The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Novell openSUSE

computer vulnerability announce CVE-2015-3197

OpenSSL: using disabled SSLv2 ciphers

Synthesis of the vulnerability

An attacker can connect to a SSLv2 server with disabled ciphers in OpenSSL, in order to create a TLS session which is not secure.
Impacted products: Cisco IPS, Cisco Nexus, NX-OS, Cisco CUCM, Cisco Manager Attendant Console, Cisco IP Phone, BIG-IP Hardware, TMOS, Fedora, FreeBSD, Copssh, Data ONTAP, OpenSSL, openSUSE, Puppet, Slackware, stunnel, VxWorks.
Severity: 1/4.
Creation date: 28/01/2016.
Identifiers: 9010060, CERTFR-2016-AVI-041, cisco-sa-20160129-openssl, CVE-2015-3197, FEDORA-2016-527018d2ff, FreeBSD-SA-16:11.openssl, NTAP-20160201-0001, openSUSE-SU-2016:0362-1, openSUSE-SU-2016:0442-1, SOL33209124, SOL64009378, SSA:2016-034-03, VIGILANCE-VUL-18837.

Description of the vulnerability

The OpenSSL library disables by default SSLv2, excepted if the SSL_OP_NO_SSLv2 option is used.

SSLv2 cipher algorithms can be disabled on the server. However, a malicious client can still use these algorithms.

An attacker can therefore connect to a SSLv2 server with disabled ciphers in OpenSSL, in order to create a TLS session which is not secure.
Complete Vigil@nce bulletin.... (free trial)

computer vulnerability alert CVE-2016-0755

cURL: privilege escalation via the use of proxy using NTLM authentication

Synthesis of the vulnerability

An attacker can use cURL with an HTTP proxy and NTLM authentication with the proxy account of another user, in order to escalate his privileges.
Impacted products: cURL, Debian, Fedora, openSUSE, openSUSE Leap, Slackware, Ubuntu.
Severity: 1/4.
Creation date: 27/01/2016.
Identifiers: CVE-2016-0755, DSA-3455-1, FEDORA-2016-3fa315a5dd, FEDORA-2016-57bebab3b6, openSUSE-SU-2016:0360-1, openSUSE-SU-2016:0373-1, openSUSE-SU-2016:0376-1, SSA:2016-039-01, USN-2882-1, VIGILANCE-VUL-18826.

Description of the vulnerability

The cURL product includes an embedable HTTP client. It can use HTTP proxies.

When a proxy requires an NTLM authentication, this authentication is connection based (in contrast to HTTP based authentication which is request based). Typically, cURL reuses TCP connections to the proxy for several HTTP requests. However, cURL may do so even if different credentials for the proxy have been specified at request level.

An attacker can therefore use cURL with an HTTP proxy and NTLM authentication with the proxy account of another user, in order to escalate his privileges.
Complete Vigil@nce bulletin.... (free trial)

computer vulnerability bulletin CVE-2015-8767

Linux kernel: denial of service via sctp_accept

Synthesis of the vulnerability

A local attacker can generate a deadlock via sctp_accept() in the Linux kernel, in order to trigger a denial of service.
Impacted products: Debian, Fedora, Linux, openSUSE, openSUSE Leap.
Severity: 1/4.
Creation date: 11/01/2016.
Identifiers: CVE-2015-8767, DSA-3448-1, FEDORA-2016-5d43766e33, openSUSE-SU-2016:0280-1, openSUSE-SU-2016:0301-1, openSUSE-SU-2016:0318-1, VIGILANCE-VUL-18678.

Description of the vulnerability

The SCTP protocol is used to transport several message streams, multiplexed over one connection.

However, when the sctp_accept() function is called during a timeout, a deadlock occurs in the net/sctp/sm_sideeffect.c file.

A local attacker can therefore generate a deadlock via sctp_accept() in the Linux kernel, in order to trigger a denial of service.
Complete Vigil@nce bulletin.... (free trial)

computer vulnerability alert CVE-2015-7575

Mozilla NSS, OpenSSL, Oracle Java: MD5 allowed in TLS 1.2

Synthesis of the vulnerability

An attacker can create a MD5 collision in a TLS 1.2 session of Mozilla NSS, OpenSSL or Oracle Java, in order to capture data belonging to this session.
Impacted products: Blue Coat CAS, ProxySG, SGOS, Debian, AIX, DB2 UDB, QRadar SIEM, Tivoli Storage Manager, WebSphere AS, Domino, Notes, Firefox, NSS, Java OpenJDK, OpenSSL, openSUSE, openSUSE Leap, Java Oracle, RHEL, SUSE Linux Enterprise Desktop, SLES, Synology DS***, Synology RS***, Ubuntu.
Severity: 1/4.
Creation date: 28/12/2015.
Revision date: 08/01/2016.
Identifiers: 1974958, 1975424, 1976113, 1976148, 1976200, 1976262, 1976362, 1976363, cpujan2016, CVE-2015-7575, DSA-3436-1, DSA-3457-1, DSA-3465-1, MFSA-2015-150, openSUSE-SU-2015:2405-1, openSUSE-SU-2016:0007-1, openSUSE-SU-2016:0161-1, openSUSE-SU-2016:0162-1, openSUSE-SU-2016:0263-1, openSUSE-SU-2016:0268-1, openSUSE-SU-2016:0270-1, openSUSE-SU-2016:0272-1, openSUSE-SU-2016:0279-1, openSUSE-SU-2016:0307-1, openSUSE-SU-2016:0308-1, RHSA-2016:0007-01, RHSA-2016:0008-01, RHSA-2016:0049-01, RHSA-2016:0050-01, RHSA-2016:0053-01, RHSA-2016:0054-01, RHSA-2016:0055-01, RHSA-2016:0056-01, RHSA-2016:0098-01, RHSA-2016:0099-01, RHSA-2016:0100-01, RHSA-2016:0101-01, SA108, SLOTH, SUSE-SU-2016:0256-1, SUSE-SU-2016:0265-1, SUSE-SU-2016:0269-1, SUSE-SU-2016:0390-1, SUSE-SU-2016:0399-1, SUSE-SU-2016:0401-1, SUSE-SU-2016:0428-1, SUSE-SU-2016:0431-1, SUSE-SU-2016:0433-1, USN-2863-1, USN-2864-1, USN-2866-1, USN-2884-1, VIGILANCE-VUL-18586.

Description of the vulnerability

The Mozilla NSS, OpenSSL and Oracle Java products implement TLS version 1.2.

The MD5 hashing algorithm is weak. However, it is accepted in signatures of TLS 1.2 ServerKeyExchange messages.

An attacker can therefore create a MD5 collision in a TLS 1.2 session of Mozilla NSS, OpenSSL or Oracle Java, in order to capture data belonging to this session.
Complete Vigil@nce bulletin.... (free trial)

vulnerability CVE-2015-8669

phpMyAdmin: information disclosure via Error Message

Synthesis of the vulnerability

An attacker can read an error message of phpMyAdmin, in order to obtain sensitive information.
Impacted products: Fedora, openSUSE, openSUSE Leap, phpMyAdmin.
Severity: 1/4.
Creation date: 28/12/2015.
Identifiers: CERTFR-2015-AVI-565, CVE-2015-8669, FEDORA-2015-345966871c, FEDORA-2015-deb2bbdde0, openSUSE-SU-2016:0067-1, PMASA-2015-6, VIGILANCE-VUL-18590.

Description of the vulnerability

The phpMyAdmin product offers a web service.

However, an attacker can directly call some PHP scripts, to generate an error message containing the installation path.

An attacker can therefore read an error message of phpMyAdmin, in order to obtain sensitive information.
Complete Vigil@nce bulletin.... (free trial)

computer vulnerability announce CVE-2015-7550

Linux kernel: denial of service via keyctl_read_key

Synthesis of the vulnerability

A local attacker can generate a locking error in keyctl_read_key() of the Linux kernel, in order to trigger a denial of service.
Impacted products: Debian, Fedora, Linux, openSUSE, openSUSE Leap, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 1/4.
Creation date: 22/12/2015.
Identifiers: 1290370, CERTFR-2015-AVI-561, CERTFR-2016-AVI-004, CERTFR-2016-AVI-044, CVE-2015-7550, DSA-3434-1, FEDORA-2015-c1c2f5e168, FEDORA-2015-c59710b05d, openSUSE-SU-2016:0280-1, openSUSE-SU-2016:0301-1, openSUSE-SU-2016:0318-1, SUSE-SU-2016:0168-1, USN-2888-1, USN-2890-1, USN-2890-2, USN-2890-3, VIGILANCE-VUL-18577.

Description of the vulnerability

The Linux kernel can store cryptographic keys, which are managed using keyctl.

However, if a key is read during its revocation, a fatal error occurs in the keyctl_read_key() function.

A local attacker can therefore generate a locking error in keyctl_read_key() of the Linux kernel, in order to trigger a denial of service.
Complete Vigil@nce bulletin.... (free trial)

vulnerability note CVE-2015-8555

Xen: information disclosure via x86 FPU/XMM

Synthesis of the vulnerability

An attacker, located in a guest system, can read a memory fragment of x86 FPU/XMM of Xen, in order to obtain sensitive information.
Impacted products: XenServer, Fedora, openSUSE, openSUSE Leap, Xen.
Severity: 1/4.
Creation date: 17/12/2015.
Identifiers: CERTFR-2015-AVI-551, CERTFR-2015-AVI-556, CTX203879, CVE-2015-8555, FEDORA-2015-c44bd3e0fa, FEDORA-2015-d8253e2b1d, openSUSE-SU-2016:0123-1, openSUSE-SU-2016:0124-1, openSUSE-SU-2016:0126-1, VIGILANCE-VUL-18554, XSA-165.

Description of the vulnerability

The XSAVE and XRSTOR instructions are used to save and restore the processor state.

However, when Xen is on a x86 processor without XSAVE/XRSTOR, a guest system can read the FPU stack and previous XMM registers.

An attacker, located in a guest system, can therefore read a memory fragment of x86 FPU/XMM of Xen, in order to obtain sensitive information.
Complete Vigil@nce bulletin.... (free trial)

vulnerability bulletin CVE-2015-8554

Xen: buffer overflow of MSI-X

Synthesis of the vulnerability

An attacker, who is administrator in a guest system, can generate a buffer overflow in MSI-X of Xen, in order to trigger a denial of service, and possibly to run code on the host system.
Impacted products: XenServer, Fedora, openSUSE, openSUSE Leap, Xen.
Severity: 1/4.
Creation date: 17/12/2015.
Identifiers: CERTFR-2015-AVI-551, CERTFR-2015-AVI-556, CTX203879, CVE-2015-8554, FEDORA-2015-c44bd3e0fa, FEDORA-2015-d8253e2b1d, openSUSE-SU-2016:0123-1, openSUSE-SU-2016:0124-1, openSUSE-SU-2016:0126-1, VIGILANCE-VUL-18553, XSA-164.

Description of the vulnerability

The Xen product can be configured with "qemu-xen-traditional" (qemu-dm).

However, if the size of MSI-X data is greater than the size of the storage array, an overflow occurs.

An attacker, who is administrator in a guest system, can therefore generate a buffer overflow in MSI-X of Xen, in order to trigger a denial of service, and possibly to run code on the host system.
Complete Vigil@nce bulletin.... (free trial)

vulnerability announce CVE-2015-8551 CVE-2015-8552

Linux kernel: two vulnerabilities of pciback

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Linux pciback of Xen.
Impacted products: Debian, Linux, openSUSE, openSUSE Leap, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 1/4.
Creation date: 17/12/2015.
Identifiers: CERTFR-2015-AVI-551, CERTFR-2015-AVI-558, CERTFR-2016-AVI-004, CVE-2015-8551, CVE-2015-8552, DSA-3434-1, openSUSE-SU-2016:0280-1, openSUSE-SU-2016:0301-1, openSUSE-SU-2016:0318-1, SUSE-SU-2016:0168-1, USN-2846-1, USN-2847-1, USN-2848-1, USN-2849-1, USN-2850-1, USN-2851-1, USN-2852-1, USN-2853-1, USN-2854-1, VIGILANCE-VUL-18552, XSA-157.

Description of the vulnerability

Several vulnerabilities were announced in Linux pciback.

An attacker can force a NULL pointer to be dereferenced in MSI Code, in order to trigger a denial of service. [severity:1/4; CVE-2015-8551]

An attacker can trigger an error with XEN_PCI_OP_enable_msi, in order to trigger a denial of service. [severity:1/4; CVE-2015-8552]
Complete Vigil@nce bulletin.... (free trial)

computer vulnerability CVE-2015-8575

Linux kernel: information disclosure via sco_sock_bind

Synthesis of the vulnerability

A local attacker can read a memory fragment by calling the getsockname() function on a SCO socket on the Linux kernel, in order to obtain sensitive information.
Impacted products: Debian, Fedora, Linux, openSUSE, openSUSE Leap, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 1/4.
Creation date: 16/12/2015.
Identifiers: CERTFR-2016-AVI-004, CERTFR-2016-AVI-044, CVE-2015-8575, DSA-3434-1, FEDORA-2016-5d43766e33, FEDORA-2016-6ce812a1e0, openSUSE-SU-2016:0280-1, openSUSE-SU-2016:0301-1, openSUSE-SU-2016:0318-1, SUSE-SU-2016:0168-1, USN-2886-1, USN-2886-2, USN-2888-1, USN-2890-1, USN-2890-2, USN-2890-3, VIGILANCE-VUL-18545.

Description of the vulnerability

The Linux kernel supports Bluetooth SCO (Synchronous Connection-Oriented).

The sco_sock_bind() function is called when a socket is initialized. However, if the size of data in the sockaddr structure is less than the size of a SCO address, the final bytes are not set.

A local attacker can therefore read a memory fragment by calling the getsockname() function on a SCO socket on the Linux kernel, in order to obtain sensitive information.
Complete Vigil@nce bulletin.... (free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about Novell openSUSE: