The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of IBM System x Server

weakness CVE-2018-9068

System x: information disclosure via IMM2 FFDC

Synthesis of the vulnerability

An attacker can bypass access restrictions to data via IMM2 FFDC of System x, in order to obtain sensitive information.
Severity: 2/4.
Creation date: 27/07/2018.
Identifiers: CVE-2018-9068, LEN-20227, VIGILANCE-VUL-26859.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can bypass access restrictions to data via IMM2 FFDC of System x, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

vulnerability alert CVE-2017-3768

IBM System x Server: denial of service via IMM2

Synthesis of the vulnerability

An attacker can generate a fatal error via IMM2 of IBM System x Server, in order to trigger a denial of service.
Severity: 2/4.
Creation date: 29/01/2018.
Identifiers: CVE-2017-3768, LEN-14450, VIGILANCE-VUL-25171.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can generate a fatal error via IMM2 of IBM System x Server, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

cybersecurity threat CVE-2017-3744

IBM System x Server: information disclosure via IMM2 FFDC Logs

Synthesis of the vulnerability

An attacker can bypass access restrictions to data via IMM2 FFDC Logs of IBM System x Server, in order to obtain sensitive information.
Severity: 1/4.
Creation date: 20/06/2017.
Identifiers: CVE-2017-3744, LEN-14054, VIGILANCE-VUL-23037.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can bypass access restrictions to data via IMM2 FFDC Logs of IBM System x Server, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

threat alert CVE-2016-8615 CVE-2016-8616 CVE-2016-8617

Curl: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Curl.
Severity: 3/4.
Number of vulnerabilities in this bulletin: 11.
Creation date: 02/11/2016.
Identifiers: 2001818, 2009692, bulletinapr2018, CERTFR-2019-AVI-325, cpuoct2018, CVE-2016-8615, CVE-2016-8616, CVE-2016-8617, CVE-2016-8618, CVE-2016-8619, CVE-2016-8620, CVE-2016-8621, CVE-2016-8622, CVE-2016-8623, CVE-2016-8624, CVE-2016-8625, DLA-711-1, DSA-2019-114, DSA-3705-1, FEDORA-2016-e8e8cdb4ed, HT207423, JSA10874, JSA10951, K01006862, K10196624, K26899353, K44503763, K46123931, K52828640, MIGR-5099570, openSUSE-SU-2016:2768-1, RHSA-2018:3558-01, SSA:2016-308-01, STORM-2019-002, SUSE-SU-2016:2699-1, SUSE-SU-2016:2714-1, USN-3123-1, VIGILANCE-VUL-20989.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

Several vulnerabilities were announced in Curl.

An attacker can bypass access restrictions via Cookie Injection, in order to read or alter data. [severity:2/4; CVE-2016-8615]

An attacker can bypass security features via Case Insensitive Password Comparison, in order to escalate his privileges. [severity:2/4; CVE-2016-8616]

An attacker can generate a memory corruption via Multiplication, in order to trigger a denial of service, and possibly to run code. [severity:3/4; CVE-2016-8617]

An attacker can force the usage of a freed memory area via curl_maprintf(), in order to trigger a denial of service, and possibly to run code. [severity:3/4; CVE-2016-8618]

An attacker can force the usage of a freed memory area via krb5, in order to trigger a denial of service, and possibly to run code. [severity:3/4; CVE-2016-8619]

An attacker can generate a buffer overflow via Glob Parser, in order to trigger a denial of service, and possibly to run code. [severity:3/4; CVE-2016-8620]

An attacker can force a read at an invalid address via Curl_getdate, in order to trigger a denial of service, or to obtain sensitive information. [severity:2/4; CVE-2016-8621]

An attacker can generate an integer overflow via URL Unescape, in order to trigger a denial of service, and possibly to run code. [severity:3/4; CVE-2016-8622]

An attacker can force the usage of a freed memory area via Shared Cookies, in order to trigger a denial of service, and possibly to run code. [severity:3/4; CVE-2016-8623]

An attacker can bypass security features via URL Parsing, in order to obtain sensitive information. [severity:2/4; CVE-2016-8624]

An attacker can bypass security features via IDNA 2003, in order to obtain sensitive information. [severity:2/4; CVE-2016-8625]
Full Vigil@nce bulletin... (Free trial)

security bulletin CVE-2016-6515

OpenSSH: denial of service via crypt

Synthesis of the vulnerability

An attacker can send a long password, which is hashed by crypt() via OpenSSH, in order to trigger a denial of service.
Severity: 2/4.
Creation date: 01/08/2016.
Identifiers: BSA-2016-204, BSA-2016-207, BSA-2016-210, BSA-2016-211, BSA-2016-212, BSA-2016-213, BSA-2016-216, BSA-2017-247, CERTFR-2017-AVI-012, CERTFR-2019-AVI-325, CVE-2016-6515, DLA-1500-1, DLA-1500-2, DLA-594-1, FEDORA-2016-4a3debc3a6, FreeBSD-SA-17:06.openssh, JSA10770, JSA10940, K31510510, MIGR-5099595, MIGR-5099597, NTAP-20171130-0003, openSUSE-SU-2016:2339-1, RHSA-2017:2029-01, SA136, SOL31510510, SSA-181018, USN-3061-1, VIGILANCE-VUL-20279.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The OpenSSH product uses the crypt() function to hash passwords provided by users.

However, if the sent password is too long, the crypt() function consumes numerous resources.

An attacker can therefore send a long password, which is hashed by crypt() via OpenSSH, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2016-2105 CVE-2016-2106 CVE-2016-2107

OpenSSL: six vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of OpenSSL.
Severity: 3/4.
Number of vulnerabilities in this bulletin: 6.
Creation date: 03/05/2016.
Identifiers: 1982949, 1985850, 1987779, 1993215, 1995099, 1998797, 2003480, 2003620, 2003673, 510853, 9010083, bulletinapr2016, bulletinapr2017, CERTFR-2016-AVI-151, CERTFR-2016-AVI-153, CERTFR-2018-AVI-160, cisco-sa-20160504-openssl, cpuapr2017, cpujan2018, cpujul2016, cpujul2017, cpujul2018, cpuoct2016, cpuoct2017, cpuoct2018, CTX212736, CTX233832, CVE-2016-2105, CVE-2016-2106, CVE-2016-2107, CVE-2016-2108, CVE-2016-2109, CVE-2016-2176, DLA-456-1, DSA-3566-1, ESA-2017-142, FEDORA-2016-05c567df1a, FEDORA-2016-1e39d934ed, FEDORA-2016-e1234b65a2, FG-IR-16-026, FreeBSD-SA-16:17.openssl, HPESBGN03728, HPESBHF03756, HT206903, JSA10759, K23230229, K36488941, K51920288, K75152412, K93600123, MBGSA-1603, MIGR-5099595, MIGR-5099597, NTAP-20160504-0001, openSUSE-SU-2016:1237-1, openSUSE-SU-2016:1238-1, openSUSE-SU-2016:1239-1, openSUSE-SU-2016:1240-1, openSUSE-SU-2016:1241-1, openSUSE-SU-2016:1242-1, openSUSE-SU-2016:1243-1, openSUSE-SU-2016:1273-1, openSUSE-SU-2016:1566-1, openSUSE-SU-2017:0487-1, PAN-SA-2016-0020, PAN-SA-2016-0028, RHSA-2016:0722-01, RHSA-2016:0996-01, RHSA-2016:1137-01, RHSA-2016:1648-01, RHSA-2016:1649-01, RHSA-2016:1650-01, RHSA-2016:2054-01, RHSA-2016:2055-01, RHSA-2016:2056-01, RHSA-2016:2073-01, SA123, SA40202, SB10160, SOL23230229, SOL36488941, SOL51920288, SOL75152412, SP-CAAAPPQ, SPL-119440, SPL-121159, SPL-123095, SSA:2016-124-01, STORM-2016-002, SUSE-SU-2016:1206-1, SUSE-SU-2016:1228-1, SUSE-SU-2016:1231-1, SUSE-SU-2016:1233-1, SUSE-SU-2016:1267-1, SUSE-SU-2016:1290-1, SUSE-SU-2016:1360-1, SUSE-SU-2018:0112-1, TNS-2016-10, USN-2959-1, VIGILANCE-VUL-19512, VN-2016-006, VN-2016-007.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

Several vulnerabilities were announced in OpenSSL.

An attacker can act as a Man-in-the-Middle and use the AES CBC algorithm with a server supporting AES-NI, in order to read or write data in the session. This vulnerability was initially fixed in versions 1.0.1o and 1.0.2c, but it was not disclosed at that time. [severity:3/4; CVE-2016-2108]

An attacker can act as a Man-in-the-Middle and use the AES CBC algorithm with a server supporting AES-NI, in order to read or write data in the session. [severity:3/4; CVE-2016-2107]

An attacker can generate a buffer overflow in EVP_EncodeUpdate(), which is mainly used by command line applications, in order to trigger a denial of service, and possibly to run code. [severity:2/4; CVE-2016-2105]

An attacker can generate a buffer overflow in EVP_EncryptUpdate(), which is difficult to reach, in order to trigger a denial of service, and possibly to run code. [severity:2/4; CVE-2016-2106]

An attacker can trigger an excessive memory usage in d2i_CMS_bio(), in order to trigger a denial of service. [severity:2/4; CVE-2016-2109]

An attacker can force a read at an invalid address in applications using X509_NAME_oneline(), in order to trigger a denial of service, or to obtain sensitive information. [severity:2/4; CVE-2016-2176]
Full Vigil@nce bulletin... (Free trial)

security alert CVE-2015-5185

sblim-sfcb: NULL pointer dereference via lookupProviders

Synthesis of the vulnerability

An attacker can force a NULL pointer to be dereferenced in lookupProviders of sblim-sfcb, in order to trigger a denial of service.
Severity: 1/4.
Creation date: 18/09/2015.
Identifiers: CVE-2015-5185, FEDORA-2015-14197, FEDORA-2015-14199, FEDORA-2015-14200, MIGR-5099487, MIGR-5099488, openSUSE-SU-2015:1571-1, VIGILANCE-VUL-17929.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can force a NULL pointer to be dereferenced in lookupProviders of sblim-sfcb, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

weakness CVE-2015-8710

libxml2: unreachable memory reading via Comment

Synthesis of the vulnerability

An attacker can use a partial comment, to force a read at an invalid address in libxml2, in order to trigger a denial of service.
Severity: 2/4.
Creation date: 20/04/2015.
Identifiers: 1980816, 746048, BSA-2016-004, CVE-2015-8710, K45439210, MIGR-5099487, MIGR-5099488, openSUSE-SU-2016:0188-1, RHSA-2016:1087-01, RHSA-2016:1088-01, RHSA-2016:1089-01, USN-2875-1, VIGILANCE-VUL-16651.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An XML document can contain a comment starting with "<!-- " and ending with "-->".

However, if a comment does not end, libxml2 tries to read an unreachable memory area, which triggers a fatal error.

An attacker can therefore use a partial comment, to force a read at an invalid address in libxml2, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer threat note CVE-2013-7041

pam_userdb: brute force facilitated by strncasecmp

Synthesis of the vulnerability

An attacker can more easily use a brute force attack against pam_userdb, in order to access to the account of a user.
Severity: 2/4.
Creation date: 09/12/2013.
Identifiers: 731368, CVE-2013-7041, FEDORA-2014-16350, USN-2935-1, USN-2935-2, USN-2935-3, VIGILANCE-VUL-13888.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The PAM pam_userdb module is used to authenticate a user from a Berkeley database.

This module computes the hash of a user's password, and then compares it with the one stored in the database. If these hashes are equal, user is authenticated.

However, the comparison is performed with no case checking, with the strncasecmp() function. The "abc" and "aBc" hashes are thus considered as equal, which means that several passwords are accepted as valid.

An attacker can therefore more easily use a brute force attack against pam_userdb, in order to access to the account of a user.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.