The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of BlueCoat Content Analysis System

computer weakness announce CVE-2017-5972

Linux kernel: denial of service via RSYSLOG and SYN Cookie Protection

Synthesis of the vulnerability

An attacker can generate a fatal error via the RSYSLOG service and the SYN Cookie Protection of the Linux kernel, in order to trigger a denial of service.
Severity: 2/4.
Creation date: 15/02/2017.
Identifiers: CVE-2017-5972, SA148, VIGILANCE-VUL-21842.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can generate a fatal error via the RSYSLOG service and the SYN Cookie Protection of the Linux kernel, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

security alert CVE-2017-5970

Linux kernel: NULL pointer dereference via ipv4_pktinfo_prepare

Synthesis of the vulnerability

An attacker can force a NULL pointer to be dereferenced via ipv4_pktinfo_prepare() on the Linux kernel, in order to trigger a denial of service.
Severity: 1/4.
Creation date: 13/02/2017.
Identifiers: 2011746, CERTFR-2017-AVI-060, CERTFR-2017-AVI-128, CERTFR-2017-AVI-282, CERTFR-2017-AVI-287, CERTFR-2017-AVI-307, CERTFR-2017-AVI-311, CVE-2017-5970, DLA-922-1, DSA-3791-1, FEDORA-2017-0054c7b1f0, FEDORA-2017-787bc0d5b4, K60104355, openSUSE-SU-2017:0541-1, openSUSE-SU-2017:0547-1, RHSA-2017:1842-01, RHSA-2017:2077-01, RHSA-2017:2669-01, SA148, SUSE-SU-2017:0517-1, SUSE-SU-2017:0575-1, SUSE-SU-2017:1247-1, SUSE-SU-2017:1301-1, SUSE-SU-2017:1990-1, SUSE-SU-2017:2342-1, SUSE-SU-2017:2525-1, USN-3265-1, USN-3265-2, USN-3361-1, USN-3422-1, USN-3422-2, VIGILANCE-VUL-21801.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can force a NULL pointer to be dereferenced via ipv4_pktinfo_prepare() on the Linux kernel, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer threat note CVE-2017-5897

Linux kernel: out-of-bounds memory reading via ip6gre_err

Synthesis of the vulnerability

An attacker can force a read at an invalid address via ip6gre_err() on the Linux kernel, in order to trigger a denial of service, or to obtain sensitive information.
Severity: 2/4.
Creation date: 06/02/2017.
Identifiers: CERTFR-2017-AVI-060, CERTFR-2017-AVI-128, CERTFR-2017-AVI-162, CERTFR-2018-AVI-408, CVE-2017-5897, DSA-3791-1, FEDORA-2017-92d84f68cf, FEDORA-2017-fb89ca752a, openSUSE-SU-2017:0541-1, openSUSE-SU-2017:0547-1, SA148, SUSE-SU-2017:0575-1, SUSE-SU-2017:1247-1, SUSE-SU-2017:1360-1, SUSE-SU-2017:1990-1, USN-3265-1, USN-3265-2, USN-3361-1, USN-3754-1, VIGILANCE-VUL-21764.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The Linux kernel support GRE (Generic Routing Encapsulation) tunnels overs IPv6.

However, the ip6gre_err() function tries to read a memory area located outside the expected range, which triggers a fatal error, or leads to the disclosure of a memory fragment.

An attacker can therefore force a read at an invalid address via ip6gre_err() on the Linux kernel, in order to trigger a denial of service, or to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

cybersecurity weakness CVE-2015-6563 CVE-2015-6564 CVE-2015-6565

OpenSSH: three vulnerabilities

Synthesis of the vulnerability

An authenticated attacker can use several vulnerabilities of OpenSSH.
Severity: 2/4.
Number of vulnerabilities in this bulletin: 3.
Creation date: 12/08/2015.
Revisions dates: 03/09/2015, 27/01/2017.
Identifiers: BFS-SA-2015-002, BSA-2015-009, BSA-2019-764, BSA-2019-766, CERTFR-2017-AVI-012, CERTFR-2017-AVI-022, CERTFR-2019-AVI-325, CVE-2015-6563, CVE-2015-6564, CVE-2015-6565, DLA-1500-1, DLA-1500-2, FEDORA-2015-13520, FreeBSD-SA-15:22.openssh, JSA10774, JSA10840, JSA10940, K17263, RHSA-2015:2088-06, RHSA-2016:0741-01, SA104, SB10177, SB10178, SOL17263, SUSE-SU-2015:1581-1, SYMSA1337, VIGILANCE-VUL-17643.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

Several vulnerabilities were announced in OpenSSH.

A local attacker can write a message (or ANSI sequences) on the tty of other users, because the tty is world-writable. It is also possible to use the TIOCSTI ioctl, in order to inject shell commands. [severity:2/4; CVE-2015-6565]

On OpenSSH Portable, a local attacker can use PAM and compromise the pre-authentication process, in order to impersonate other users. [severity:2/4; BFS-SA-2015-002, CVE-2015-6563]

On OpenSSH Portable, an attacker can compromise the pre-authentication process and force the usage of a freed memory area in PAM support, in order to trigger a denial of service, and possibly to run code. [severity:2/4; BFS-SA-2015-002, CVE-2015-6564]
Full Vigil@nce bulletin... (Free trial)

weakness announce CVE-2016-7055 CVE-2017-3730 CVE-2017-3731

OpenSSL: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of OpenSSL.
Severity: 2/4.
Number of vulnerabilities in this bulletin: 4.
Creation date: 26/01/2017.
Identifiers: 1117414, 2000544, 2000988, 2000990, 2002331, 2004036, 2004940, 2009389, 2010154, 2011567, 2012827, 2014202, 2014651, 2014669, 2015080, BSA-2016-204, BSA-2016-207, BSA-2016-211, BSA-2016-212, BSA-2016-213, BSA-2016-216, BSA-2016-234, bulletinapr2017, bulletinjan2018, bulletinoct2017, CERTFR-2017-AVI-035, CERTFR-2018-AVI-343, cisco-sa-20170130-openssl, cpuapr2017, cpuapr2019, cpujan2018, cpujul2017, cpujul2018, cpuoct2017, CVE-2016-7055, CVE-2017-3730, CVE-2017-3731, CVE-2017-3732, DLA-814-1, DSA-3773-1, FEDORA-2017-3451dbec48, FEDORA-2017-e853b4144f, FG-IR-17-019, FreeBSD-SA-17:02.openssl, ibm10732391, ibm10733905, ibm10738249, ibm10738401, JSA10775, K37526132, K43570545, K44512851, K-510805, NTAP-20170127-0001, NTAP-20170310-0002, NTAP-20180201-0001, openSUSE-SU-2017:0481-1, openSUSE-SU-2017:0487-1, openSUSE-SU-2017:0527-1, openSUSE-SU-2017:0941-1, openSUSE-SU-2017:2011-1, openSUSE-SU-2017:2868-1, openSUSE-SU-2018:0458-1, PAN-70674, PAN-73914, PAN-SA-2017-0012, PAN-SA-2017-0014, PAN-SA-2017-0016, RHSA-2017:0286-01, RHSA-2018:2568-01, RHSA-2018:2575-01, SA141, SA40423, SB10188, SSA:2017-041-02, SUSE-SU-2018:0112-1, SUSE-SU-2018:2839-1, SUSE-SU-2018:3082-1, TNS-2017-03, USN-3181-1, VIGILANCE-VUL-21692.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

Several vulnerabilities were announced in OpenSSL.

An attacker can force a read at an invalid address via Truncated Packet, in order to trigger a denial of service, or to obtain sensitive information. [severity:2/4; CVE-2017-3731]

An attacker can force a NULL pointer to be dereferenced via DHE/ECDHE Parameters, in order to trigger a denial of service. [severity:2/4; CVE-2017-3730]

An attacker can use a carry propagation error via BN_mod_exp(), in order to compute the private key. [severity:1/4; CVE-2017-3732]

An error occurs in the Broadwell-specific Montgomery Multiplication Procedure, but with no apparent impact. [severity:1/4; CVE-2016-7055]
Full Vigil@nce bulletin... (Free trial)

computer threat CVE-2016-10009 CVE-2016-10010 CVE-2016-10011

OpenSSH: five vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of OpenSSH.
Severity: 2/4.
Number of vulnerabilities in this bulletin: 5.
Creation date: 19/12/2016.
Identifiers: 1009, 1010, bulletinapr2017, CERTFR-2019-AVI-325, CVE-2016-10009, CVE-2016-10010, CVE-2016-10011, CVE-2016-10012, DLA-1500-1, DLA-1500-2, DSA-2019-131, FEDORA-2017-4767e2991d, FreeBSD-SA-17:01.openssh, HPESBUX03818, HT207615, JSA10880, JSA10940, K24324390, K31440025, K62201745, K64292204, NTAP-20171130-0002, openSUSE-SU-2017:0344-1, openSUSE-SU-2017:0674-1, pfSense-SA-17_03.webgui, RHSA-2017:2029-01, SA144, SSA-181018, SSA:2016-358-02, SUSE-SU-2018:2275-1, SUSE-SU-2018:2685-1, SUSE-SU-2018:3540-1, USN-3538-1, VIGILANCE-VUL-21419.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

Several vulnerabilities were announced in OpenSSH.

An attacker can bypass security features via ssh-agent, in order to escalate his privileges. [severity:2/4; CVE-2016-10009]

An attacker can bypass security features via Unix Domain Sockets, in order to escalate his privileges. [severity:2/4; CVE-2016-10010]

An attacker can bypass security features via Privilege-separated Child realloc(), in order to obtain sensitive information. [severity:1/4; CVE-2016-10011]

An attacker can generate a buffer overflow via Pre-authentication Compression, in order to trigger a denial of service, and possibly to run code. [severity:2/4; CVE-2016-10012]

An attacker can bypass security features via AllowUser/DenyUsers Address Ranges, in order to escalate his privileges. [severity:2/4]
Full Vigil@nce bulletin... (Free trial)

computer weakness alert CVE-2016-7426 CVE-2016-7427 CVE-2016-7428

NTP.org: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of NTP.org.
Severity: 2/4.
Number of vulnerabilities in this bulletin: 10.
Creation date: 21/11/2016.
Identifiers: 2009389, bulletinoct2016, CERTFR-2017-AVI-090, cisco-sa-20161123-ntpd, CVE-2016-7426, CVE-2016-7427, CVE-2016-7428, CVE-2016-7429, CVE-2016-7431, CVE-2016-7433, CVE-2016-7434, CVE-2016-9310, CVE-2016-9311, CVE-2016-9312, FEDORA-2016-7209ab4e02, FEDORA-2016-c198d15316, FEDORA-2016-e8a8561ee7, FreeBSD-SA-16:39.ntp, HPESBHF03883, HPESBUX03706, HPESBUX03885, JSA10776, JSA10796, K51444934, K55405388, K87922456, MBGSA-1605, NTAP-20170127-0001, NTAP-20170310-0002, NTAP-20180201-0001, openSUSE-SU-2016:3280-1, pfSense-SA-17_03.webgui, RHSA-2017:0252-01, SA139, SSA:2016-326-01, TALOS-2016-0130, TALOS-2016-0131, TALOS-2016-0203, TALOS-2016-0204, USN-3349-1, VIGILANCE-VUL-21170, VU#633847.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

Several vulnerabilities were announced in NTP.org.

An attacker can force an assertion error, in order to trigger a denial of service. [severity:2/4; CVE-2016-9311, TALOS-2016-0204]

An attacker can bypass security features via Mode 6, in order to obtain sensitive information. [severity:2/4; CVE-2016-9310, TALOS-2016-0203]

An attacker can trigger a fatal error via Broadcast Mode Replay, in order to trigger a denial of service. [severity:2/4; CVE-2016-7427, TALOS-2016-0131]

An attacker can trigger a fatal error via Broadcast Mode Poll Interval, in order to trigger a denial of service. [severity:2/4; CVE-2016-7428, TALOS-2016-0130]

An attacker can send malicious UDP packets, in order to trigger a denial of service on Windows. [severity:2/4; CVE-2016-9312]

An unknown vulnerability was announced via Zero Origin Timestamp. [severity:2/4; CVE-2016-7431]

An attacker can force a NULL pointer to be dereferenced via _IO_str_init_static_internal(), in order to trigger a denial of service. [severity:2/4; CVE-2016-7434]

An unknown vulnerability was announced via Interface selection. [severity:2/4; CVE-2016-7429]

An attacker can trigger a fatal error via Client Rate Limiting, in order to trigger a denial of service. [severity:2/4; CVE-2016-7426]

An unknown vulnerability was announced via Reboot Sync. [severity:2/4; CVE-2016-7433]
Full Vigil@nce bulletin... (Free trial)

computer threat announce CVE-2016-8635

Mozilla NSS: information disclosure via Small Subgroup Confinement Attack

Synthesis of the vulnerability

An attacker can bypass access restrictions to data via Small Subgroup Confinement Attack of Mozilla NSS, in order to obtain sensitive information.
Severity: 2/4.
Creation date: 16/11/2016.
Identifiers: 1391818, 2000347, CVE-2016-8635, RHSA-2016:2779-01, SA137, SUSE-SU-2017:1175-1, SUSE-SU-2017:1248-1, SYMSA1391, USN-3163-1, VIGILANCE-VUL-21128.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can bypass access restrictions to data via Small Subgroup Confinement Attack of Mozilla NSS, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin CVE-2016-5285

Mozilla NSS: NULL pointer dereference via PK11_SignWithSymKey

Synthesis of the vulnerability

An attacker can force a NULL pointer to be dereferenced via PK11_SignWithSymKey of Mozilla NSS, in order to trigger a denial of service.
Severity: 2/4.
Creation date: 16/11/2016.
Identifiers: 1383883, 2000347, cpuoct2017, CVE-2016-5285, RHSA-2016:2779-01, SA137, SUSE-SU-2016:3014-1, SUSE-SU-2016:3080-1, SUSE-SU-2016:3105-1, SYMSA1391, USN-3163-1, VIGILANCE-VUL-21127.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can force a NULL pointer to be dereferenced via PK11_SignWithSymKey of Mozilla NSS, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2016-8666

Linux kernel: denial of service via GRO

Synthesis of the vulnerability

An attacker can send malicious GRO packets to the Linux kernel, in order to trigger a denial of service.
Severity: 1/4.
Creation date: 17/10/2016.
Identifiers: CERTFR-2016-AVI-402, CERTFR-2017-AVI-016, CVE-2016-8666, openSUSE-SU-2016:2584-1, openSUSE-SU-2016:3050-1, RHSA-2017:0004-01, SA134, SUSE-SU-2016:2912-1, SUSE-SU-2017:0181-1, VIGILANCE-VUL-20882.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The Linux kernel can be configured with CONFIG_VLAN_8021Q or CONFIG_VXLAN, with the support of Transparent Ethernet Bridging (TEB) GRO.

However, when a malicious GRO packet is received, a large recursion error occurs.

An attacker can therefore send malicious GRO packets to the Linux kernel, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.