The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of HP-UX

computer vulnerability announce CVE-2015-5370 CVE-2016-0128 CVE-2016-2110

Windows, Samba: code execution via Badlock

Synthesis of the vulnerability

An attacker can use the Badlock vulnerability of Windows or Samba, in order to run code.
Impacted products: ProxySG par Blue Coat, SGOS by Blue Coat, Debian, BIG-IP Hardware, TMOS, Fedora, HP-UX, DB2 UDB, QRadar SIEM, Windows 10, Windows 2008 R0, Windows 2008 R2, Windows 2012, Windows 7, Windows 8, Windows RT, Windows Vista, Data ONTAP, openSUSE, openSUSE Leap, Solaris, Pulse Connect Secure, RHEL, Samba, Slackware, SUSE Linux Enterprise Desktop, SLES, Synology DS***, Synology RS***, Ubuntu.
Severity: 3/4.
Consequences: administrator access/rights, privileged access/rights, user access/rights.
Provenance: intranet client.
Confidence: confirmed by the editor (5/5).
Creation date: 23/03/2016.
Revision date: 12/04/2016.
Identifiers: 1986595, 1987766, 3148527, 9010080, bulletinjan2016, bulletinoct2016, c05162399, CVE-2015-5370, CVE-2016-0128, CVE-2016-2110, CVE-2016-2111, CVE-2016-2112, CVE-2016-2113, CVE-2016-2114, CVE-2016-2115, CVE-2016-2118, DLA-509-1, DSA-3548-1, DSA-3548-2, DSA-3548-3, FEDORA-2016-48b3761baa, FEDORA-2016-be53260726, HPSBUX03616, MS16-047, NTAP-20160412-0001, openSUSE-SU-2016:1025-1, openSUSE-SU-2016:1064-1, openSUSE-SU-2016:1106-1, openSUSE-SU-2016:1107-1, openSUSE-SU-2016:1108-1, openSUSE-SU-2016:1440-1, RHSA-2016:0611-01, RHSA-2016:0612-01, RHSA-2016:0613-01, RHSA-2016:0618-01, RHSA-2016:0619-01, RHSA-2016:0620-01, RHSA-2016:0621-01, RHSA-2016:0623-01, RHSA-2016:0624-01, RHSA-2016:0625-01, SA122, SA40196, SOL37603172, SOL53313971, SSA:2016-106-02, SSRT110128, SUSE-SU-2016:1022-1, SUSE-SU-2016:1023-1, SUSE-SU-2016:1024-1, SUSE-SU-2016:1028-1, SUSE-SU-2016:1105-1, USN-2950-1, USN-2950-2, USN-2950-3, USN-2950-4, USN-2950-5, VIGILANCE-VUL-19207, VU#813296.

Description of the vulnerability

The Windows and Samba products implement authentication for CIFS.

However, several vulnerabilities in these implementations can be used by a Man-in-the-Middle, or to weaken the protocol.

An attacker can therefore use the Badlock vulnerability of Windows or Samba, in order to run code.
Complete Vigil@nce bulletin.... (Free trial)

vulnerability note CVE-2016-1285 CVE-2016-1286 CVE-2016-2088

ISC BIND: three vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of ISC BIND.
Impacted products: Debian, BIG-IP Hardware, TMOS, Fedora, FreeBSD, HP-UX, AIX, BIND, McAfee Email Gateway, openSUSE, openSUSE Leap, Solaris, RHEL, Slackware, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 3/4.
Consequences: denial of service on service.
Provenance: internet server.
Confidence: confirmed by the editor (5/5).
Creation date: 10/03/2016.
Identifiers: bulletinjan2016, c05087821, CVE-2016-1285, CVE-2016-1286, CVE-2016-2088, DSA-3511-1, FEDORA-2016-161b73fc2c, FEDORA-2016-364c0a9df4, FEDORA-2016-5047abe4a9, FEDORA-2016-b593e84223, FreeBSD-SA-16:13.bind, HPSBUX03583, openSUSE-SU-2016:0827-1, openSUSE-SU-2016:0830-1, openSUSE-SU-2016:0834-1, openSUSE-SU-2016:0859-1, RHSA-2016:0458-01, RHSA-2016:0459-01, RHSA-2016:0562-01, RHSA-2016:0601-01, SB10214, SOL62012529, SSA:2016-069-01, SSRT110084, SUSE-SU-2016:0759-1, SUSE-SU-2016:0780-1, SUSE-SU-2016:0825-1, USN-2925-1, VIGILANCE-VUL-19144.

Description of the vulnerability

Several vulnerabilities were announced in ISC BIND.

An attacker can force an assertion error via rndc, in order to trigger a denial of service. [severity:2/4; CVE-2016-1285]

An attacker can force an assertion error via DNAME, in order to trigger a denial of service. [severity:3/4; CVE-2016-1286]

An attacker can force an assertion error via DNS Cookies, in order to trigger a denial of service. [severity:3/4; CVE-2016-2088]
Complete Vigil@nce bulletin.... (Free trial)

computer vulnerability bulletin CVE-2015-7560 CVE-2016-0771

Samba: two vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Samba.
Impacted products: Debian, Fedora, HP-UX, DB2 UDB, openSUSE, openSUSE Leap, RHEL, Samba, Slackware, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 2/4.
Consequences: data reading, data creation/edition, denial of service on service.
Provenance: user account.
Confidence: confirmed by the editor (5/5).
Creation date: 08/03/2016.
Identifiers: 1986595, c05121842, CERTFR-2016-AVI-084, CVE-2015-7560, CVE-2016-0771, DSA-3514-1, FEDORA-2016-cad77a4576, FEDORA-2016-ed1587f6ba, HPSBUX03596, openSUSE-SU-2016:0813-1, openSUSE-SU-2016:0877-1, openSUSE-SU-2016:1064-1, openSUSE-SU-2016:1106-1, openSUSE-SU-2016:1107-1, openSUSE-SU-2016:1108-1, openSUSE-SU-2016:1440-1, RHSA-2016:0448-01, RHSA-2016:0449-01, SSA:2016-068-02, SUSE-SU-2016:0814-1, SUSE-SU-2016:0816-1, SUSE-SU-2016:0837-1, SUSE-SU-2016:0905-1, USN-2922-1, VIGILANCE-VUL-19118.

Description of the vulnerability

Several vulnerabilities were announced in Samba.

An attacker can create a symbolic link, in order to alter ACLs. [severity:2/4; CVE-2015-7560]

An attacker can force a read at an invalid address with a DNS TXT record sent to the internal DNS server in AC DC mode, in order to trigger a denial of service. [severity:2/4; CVE-2016-0771]
Complete Vigil@nce bulletin.... (Free trial)

computer vulnerability note CVE-2016-0763

Apache Tomcat: read-write access via setGlobalContext

Synthesis of the vulnerability

An attacker, who is allowed to upload a malicious web application on the service, can bypass access restrictions via setGlobalContext of Apache Tomcat, in order to read or alter data.
Impacted products: Tomcat, Debian, Fedora, SiteScope, HP-UX, Snap Creator Framework, openSUSE Leap, Oracle Directory Server, Oracle Directory Services Plus, Oracle Fusion Middleware, Oracle GlassFish Server, Oracle Identity Management, Oracle iPlanet Web Server, Oracle OIT, Oracle Virtual Directory, WebLogic, Oracle Web Tier, RHEL, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 2/4.
Consequences: data reading, data creation/edition, data deletion.
Provenance: document.
Confidence: confirmed by the editor (5/5).
Creation date: 22/02/2016.
Identifiers: 1980693, c05150442, c05324755, cpuapr2017, cpuoct2017, CVE-2016-0763, DSA-3530-1, DSA-3552-1, DSA-3609-1, FEDORA-2016-e6651efbaf, HPSBGN03669, HPSBUX03606, NTAP-20180531-0001, openSUSE-SU-2016:0865-1, RHSA-2016:1087-01, RHSA-2016:1088-01, RHSA-2016:1089-01, RHSA-2016:2599-02, RHSA-2016:2807-01, RHSA-2016:2808-01, SUSE-SU-2016:0769-1, SUSE-SU-2016:0822-1, USN-3024-1, VIGILANCE-VUL-18999.

Description of the vulnerability

The Apache Tomcat product can execute a web application from an untrusted source with a Security Manager.

However, a malicious application can use ResourceLinkFactory.setGlobalContext() to inject a context in another application, and access to its data.

An attacker, who is allowed to upload a malicious web application on the service, can therefore bypass access restrictions via setGlobalContext of Apache Tomcat, in order to read or alter data.
Complete Vigil@nce bulletin.... (Free trial)

computer vulnerability bulletin CVE-2016-0714

Apache Tomcat: code execution via PersistentManager

Synthesis of the vulnerability

An attacker, who is allowed to upload a malicious web application on the service, can use the PersistentManager of Apache Tomcat, in order to run code.
Impacted products: Tomcat, Debian, BIG-IP Hardware, TMOS, HP-UX, QRadar SIEM, Snap Creator Framework, openSUSE Leap, Oracle Communications, Oracle Directory Server, Oracle Directory Services Plus, Oracle Fusion Middleware, Oracle GlassFish Server, Oracle Identity Management, Oracle iPlanet Web Server, Oracle OIT, Oracle Virtual Directory, WebLogic, Oracle Web Tier, RHEL, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 2/4.
Consequences: privileged access/rights, user access/rights.
Provenance: document.
Confidence: confirmed by the editor (5/5).
Creation date: 22/02/2016.
Identifiers: 1980693, 1983989, c05054964, c05150442, cpuapr2017, cpujul2018, cpuoct2017, CVE-2016-0714, DSA-3530-1, DSA-3552-1, DSA-3609-1, HPSBUX03561, HPSBUX03606, K30971148, NTAP-20180531-0001, openSUSE-SU-2016:0865-1, RHSA-2016:1087-01, RHSA-2016:1088-01, RHSA-2016:1089-01, RHSA-2016:2045-01, RHSA-2016:2599-02, RHSA-2016:2807-01, RHSA-2016:2808-01, SOL30971148, SUSE-SU-2016:0769-1, SUSE-SU-2016:0822-1, SUSE-SU-2016:0839-1, USN-3024-1, VIGILANCE-VUL-18998.

Description of the vulnerability

The Apache Tomcat product can execute a web application from an untrusted source with a Security Manager.

However, a malicious application can use PersistentManager to store an object in a session, and thus execute code.

An attacker, who is allowed to upload a malicious web application on the service, can therefore use the PersistentManager of Apache Tomcat, in order to run code.
Complete Vigil@nce bulletin.... (Free trial)

computer vulnerability announce CVE-2016-0706

Apache Tomcat: information disclosure via StatusManagerServlet

Synthesis of the vulnerability

An attacker, who is allowed to upload a malicious web application on the service, can use a vulnerability in StatusManagerServlet of Apache Tomcat, in order to obtain sensitive information.
Impacted products: Tomcat, Debian, BIG-IP Hardware, TMOS, HP-UX, QRadar SIEM, Snap Creator Framework, openSUSE Leap, Oracle Communications, Oracle Directory Server, Oracle Directory Services Plus, Oracle Fusion Middleware, Oracle GlassFish Server, Oracle Identity Management, Oracle iPlanet Web Server, Oracle OIT, Oracle Virtual Directory, WebLogic, Oracle Web Tier, RHEL, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 2/4.
Consequences: data reading.
Provenance: document.
Confidence: confirmed by the editor (5/5).
Creation date: 22/02/2016.
Identifiers: 1980693, 1983989, c05054964, c05150442, cpuapr2017, cpujul2018, cpuoct2017, CVE-2016-0706, DSA-3530-1, DSA-3552-1, DSA-3609-1, HPSBUX03561, HPSBUX03606, K30971148, NTAP-20180531-0001, openSUSE-SU-2016:0865-1, RHSA-2016:1087-01, RHSA-2016:1088-01, RHSA-2016:1089-01, RHSA-2016:2045-01, RHSA-2016:2599-02, RHSA-2016:2807-01, RHSA-2016:2808-01, SOL30971148, SUSE-SU-2016:0769-1, SUSE-SU-2016:0822-1, SUSE-SU-2016:0839-1, USN-3024-1, VIGILANCE-VUL-18997.

Description of the vulnerability

The Apache Tomcat product can execute a web application from an untrusted source with a Security Manager.

However, a malicious application can use StatusManagerServlet to obtain the content of HTTP queries being processed.

An attacker, who is allowed to upload a malicious web application on the service, can therefore use a vulnerability in StatusManagerServlet of Apache Tomcat, in order to obtain sensitive information.
Complete Vigil@nce bulletin.... (Free trial)

computer vulnerability alert CVE-2015-5351

Apache Tomcat: Cross Site Request Forgery via Manager / Host Manager

Synthesis of the vulnerability

An attacker can trigger a Cross Site Request Forgery of Apache Tomcat, in order to force the victim to perform operations.
Impacted products: Tomcat, Debian, HP-UX, Snap Creator Framework, openSUSE Leap, Oracle Communications, Oracle Directory Server, Oracle Directory Services Plus, Oracle Fusion Middleware, Oracle GlassFish Server, Oracle Identity Management, Oracle iPlanet Web Server, Oracle OIT, Oracle Virtual Directory, WebLogic, Oracle Web Tier, RHEL, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 2/4.
Consequences: user access/rights.
Provenance: internet client.
Confidence: confirmed by the editor (5/5).
Creation date: 22/02/2016.
Identifiers: 1980693, c05150442, cpuapr2017, cpujul2018, cpuoct2017, CVE-2015-5351, DSA-3530-1, DSA-3552-1, DSA-3609-1, HPSBUX03606, NTAP-20180531-0001, openSUSE-SU-2016:0865-1, RHSA-2016:1087-01, RHSA-2016:1088-01, RHSA-2016:1089-01, RHSA-2016:2599-02, RHSA-2016:2807-01, RHSA-2016:2808-01, SUSE-SU-2016:0769-1, SUSE-SU-2016:0822-1, USN-3024-1, VIGILANCE-VUL-18996.

Description of the vulnerability

The Apache Tomcat product offers a web service, usually protected against Cross Site Request Forgery attacks.

However, the CSRF token can be retrieved through a redirection in the index page of the Manager and Host Manager applications.

An attacker can therefore trigger a Cross Site Request Forgery of Apache Tomcat, in order to force the victim to perform operations.
Complete Vigil@nce bulletin.... (Free trial)

computer vulnerability CVE-2015-5346

Apache Tomcat: session fixation via requestedSessionSSL

Synthesis of the vulnerability

An attacker can reuse the requestedSessionSSL value of Apache Tomcat, in order to access to the TLS session of another user.
Impacted products: Tomcat, Debian, HP-UX, Snap Creator Framework, openSUSE Leap, Oracle Communications, Solaris, RHEL, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 2/4.
Consequences: user access/rights.
Provenance: intranet client.
Confidence: confirmed by the editor (5/5).
Creation date: 22/02/2016.
Identifiers: 1980693, bulletinjan2016, c05150442, cpujul2018, CVE-2015-5346, DSA-3530-1, DSA-3552-1, DSA-3609-1, HPSBUX03606, NTAP-20180531-0001, openSUSE-SU-2016:0865-1, RHSA-2016:1087-01, RHSA-2016:1088-01, RHSA-2016:1089-01, RHSA-2016:2046-01, RHSA-2016:2807-01, RHSA-2016:2808-01, SUSE-SU-2016:0769-1, SUSE-SU-2016:0822-1, USN-3024-1, VIGILANCE-VUL-18995.

Description of the vulnerability

The Apache Tomcat product can recycle its Request object, to improve its performance.

However, the requestedSessionSSL field is not reinitialized. In some special configuration, an attacker can thus set the TLS session identifier, to access to the session of another user.

An attacker can therefore reuse the requestedSessionSSL value of Apache Tomcat, in order to access to the TLS session of another user.
Complete Vigil@nce bulletin.... (Free trial)

vulnerability note CVE-2015-5345

Apache Tomcat: information disclosure via Security Constraint

Synthesis of the vulnerability

An attacker can use a vulnerability in the management of Security Constraints on Apache Tomcat, in order to obtain sensitive information.
Impacted products: Tomcat, Blue Coat CAS, Debian, BIG-IP Hardware, TMOS, HP-UX, QRadar SIEM, McAfee Web Gateway, Snap Creator Framework, openSUSE Leap, Oracle Communications, RHEL, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 1/4.
Consequences: data reading.
Provenance: internet client.
Confidence: confirmed by the editor (5/5).
Creation date: 22/02/2016.
Identifiers: 1980693, 1983989, c05054964, c05150442, cpujul2018, CVE-2015-5345, DSA-3530-1, DSA-3552-1, DSA-3609-1, HPSBUX03561, HPSBUX03606, K30971148, NTAP-20180531-0001, openSUSE-SU-2016:0865-1, RHSA-2016:1087-01, RHSA-2016:1088-01, RHSA-2016:1089-01, RHSA-2016:2045-01, RHSA-2016:2599-02, SA118, SB10156, SOL30971148, SUSE-SU-2016:0769-1, SUSE-SU-2016:0822-1, SUSE-SU-2016:0839-1, USN-3024-1, VIGILANCE-VUL-18994.

Description of the vulnerability

The Apache Tomcat product can protect a directory with a Security Constraint.

However, if the url associated to the Security Constraint does not end with a '/', the attacker receives a response of type redirection, so he can detect if the directory exists.

An attacker can therefore use a vulnerability in the management of Security Constraints on Apache Tomcat, in order to obtain sensitive information.
Complete Vigil@nce bulletin.... (Free trial)

vulnerability bulletin CVE-2015-5174

Apache Tomcat: directory traversal of ServletContext

Synthesis of the vulnerability

An attacker, who is allowed to upload a malicious web application on the service, can traverse directories in ServletContext of Apache Tomcat, in order to read the content of a directory outside the service root path.
Impacted products: Tomcat, Debian, BIG-IP Hardware, TMOS, HP-UX, QRadar SIEM, Tivoli Directory Server, Junos Space, Snap Creator Framework, openSUSE Leap, Oracle Communications, Solaris, RHEL, JBoss EAP by Red Hat, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 2/4.
Consequences: data reading.
Provenance: document.
Confidence: confirmed by the editor (5/5).
Creation date: 22/02/2016.
Identifiers: 1980693, 1981632, 1983989, bulletinjan2016, c05054964, c05150442, cpujul2018, CVE-2015-5174, DSA-3530-1, DSA-3552-1, DSA-3609-1, HPSBUX03561, HPSBUX03606, JSA10838, K30971148, NTAP-20180531-0001, openSUSE-SU-2016:0865-1, RHSA-2016:1432-01, RHSA-2016:1433-01, RHSA-2016:1434-01, RHSA-2016:1435-01, RHSA-2016:2045-01, RHSA-2016:2599-02, SOL30971148, SUSE-SU-2016:0769-1, SUSE-SU-2016:0822-1, SUSE-SU-2016:0839-1, USN-3024-1, VIGILANCE-VUL-18993.

Description of the vulnerability

The Apache Tomcat product can execute a web application from an untrusted source with a Security Manager.

However, the getResource(), getResourceAsStream() and getResourcePaths() methods of ServletContext insert user's data directly in an access path. Sequences such as "/.." can thus be used by the web application to go in the upper directory.

An attacker, who is allowed to upload a malicious web application on the service, can therefore traverse directories in ServletContext of Apache Tomcat, in order to read the content of a directory outside the service root path.
Complete Vigil@nce bulletin.... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about HP-UX: