The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:

security announce 17497

Zend Framework zf-oauth2: privilege escalation via user_id

Synthesis of the vulnerability

An attacker can use the user_id parameter of Zend Framework zf-oauth2, in order to escalate his privileges.
Severity: 3/4.
Creation date: 24/07/2015.
Identifiers: AG2015-01, VIGILANCE-VUL-17497.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The zf-oauth2 module can be installed on Zend Framework to manage OAuth2.

However, an attacker can force the user_id parameter in the url, in order to change the user.

An attacker can therefore use the user_id parameter of Zend Framework zf-oauth2, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

computer threat note CVE-2015-3245 CVE-2015-3246

libuser: two vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of libuser.
Severity: 2/4.
Number of vulnerabilities in this bulletin: 2.
Creation date: 24/07/2015.
Identifiers: CVE-2015-3245, CVE-2015-3246, DLA-468-1, FEDORA-2015-12064, FEDORA-2015-12301, openSUSE-SU-2015:1332-1, RHSA-2015:1482-01, RHSA-2015:1483-01, SOL05770600, VIGILANCE-VUL-17496.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

Several vulnerabilities were announced in libuser.

An attacker can use the chfn() function of userhelper to inject empty lines in /etc/passwd, in order to trigger a denial of service. [severity:1/4; CVE-2015-3245]

An attacker can interact with libuser, which directly works on /etc/passwd, without performing a copy. He can thus corrupt the /etc/passwd file, in order to obtain root privileges. [severity:2/4; CVE-2015-3246]
Full Vigil@nce bulletin... (Free trial)

threat bulletin CVE-2015-3290 CVE-2015-3291 CVE-2015-5157

Linux kernel: four vulnerabilities of NMI

Synthesis of the vulnerability

Several vulnerabilities were announced in the NMI (Non-maskable interrupt) processing by the Linux kernel.
Severity: 2/4.
Number of vulnerabilities in this bulletin: 4.
Creation date: 23/07/2015.
Revision date: 05/08/2015.
Identifiers: CERTFR-2015-AVI-321, CERTFR-2015-AVI-324, CERTFR-2015-AVI-357, CERTFR-2015-AVI-508, CERTFR-2015-AVI-563, CERTFR-2016-AVI-050, CERTFR-2017-AVI-012, CERTFR-2017-AVI-022, CVE-2015-3290, CVE-2015-3291, CVE-2015-5157, DSA-3313-1, FEDORA-2015-12437, JSA10774, JSA10853, openSUSE-SU-2015:1382-1, openSUSE-SU-2015:1842-1, openSUSE-SU-2016:0301-1, openSUSE-SU-2016:0318-1, RHSA-2016:0185-01, RHSA-2016:0212-01, RHSA-2016:0224-01, RHSA-2016:0715-01, SOL17326, SUSE-SU-2015:1727-1, SUSE-SU-2015:2108-1, SUSE-SU-2015:2339-1, SUSE-SU-2015:2350-1, SUSE-SU-2016:0354-1, USN-2687-1, USN-2688-1, USN-2689-1, USN-2690-1, USN-2691-1, USN-2700-1, USN-2701-1, VIGILANCE-VUL-17495.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

Several vulnerabilities were announced in the NMI (Non-maskable interrupt) processing by the Linux kernel.

An attacker can change the execution path of SYSCALL/SYSRET instructions, in order to run code with kernel privileges. [severity:2/4; CVE-2015-3291]

An attacker can generate a memory corruption after an IRET instruction fault, in order to trigger a denial of service, and possibly to run code. [severity:2/4; CVE-2015-5157]

An attacker can generate a log filling, in order to trigger a denial of service. [severity:2/4]

An attacker can generate a memory corruption by nesting NMIs on a 64 bit processor, in order to trigger a denial of service, and possibly to run code. [severity:2/4; CVE-2015-3290]
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2015-5622 CVE-2015-5623

WordPress Core: two vulnerabilities

Synthesis of the vulnerability

Several vulnerabilities were announced in WordPress Core.
Severity: 3/4.
Number of vulnerabilities in this bulletin: 2.
Creation date: 23/07/2015.
Identifiers: CERTFR-2015-AVI-316, CVE-2015-5622, CVE-2015-5623, DSA-3328-2, DSA-3332-1, DSA-3332-2, DSA-3383-1, FEDORA-2015-12148, FEDORA-2015-12235, VIGILANCE-VUL-17494.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

Several vulnerabilities were announced in WordPress Core.

An attacker can trigger a Cross Site Scripting, in order to run JavaScript code in the context of the web site. [severity:3/4; CVE-2015-5622]

An attacker with the Subscriber permission can use Quick Draft, in order to create a draft. [severity:2/4; CVE-2015-5623]
Full Vigil@nce bulletin... (Free trial)

cybersecurity threat 17493

hostapd: denial of service via WPS/P2P

Synthesis of the vulnerability

An attacker can generate a fatal error in WPS/P2P of hostapd, in order to trigger a denial of service.
Severity: 2/4.
Creation date: 23/07/2015.
Identifiers: FEDORA-2015-11374, FEDORA-2015-11441, FEDORA-2015-11691, FEDORA-2015-11738, VIGILANCE-VUL-17493.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can generate a fatal error in WPS/P2P of hostapd, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

security weakness CVE-2015-5145

Django: denial of service via URL Validation

Synthesis of the vulnerability

An attacker can generate a fatal error in URL Validation by Django, in order to trigger a denial of service.
Severity: 2/4.
Creation date: 23/07/2015.
Identifiers: CVE-2015-5145, FEDORA-2015-11403, VIGILANCE-VUL-17492.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can generate a fatal error in URL Validation by Django, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

cybersecurity vulnerability CVE-2015-5158

QEMU: denial of service via scsi_req_parse_cdb

Synthesis of the vulnerability

An attacker, with the CAP_SYS_RAWIO privilege, can send SCSI commands on QEMU, in order to trigger a denial of service.
Severity: 1/4.
Creation date: 23/07/2015.
Identifiers: CVE-2015-5158, FEDORA-2015-13402, USN-2692-1, VIGILANCE-VUL-17491.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The QEMU product implements the support of SCSI devices.

The scsi_cdb_length() function analyzes a Command Descriptor Block, and returns -1 when an error occurs. However, the scsi_req_parse_cdb() function does not check this error code, which generates a fatal error.

An attacker, with the CAP_SYS_RAWIO privilege, can therefore send SCSI commands on QEMU, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce 17490

Magento: eight vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Magento Community/Entreprise Edition.
Severity: 2/4.
Number of vulnerabilities in this bulletin: 8.
Creation date: 23/07/2015.
Identifiers: SUPEE-6285, VIGILANCE-VUL-17490.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

Several vulnerabilities were announced in Magento Community/Entreprise Edition.

An attacker can bypass security features in RSS, in order to escalate his privileges. [severity:2/4]

An attacker can trigger a Cross Site Request Forgery in Magento Connect, in order to force the victim to perform operations. [severity:2/4]

An attacker can trigger a Cross Site Scripting in Wishlist, in order to run JavaScript code in the context of the web site. [severity:2/4]

An attacker can trigger a Cross Site Scripting in Cart, in order to run JavaScript code in the context of the web site. [severity:2/4]

An attacker can bypass security features in Store Path, in order to obtain sensitive information. [severity:2/4]

An attacker can bypass access restrictions of Log Files, in order to read or alter data. [severity:2/4]

An attacker can trigger a Cross Site Scripting in Admin, in order to run JavaScript code in the context of the web site. [severity:2/4]

An attacker can trigger a Cross Site Scripting in Orders RSS, in order to run JavaScript code in the context of the web site. [severity:2/4]
Full Vigil@nce bulletin... (Free trial)

security alert CVE-2015-4285

Cisco IOS XR, ASR 9000: denial of service via LPTS

Synthesis of the vulnerability

An attacker can use the LPTS service of Cisco IOS XR on ASR 9000, in order to trigger a denial of service.
Severity: 2/4.
Creation date: 23/07/2015.
Identifiers: 40068, CSCur88273, CVE-2015-4285, VIGILANCE-VUL-17489.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The Cisco IOS XR product can be installed on ASR 9000.

However, LPTS (Local Packet Transport Services) opens useless TCP/UDP ports. An attacker can thus connect to these ports, in order to overload the service.

An attacker can therefore use the LPTS service of Cisco IOS XR on ASR 9000, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2015-6751

Drupal Time Tracker: Cross Site Scripting

Synthesis of the vulnerability

An attacker can trigger a Cross Site Scripting of Drupal Time Tracker, in order to run JavaScript code in the context of the web site.
Severity: 2/4.
Creation date: 23/07/2015.
Identifiers: CVE-2015-6751, DRUPAL-SA-CONTRIB-2015-135, VIGILANCE-VUL-17488.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The Time Tracker module can be installed on Drupal.

However, it does not filter received data before inserting them in generated HTML documents.

An attacker can therefore trigger a Cross Site Scripting of Drupal Time Tracker, in order to run JavaScript code in the context of the web site.
Full Vigil@nce bulletin... (Free trial)

   

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1061 1081 1101 1121 1141 1161 1181 1201 1221 1241 1261 1281 1301 1321 1341 1361 1381 1401 1421 1441 1461 1481 1501 1521 1541 1561 1581 1601 1621 1640 1641 1642 1643 1644 1645 1646 1647 1648 1650 1652 1653 1654 1655 1656 1657 1658 1659 1660 1661 1681 1701 1721 1741 1761 1781 1801 1821 1841 1861 1881 1901 1921 1941 1961 1981 2001 2021 2041 2061 2081 2101 2121 2141 2161 2181 2201 2221 2241 2261 2281 2301 2321 2341 2361 2381 2401 2421 2441 2461 2481 2501 2521 2541 2561 2581 2601 2621 2641 2661 2681 2701 2721 2741 2761 2781 2801 2821 2841 2861 2881 2901 2921 2922