The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of AOS

vulnerability note CVE-2017-13077 CVE-2017-13078 CVE-2017-13079

WPA2: information disclosure via Key Reinstallation Attacks

Synthesis of the vulnerability

An attacker can bypass access restrictions to data via Key Reinstallation Attacks of WPA2, in order to obtain sensitive information.
Impacted products: SNS, iOS by Apple, iPhone, Mac OS X, ArubaOS, Cisco Aironet, Cisco AnyConnect Secure Mobility Client, ASA, Meraki MR***, Cisco IP Phone, Cisco Wireless IP Phone, Debian, Fedora, FortiGate, FortiOS, FreeBSD, Android OS, Junos OS, SSG, Linux, Windows 10, Windows 2008 R0, Windows 2008 R2, Windows 2012, Windows 2016, Windows 7, Windows 8, Windows (platform) ~ not comprehensive, Windows RT, NetBSD, NetScreen Firewall, ScreenOS, OpenBSD, openSUSE Leap, pfSense, 802.11 protocol, RHEL, RuggedSwitch, SIMATIC, Slackware, SUSE Linux Enterprise Desktop, SLES, Synology DSM, Synology DS***, Synology RS***, Ubuntu, Unix (platform) ~ not comprehensive.
Severity: 3/4.
Consequences: data reading.
Provenance: radio connection.
Number of vulnerabilities in this bulletin: 10.
Creation date: 16/10/2017.
Identifiers: ARUBA-PSA-2017-007, CERTFR-2017-ALE-014, CERTFR-2017-AVI-357, CERTFR-2017-AVI-358, CERTFR-2017-AVI-359, CERTFR-2017-AVI-360, CERTFR-2017-AVI-361, CERTFR-2017-AVI-363, CERTFR-2017-AVI-373, CERTFR-2017-AVI-379, CERTFR-2017-AVI-383, CERTFR-2017-AVI-390, CERTFR-2017-AVI-441, CERTFR-2017-AVI-478, CERTFR-2018-AVI-014, CERTFR-2018-AVI-048, cisco-sa-20171016-wpa, CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13084, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088, DLA-1150-1, DLA-1200-1, DLA-1573-1, DSA-3999-1, FEDORA-2017-12e76e8364, FEDORA-2017-45044b6b33, FEDORA-2017-60bfb576b7, FEDORA-2017-cfb950d8f4, FEDORA-2017-fc21e3856b, FG-IR-17-196, FreeBSD-SA-17:07.wpa, HT208221, HT208222, HT208334, HT208394, JSA10827, K-511282, KRACK Attacks, openSUSE-SU-2017:2755-1, openSUSE-SU-2017:2846-1, openSUSE-SU-2017:2896-1, openSUSE-SU-2017:2905-1, openSUSE-SU-2017:3144-1, RHSA-2017:2907-01, RHSA-2017:2911-01, SSA:2017-291-02, SSA-418456, SSA-901333, STORM-2017-005, SUSE-SU-2017:2745-1, SUSE-SU-2017:2752-1, SUSE-SU-2017:2847-1, SUSE-SU-2017:2869-1, SUSE-SU-2017:2908-1, SUSE-SU-2017:2920-1, SUSE-SU-2017:3106-1, SUSE-SU-2017:3165-1, SUSE-SU-2017:3265-1, SUSE-SU-2017:3267-1, SUSE-SU-2018:0040-1, SUSE-SU-2018:0171-1, Synology-SA-17:60, Synology-SA-17:60 KRACK, USN-3455-1, USN-3505-1, VIGILANCE-VUL-24144, VU#228519.

Description of the vulnerability

An attacker can bypass access restrictions to data via Key Reinstallation Attacks of WPA2, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2017-9000 CVE-2017-9003

ArubaOS: three vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of ArubaOS.
Impacted products: ArubaOS.
Severity: 3/4.
Consequences: user access/rights, data reading.
Provenance: intranet client.
Number of vulnerabilities in this bulletin: 2.
Creation date: 12/10/2017.
Identifiers: ARUBA-PSA-2017-006, CVE-2017-9000, CVE-2017-9003, VIGILANCE-VUL-24114.

Description of the vulnerability

An attacker can use several vulnerabilities of ArubaOS.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2017-13704 CVE-2017-14491 CVE-2017-14492

Dnsmasq: seven vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Dnsmasq.
Impacted products: ArubaOS, Debian, Dnsmasq, Fedora, Android OS, Kubernetes, openSUSE Leap, pfSense, RHEL, Slackware, SUSE Linux Enterprise Desktop, SLES, Synology DSM, Synology DS***, Synology RS***, Ubuntu.
Severity: 4/4.
Consequences: user access/rights, denial of service on service, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 7.
Creation date: 02/10/2017.
Identifiers: ARUBA-PSA-2017-005, CERTFR-2017-AVI-329, CVE-2017-13704, CVE-2017-14491, CVE-2017-14492, CVE-2017-14493, CVE-2017-14494, CVE-2017-14495, CVE-2017-14496, DLA-1124-1, DSA-3989-1, FEDORA-2017-24f067299e, FEDORA-2017-515264ae24, openSUSE-SU-2017:2633-1, OSSN/OSSN-0082, RHSA-2017:2836-01, RHSA-2017:2837-01, RHSA-2017:2838-01, RHSA-2017:2839-01, RHSA-2017:2840-01, RHSA-2017:2841-01, SSA:2017-275-01, SUSE-SU-2017:2616-1, SUSE-SU-2017:2617-1, SUSE-SU-2017:2619-1, Synology-SA-17:59, USN-3430-1, USN-3430-2, USN-3430-3, VIGILANCE-VUL-24005, VU#973527.

Description of the vulnerability

An attacker can use several vulnerabilities of Dnsmasq.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce 22652

HPE Aruba, HPE ProVision: information disclosure via Diffie Hellman Group1 Sha1

Synthesis of the vulnerability

An attacker can bypass access restrictions to data via Diffie Hellman Group1 Sha1 of HPE Aruba, HPE ProVision, in order to obtain sensitive information.
Impacted products: ArubaOS, ProCurve Switch.
Severity: 2/4.
Consequences: data reading.
Provenance: intranet client.
Creation date: 05/05/2017.
Identifiers: HPESBHF03736, VIGILANCE-VUL-22652.

Description of the vulnerability

An attacker can bypass access restrictions to data via Diffie Hellman Group1 Sha1 of HPE Aruba, HPE ProVision, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

vulnerability note 20524

Aruba, Alcatel: known private key for securelogin

Synthesis of the vulnerability

An attacker can act as a Man-in-the-Middle on Aruba and Alcatel, in order to read or write data in the session.
Impacted products: Alcatel OmniAccess Wireless Access Point, Alcatel OmniAccess Wireless LAN Switch, ArubaOS.
Severity: 3/4.
Consequences: user access/rights, data reading, data creation/edition.
Provenance: intranet client.
Creation date: 06/09/2016.
Identifiers: VIGILANCE-VUL-20524.

Description of the vulnerability

The Aruba and Alcatel-Lucent OmniAccess products use the "securelogin.arubanetworks.com" certificate, for the following features:
 - captive portal
 - web administration
 - WPA2-Enterprise 801.X authentication

However, the private key of this certificate was published.

An attacker can therefore act as a Man-in-the-Middle on Aruba and Alcatel, in order to read or write data in the session.
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2016-0801 CVE-2016-0802

ArubaOS: memory corruption via Broadcom Wi-Fi

Synthesis of the vulnerability

An attacker can generate a memory corruption in Broadcom Wi-Fi of ArubaOS, in order to trigger a denial of service, and possibly to run code.
Impacted products: ArubaOS.
Severity: 3/4.
Consequences: user access/rights, denial of service on server, denial of service on service.
Provenance: intranet client.
Number of vulnerabilities in this bulletin: 2.
Creation date: 12/05/2016.
Identifiers: ARUBA-PSA-2016-007, CERTFR-2016-AVI-167, CVE-2016-0801, CVE-2016-0802, VIGILANCE-VUL-19610.

Description of the vulnerability

An attacker can generate a memory corruption in Broadcom Wi-Fi of ArubaOS, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note 19609

ArubaOS: out-of-bounds memory reading

Synthesis of the vulnerability

An attacker can force a read at an invalid address of ArubaOS, in order to trigger a denial of service, or to obtain sensitive information.
Impacted products: ArubaOS.
Severity: 2/4.
Consequences: data reading, denial of service on server, denial of service on service, denial of service on client.
Provenance: intranet client.
Creation date: 12/05/2016.
Identifiers: ARUBA-PSA-2016-007, CERTFR-2016-AVI-167, VIGILANCE-VUL-19609.

Description of the vulnerability

An attacker can force a read at an invalid address of ArubaOS, in order to trigger a denial of service, or to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin CVE-2016-2031 CVE-2016-2032

ArubaOS: multiple vulnerabilities of PAPI

Synthesis of the vulnerability

An attacker can use several vulnerabilities of PAPI of ArubaOS.
Impacted products: ArubaOS.
Severity: 2/4.
Consequences: user access/rights, data reading, data creation/edition, denial of service on service.
Provenance: intranet client.
Number of vulnerabilities in this bulletin: 2.
Creation date: 09/05/2016.
Identifiers: ARUBA-PSA-2016-004, ARUBA-PSA-2016-005, ARUBA-PSA-2016-006, CERTFR-2016-AVI-152, CVE-2016-2031, CVE-2016-2032, VIGILANCE-VUL-19553.

Description of the vulnerability

An attacker can use several vulnerabilities of PAPI of ArubaOS.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2015-7547

glibc: buffer overflow of getaddrinfo

Synthesis of the vulnerability

An attacker, who owns a malicious DNS server, can reply with long data to a client application using the getaddrinfo() function of the glibc, in order to trigger a denial of service, and possibly to run code in the client application.
Impacted products: ArubaOS, Blue Coat CAS, Brocade Network Advisor, Brocade vTM, Cisco ASR, Cisco Catalyst, IOS XE Cisco, Nexus by Cisco, NX-OS, Cisco Prime Access Registrar, Cisco Prime DCNM, Secure ACS, Cisco CUCM, Cisco IP Phone, Cisco Wireless IP Phone, Cisco Wireless Controller, XenDesktop, PowerPath, Unisphere EMC, VNX Operating Environment, VNX Series, ExtremeXOS, BIG-IP Hardware, TMOS, Fedora, QRadar SIEM, Trinzic, NSM Central Manager, NSMXpress, McAfee Email Gateway, McAfee MOVE AntiVirus, VirusScan, McAfee Web Gateway, openSUSE, openSUSE Leap, Palo Alto Firewall PA***, PAN-OS, RealPresence Distributed Media Application, Polycom VBP, RHEL, ROX, RuggedSwitch, Slackware, SUSE Linux Enterprise Desktop, SLES, Synology DS***, Synology RS***, Ubuntu, Unix (platform) ~ not comprehensive, ESXi, VMware vSphere, VMware vSphere Hypervisor.
Severity: 4/4.
Consequences: user access/rights, denial of service on service, denial of service on client.
Provenance: internet client.
Creation date: 16/02/2016.
Revision date: 17/02/2016.
Identifiers: 046146, 046151, 046153, 046155, 046158, 1977665, 478832, 479427, 479906, 480572, 480707, 480708, ARUBA-PSA-2016-001, BSA-2016-003, BSA-2016-004, CERTFR-2016-AVI-066, CERTFR-2016-AVI-071, CERTFR-2017-AVI-012, CERTFR-2017-AVI-022, cisco-sa-20160218-glibc, CTX206991, CVE-2015-7547, ESA-2016-020, ESA-2016-027, ESA-2016-028, ESA-2016-029, ESA-2016-030, FEDORA-2016-0480defc94, FEDORA-2016-0f9e9a34ce, JSA10774, KB #4858, openSUSE-SU-2016:0490-1, openSUSE-SU-2016:0510-1, openSUSE-SU-2016:0511-1, openSUSE-SU-2016:0512-1, PAN-SA-2016-0021, RHSA-2016:0175-01, RHSA-2016:0176-01, RHSA-2016:0225-01, SA114, SB10150, SOL47098834, SSA:2016-054-02, SSA-301706, SUSE-SU-2016:0470-1, SUSE-SU-2016:0471-1, SUSE-SU-2016:0472-1, SUSE-SU-2016:0473-1, USN-2900-1, VIGILANCE-VUL-18956, VMSA-2016-0002, VMSA-2016-0002.1, VN-2016-003.

Description of the vulnerability

The glibc library implements a DNS resolver (libresolv).

An application can thus call the getaddrinfo() function, which queries DNS servers. When the AF_UNSPEC type is used in the getaddrinfo() call, two DNS A and AAAA queries are sent simultaneously. However, this special case, and a case with AF_INET6 are not correctly managed, and lead to an overflow if the reply coming from the DNS server is larger than 2048 bytes.

An attacker, who owns a malicious DNS server, can therefore reply with large data to a client application using the getaddrinfo() function of the glibc, in order to trigger a denial of service, and possibly to run code in the client application.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2015-8605

ISC DHCP: buffer overflow of decode_udp_ip_header

Synthesis of the vulnerability

An attacker can generate a buffer overflow by sending an IPv4+UDP packet to an ISC DHCP client or server, in order to trigger a denial of service, and possibly to run code.
Impacted products: SNS, ArubaOS, Debian, BIG-IP Hardware, TMOS, Fedora, ISC DHCP, NETASQ, openSUSE, openSUSE Leap, Slackware, Ubuntu.
Severity: 3/4.
Consequences: user access/rights, denial of service on service.
Provenance: LAN.
Creation date: 13/01/2016.
Identifiers: AA-01334, ARUBA-PSA-2016-007, CERTFR-2016-AVI-167, CVE-2015-8605, DSA-3442-1, FEDORA-2016-0c5bb21bf1, FEDORA-2016-adb533a418, openSUSE-SU-2016:0601-1, openSUSE-SU-2016:0610-1, SOL57500018, SSA:2016-012-01, STORM-2015-018, USN-2868-1, VIGILANCE-VUL-18707.

Description of the vulnerability

The DHCP protocol uses UDP packets.

The decode_udp_ip_header() function of the common/packet.c file of ISC DHCP decodes these UDP packets. However, if the size indicated in the IPv4 header for UDP data is too large, an overflow occurs.

An attacker can therefore generate a buffer overflow by sending an IPv4+UDP packet to an ISC DHCP client or server, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about AOS: