEL, Slackware, SUSE Linux Enterprise Desktop, SLES.
Severity: 4/4.
Consequences: user access/rights, client access/rights, data reading, data creation/edition, data deletion, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 10.
Creation date: 30/10/2013.
Identifiers: BID-63405, BID-63415, BID-63416, BID-63417, BID-63418, BID-63419, BID-63420, BID-63421, BID-63422, BID-63423, BID-63424, BID-63427, BID-63428, BID-63429, BID-63430, CERTA-2013-AVI-613, CVE-2013-1739, CVE-2013-5590, CVE-2013-5591, CVE-2013-5592, CVE-2013-5593, CVE-2013-5595, CVE-2013-5596, CVE-2013-5597, CVE-2013-5598, CVE-2013-5599, CVE-2013-5600, CVE-2013-5601, CVE-2013-5602, CVE-2013-5603, CVE-2013-5604, DSA-2788-1, DSA-2797-1, FEDORA-2013-20429, FEDORA-2013-20448, MDVSA-2013:264, MDVSA-2013:269, MFSA 2013-100, MFSA 2013-101, MFSA 2013-102, MFSA 2013-93, MFSA 2013-94, MFSA 2013-95, MFSA 2013-96, MFSA 2013-97, MFSA 2013-98, MFSA 2013-99, openSUSE-SU-2013:1633-1, openSUSE-SU-2013:1634-1, openSUSE-SU-2013:1644-1, openSUSE-SU-2013:1788-1, openSUSE-SU-2014:1100-1, RHSA-2013:1476-01, RHSA-2013:1480-01, SSA:2013-307-01, SSA:2013-322-01, SSA:2013-322-04, SUSE-SU-2013:1678-1, VIGILANCE-VUL-13666.

Description of the vulnerability

Several vulnerabilities were announced in Firefox, Thunderbird and SeaMonkey.

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; BID-63415, BID-63417, BID-63418, CVE-2013-1739, CVE-2013-5590, CVE-2013-5591, CVE-2013-5592, MFSA 2013-93]

An attacker can spoof the address bar with a SELECT, in order to deceive the victim. [severity:2/4; BID-63429, CVE-2013-5593, MFSA 2013-94]

An attacker can XSLT and uninitialized data, in order to trigger a denial of service. [severity:2/4; BID-63430, CVE-2013-5604, MFSA 2013-95]

An attacker can use JavaScript, in order to trigger a denial of service. [severity:2/4; BID-63421, CVE-2013-5595, MFSA 2013-96]

An attacker can use a freed memory area via a Cycle Collected Object, in order to trigger a denial of service, and possibly to execute code. [severity:2/4; BID-63420, CVE-2013-5596, MFSA 2013-97]

An attacker can use a freed memory area in the Offline Cache, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; BID-63422, CVE-2013-5597, MFSA 2013-98]

An attacker can read a local file with PDF.js, in order to obtain sensitive information. [severity:3/4; BID-63419, CVE-2013-5598, MFSA 2013-99]

An attacker can use a freed memory area, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; BID-63423, BID-63427, BID-63428, CVE-2013-5599, CVE-2013-5600, CVE-2013-5601, MFSA 2013-100]

An attacker can generate a memory corruption in Workers, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; BID-63424, CVE-2013-5602, MFSA 2013-101]

An attacker can use a freed memory area via HTML Document Templates, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; BID-63416, CVE-2013-5603, MFSA 2013-102]
Full Vigil@nce bulletin... (Free trial)

Previous page   Next page

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1061 1081 1101 1121 1141 1161 1181 1201 1221 1241 1261 1281 1282 1283 1284 1285 1286 1287 1288 1289 1290 1291 1292 1293 1294 1295 1296 1297 1298 1299 1300 1301 1302 1321 1341 1361 1381 1401 1421 1441 1461 1481 1501 1521 1541 1561 1581 1601 1621 1641 1661 1681 1701 1721 1741 1761 1781 1801 1821 1841 1861 1881 1901 1921 1941 1961 1981 2001 2021 2041 2061 2081 2101 2121 2141 2161 2181 2201 2221 2241 2261 2281 2301 2321 2341 2361 2381 2401 2421 2441 2461 2481 2501 2521 2541 2561 2581 2601 2621 2641 2661 2681 2701 2721 2741 2761 2781 2801 2821 2841 2861 2881 2892