The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of SunOS

vulnerability CVE-2015-5073

PCRE: buffer overflow of find_fixedlength

Synthesis of the vulnerability

An attacker can generate a buffer overflow in find_fixedlength of PCRE, in order to trigger a denial of service, and possibly to run code.
Impacted products: BIG-IP Hardware, TMOS, Fedora, openSUSE, openSUSE Leap, Solaris, RHEL, Nessus, Ubuntu.
Severity: 2/4.
Consequences: user access/rights, denial of service on service, denial of service on client.
Provenance: document.
Creation date: 15/07/2015.
Identifiers: bulletinjul2015, CERTFR-2018-AVI-288, CVE-2015-5073, FEDORA-2015-11019, FEDORA-2015-11027, FEDORA-2016-f59a8ff5d0, FEDORA-2016-fd1199dbe2, openSUSE-SU-2016:2805-1, openSUSE-SU-2016:3099-1, RHSA-2016:1025-01, RHSA-2016:1132-01, RHSA-2016:2750-01, SOL17331, TNS-2018-08, USN-2694-1, USN-2943-1, VIGILANCE-VUL-17390.

Description of the vulnerability

An attacker can generate a buffer overflow in find_fixedlength of PCRE, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note CVE-2015-3210

PCRE: buffer overflow of pcre_compile2

Synthesis of the vulnerability

An attacker can generate a buffer overflow in pcre_compile2 of PCRE, in order to trigger a denial of service, and possibly to run code.
Impacted products: BIG-IP Hardware, TMOS, Fedora, openSUSE, openSUSE Leap, Solaris, RHEL, Slackware, Ubuntu.
Severity: 2/4.
Consequences: user access/rights, denial of service on service, denial of service on client.
Provenance: document.
Creation date: 15/07/2015.
Identifiers: bulletinjul2015, CVE-2015-3210, FEDORA-2015-11019, FEDORA-2015-11027, FEDORA-2016-f59a8ff5d0, FEDORA-2016-fd1199dbe2, openSUSE-SU-2016:2805-1, openSUSE-SU-2016:3099-1, RHSA-2016:1132-01, RHSA-2016:2750-01, SOL17235, SSA:2015-328-01, USN-2694-1, USN-2943-1, VIGILANCE-VUL-17389.

Description of the vulnerability

An attacker can generate a buffer overflow in pcre_compile2 of PCRE, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2015-0253 CVE-2015-3183 CVE-2015-3185

Apache httpd: three vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Apache httpd.
Impacted products: Apache httpd, Debian, BIG-IP Hardware, TMOS, Fedora, HP-UX, Domino, Tivoli System Automation, WebSphere AS Traditional, openSUSE, Solaris, Puppet, RHEL, JBoss EAP by Red Hat, SAS Add-in for Microsoft Office, SAS Analytics Pro, Base SAS Software, SAS Enterprise BI Server, SAS Enterprise Guide, SAS Management Console, SAS OLAP Server, SAS SAS/ACCESS, SAS SAS/AF, SAS SAS/CONNECT, SAS SAS/EIS, SAS SAS/ETS, SAS SAS/FSP, SAS SAS/GRAPH, SAS SAS/IML, SAS SAS/OR, SAS SAS/STAT, SAS SAS/Web Report Studio, Slackware, Synology DS***, Synology RS***, Ubuntu.
Severity: 3/4.
Consequences: user access/rights, denial of service on service.
Provenance: document.
Number of vulnerabilities in this bulletin: 3.
Creation date: 15/07/2015.
Identifiers: 1963361, 1965444, 1967197, 1969062, bulletinoct2015, c04832246, c04926789, CVE-2015-0253, CVE-2015-3183, CVE-2015-3185, DSA-3325-1, DSA-3325-2, FEDORA-2015-11689, FEDORA-2015-11792, HPSBUX03435, HPSBUX03512, openSUSE-SU-2015:1684-1, RHSA-2015:1666-01, RHSA-2015:1667-01, RHSA-2015:1668-01, RHSA-2015:2659-01, RHSA-2015:2660-01, RHSA-2015:2661-01, RHSA-2016:0062-01, RHSA-2016:2054-01, RHSA-2016:2055-01, RHSA-2016:2056-01, SOL17251, SSA:2015-198-01, SSRT102254, SSRT102977, USN-2686-1, VIGILANCE-VUL-17378.

Description of the vulnerability

Several vulnerabilities were announced in Apache httpd.

An attacker can generate an error during the analysis of the HTTP Chunk header, in order to trigger a denial of service, and possibly to run code. [severity:3/4; CVE-2015-3183]

The ap_some_auth_required directive is not honored, so an attacker can access to the service with no authentication. [severity:2/4; CVE-2015-3185]

When the configuration of "ErrorDocument 400" points to a local url/file, and when the INCLUDES filter is enabled, an attacker can trigger a denial of service. [severity:2/4; CVE-2015-0253]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2015-2582 CVE-2015-2611 CVE-2015-2617

Oracle MySQL: several vulnerabilities of July 2015

Synthesis of the vulnerability

Several vulnerabilities of Oracle MySQL were announced in July 2015.
Impacted products: Debian, Fedora, Junos Space, MariaDB ~ precise, MySQL Community, MySQL Enterprise, openSUSE, Solaris, Percona Server, RHEL, Ubuntu.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights, user access/rights, data reading, data creation/edition, data deletion, denial of service on service.
Provenance: internet client.
Number of vulnerabilities in this bulletin: 18.
Creation date: 15/07/2015.
Identifiers: bulletinapr2016, bulletinapr2017, bulletinjul2016, CERTFR-2015-AVI-304, CERTFR-2015-AVI-431, CERTFR-2016-AVI-300, cpujul2015, CVE-2015-2582, CVE-2015-2611, CVE-2015-2617, CVE-2015-2620, CVE-2015-2639, CVE-2015-2641, CVE-2015-2643, CVE-2015-2648, CVE-2015-2661, CVE-2015-4737, CVE-2015-4752, CVE-2015-4756, CVE-2015-4757, CVE-2015-4761, CVE-2015-4767, CVE-2015-4769, CVE-2015-4771, CVE-2015-4772, DSA-3308-1, FEDORA-2015-12544, FEDORA-2015-12570, FEDORA-2015-13482, JSA10698, openSUSE-SU-2015:1629-1, RHSA-2015:1628-01, RHSA-2015:1629-01, RHSA-2015:1630-01, RHSA-2015:1646-01, RHSA-2015:1647-01, RHSA-2015:1665-01, USN-2674-1, VIGILANCE-VUL-17375.

Description of the vulnerability

Several vulnerabilities were announced in Oracle MySQL.

An attacker can use a vulnerability of Server : Partition, in order to obtain information, to alter information, or to trigger a denial of service. [severity:2/4; CVE-2015-2617]

An attacker can use a vulnerability of Server : DML, in order to trigger a denial of service. [severity:2/4; CVE-2015-2648]

An attacker can use a vulnerability of Server : DML, in order to trigger a denial of service. [severity:2/4; CVE-2015-2611]

An attacker can use a vulnerability of Server : GIS, in order to trigger a denial of service. [severity:2/4; CVE-2015-2582]

An attacker can use a vulnerability of Server : I_S, in order to trigger a denial of service. [severity:2/4; CVE-2015-4752]

An attacker can use a vulnerability of Server : InnoDB, in order to trigger a denial of service. [severity:2/4; CVE-2015-4756]

An attacker can use a vulnerability of Server : Optimizer, in order to trigger a denial of service. [severity:2/4; CVE-2015-2643]

An attacker can use a vulnerability of Server : Partition, in order to trigger a denial of service. [severity:2/4; CVE-2015-4772]

An attacker can use a vulnerability of Server : Memcached, in order to trigger a denial of service. [severity:2/4; CVE-2015-4761]

An attacker can use a vulnerability of Server : Optimizer, in order to trigger a denial of service. [severity:2/4; CVE-2015-4757]

An attacker can use a vulnerability of Server : Pluggable Auth, in order to obtain information. [severity:2/4; CVE-2015-4737]

An attacker can use a vulnerability of Server : RBR, in order to trigger a denial of service. [severity:2/4; CVE-2015-4771]

An attacker can use a vulnerability of Server : Security : Firewall, in order to trigger a denial of service. [severity:2/4; CVE-2015-4769]

An attacker can use a vulnerability of Server : Security : Firewall, in order to alter information. [severity:2/4; CVE-2015-2639]

An attacker can use a vulnerability of Server : Security : Privileges, in order to obtain information. [severity:2/4; CVE-2015-2620]

An attacker can use a vulnerability of Server : Security : Privileges, in order to trigger a denial of service. [severity:2/4; CVE-2015-2641]

An attacker can use a vulnerability of Client, in order to trigger a denial of service. [severity:1/4; CVE-2015-2661]

An attacker can use a vulnerability of Server : Security : Firewall, in order to trigger a denial of service. [severity:1/4; CVE-2015-4767]
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2015-2580 CVE-2015-2589 CVE-2015-2609

Oracle Solaris: several vulnerabilities of July 2015

Synthesis of the vulnerability

Several vulnerabilities of Oracle Solaris were announced in July 2015.
Impacted products: Solaris.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights, user access/rights, data reading, data creation/edition, data deletion, denial of service on service, denial of service on client.
Provenance: internet client.
Number of vulnerabilities in this bulletin: 9.
Creation date: 15/07/2015.
Identifiers: CERTFR-2015-AVI-308, cpujul2015, CVE-2015-2580, CVE-2015-2589, CVE-2015-2609, CVE-2015-2614, CVE-2015-2616, CVE-2015-2631, CVE-2015-2651, CVE-2015-2662, CVE-2015-4770, VIGILANCE-VUL-17374.

Description of the vulnerability

Several vulnerabilities were announced in Oracle Solaris.

An attacker can use a vulnerability of rmformat, in order to obtain information, to alter information, or to trigger a denial of service. [severity:2/4; CVE-2015-2631]

An attacker can use a vulnerability of CPU Performance Counters Drivers, in order to trigger a denial of service. [severity:2/4; CVE-2015-2609]

An attacker can use a vulnerability of NVM Express SSD Driver, in order to trigger a denial of service. [severity:2/4; CVE-2015-2614]

An attacker can use a vulnerability of S10 Branded Zone, in order to trigger a denial of service. [severity:2/4; CVE-2015-2589]

An attacker can use a vulnerability of UNIX Filesystem, in order to trigger a denial of service. [severity:2/4; CVE-2015-4770]

An attacker can use a vulnerability of Solaris Cluster DevFS, in order to trigger a denial of service. [severity:2/4; CVE-2015-2616]

An attacker can use a vulnerability of Kernel Zones Virtualized NIC Driver, in order to trigger a denial of service. [severity:2/4; CVE-2015-2651]

An attacker can use a vulnerability of DHCP Server, in order to trigger a denial of service. [severity:1/4; CVE-2015-2662]

An attacker can use a vulnerability of NFSv4, in order to trigger a denial of service. [severity:1/4; CVE-2015-2580]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2015-1793

OpenSSL: X.509 certification chain forgery

Synthesis of the vulnerability

An attacker can force OpenSSL to accept spoofed certificates, in order to listen for encrypted communications or bypass signature based authentication.
Impacted products: DCFM Enterprise, Brocade Network Advisor, Brocade vTM, ASA, Cisco Catalyst, IOS XE Cisco, Nexus by Cisco, NX-OS, Prime Infrastructure, Cisco PRSM, Cisco Router, Cisco CUCM, Clearswift Email Gateway, BIG-IP Hardware, TMOS, Fedora, FileZilla Server, FreeBSD, hMailServer, HP Switch, HP-UX, IRAD, Juniper J-Series, Junos OS, McAfee Email Gateway, McAfee NGFW, Nodejs Core, OpenSSL, Oracle Communications, Solaris, Slackware, Splunk Enterprise, stunnel, Synology DSM, Synology DS***, Synology RS***, Nessus, Websense Web Security, WinSCP, X2GoClient.
Severity: 3/4.
Consequences: client access/rights, data reading, data creation/edition.
Provenance: internet client.
Creation date: 09/07/2015.
Identifiers: 1962398, 1963151, BSA-2015-009, bulletinjul2015, c04760669, c05184351, CERTFR-2015-AVI-285, CERTFR-2015-AVI-431, cisco-sa-20150710-openssl, cpuoct2017, CVE-2015-1793, FEDORA-2015-11414, FEDORA-2015-11475, FreeBSD-SA-15:12.openssl, HPSBHF03613, HPSBUX03388, JSA10694, SB10125, SOL16937, SPL-103044, SSA:2015-190-01, SSRT102180, VIGILANCE-VUL-17337.

Description of the vulnerability

A certificate validation begins with the creation of a certificate chain, where each certificate provides the public key used to check the signature of the next certificate.

The creation of this chain may be non deterministic, especially when some identification X.509v3 extensions like "Authority Key Identifier" are not provided. When a candidate chain does not allow to validate a given certificate, OpenSSL 1.0.1 and 1.0.2 attempt to find another candidate chain. However, during these attempts, some required checks on the chain are not performed anymore. As a consequence, an attacker can make OpenSSL use its own certificate as a CA certificate, even if it includes the "basicConstraint" extension stating "CA: no". So it can create certificates for any name.

This vulnerability impacts clients checking a server certificate, and TLS servers checking a client certificate.

An attacker can therefore force OpenSSL to accept spoofed certificates, in order to listen for encrypted communications or bypass signature based authentication.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2015-5143 CVE-2015-5144

Django: two vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Django.
Impacted products: Debian, Fedora, openSUSE, Solaris, RHEL, Ubuntu.
Severity: 2/4.
Consequences: data creation/edition, denial of service on client.
Provenance: internet client.
Number of vulnerabilities in this bulletin: 2.
Creation date: 09/07/2015.
Identifiers: bulletinoct2015, CVE-2015-5143, CVE-2015-5144, DSA-3305-1, FEDORA-2015-11403, FEDORA-2015-1dd5bc998f, openSUSE-SU-2015:1802-1, openSUSE-SU-2015:1813-1, RHSA-2015:1678-01, RHSA-2015:1686-01, USN-2671-1, VIGILANCE-VUL-17336.

Description of the vulnerability

An attacker can use several vulnerabilities of Django.

An attacker can can saturate the area used for session storage. [severity:1/4; CVE-2015-5143]

An attacker can bypass the validation of request parameters by inserting newline characters. [severity:2/4; CVE-2015-5144]
Full Vigil@nce bulletin... (Free trial)

vulnerability alert CVE-2015-5146

NTP.org: denial of service via a nul byte in the configuration

Synthesis of the vulnerability

An attacker can send a configuration packet including nul bytes to the server from NTP.org, in order to trigger a denial of service.
Impacted products: Debian, BIG-IP Hardware, TMOS, Fedora, Meinberg NTP Server, NTP.org, Solaris, Slackware, Ubuntu.
Severity: 1/4.
Consequences: denial of service on service.
Provenance: intranet server.
Creation date: 08/07/2015.
Identifiers: bulletinjan2016, CVE-2015-5146, DSA-3388-1, FEDORA-2015-14212, FEDORA-2015-77bfbc1bcd, SOL17114, SSA:2015-188-03, USN-2783-1, VIGILANCE-VUL-17321.

Description of the vulnerability

The NTP server from NTP.org may receive its configuration via the network.

When this function is enabled and the configuration packet is authenticated with a password, the server attempts to update its configuration. However, the parser does not handle all syntax errors: a zero byte in a directive triggers a fatal exception.

An attacker can therefore send a configuration packet including nul bytes to the server from NTP.org, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note CVE-2015-2721 CVE-2015-2722 CVE-2015-2724

Mozilla Firefox, Thunderbird, SeaMonkey: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Firefox, Thunderbird, SeaMonkey.
Impacted products: Debian, Fedora, Firefox, Thunderbird, openSUSE, Solaris, RHEL, Slackware, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 4/4.
Consequences: user access/rights, data reading, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 13.
Creation date: 03/07/2015.
Identifiers: bulletinjul2015, bulletinoct2015, CERTFR-2015-AVI-279, CVE-2015-2721, CVE-2015-2722, CVE-2015-2724, CVE-2015-2725, CVE-2015-2726, CVE-2015-2727, CVE-2015-2728, CVE-2015-2729, CVE-2015-2730, CVE-2015-2731, CVE-2015-2733, CVE-2015-2734, CVE-2015-2735, CVE-2015-2736, CVE-2015-2737, CVE-2015-2738, CVE-2015-2739, CVE-2015-2740, CVE-2015-2741, CVE-2015-2742, CVE-2015-2743, CVE-2015-4000, DSA-3300-1, DSA-3324-1, FEDORA-2015-11387, FEDORA-2015-11480, FEDORA-2015-11502, FEDORA-2015-11598, Logjam, MFSA-2015-59, MFSA-2015-60, MFSA-2015-61, MFSA-2015-62, MFSA-2015-63, MFSA-2015-64, MFSA-2015-65, MFSA-2015-66, MFSA-2015-67, MFSA-2015-68, MFSA-2015-69, MFSA-2015-70, MFSA-2015-71, openSUSE-SU-2015:1229-1, openSUSE-SU-2015:1266-1, RHSA-2015:1207-01, RHSA-2015:1455-01, SSA:2015-188-02, SSA:2015-192-01, SUSE-SU-2015:1268-1, SUSE-SU-2015:1268-2, SUSE-SU-2015:1269-1, SUSE-SU-2015:1449-1, USN-2656-1, USN-2656-2, USN-2672-1, USN-2673-1, VIGILANCE-VUL-17299.

Description of the vulnerability

Several vulnerabilities were announced in Firefox, Thunderbird, SeaMonkey.

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; CVE-2015-2724, CVE-2015-2725, CVE-2015-2726, MFSA-2015-59]

An attacker can open a special Chrome URL, in order to escalate his privileges. [severity:2/4; CVE-2015-2727, MFSA-2015-60]

An attacker can generate a memory corruption in IDBDatabase, in order to trigger a denial of service, and possibly to execute code. [severity:3/4; CVE-2015-2728, MFSA-2015-61]

An attacker can read a memory fragment, in order to obtain sensitive information. [severity:1/4; CVE-2015-2729, MFSA-2015-62]

An attacker can force the usage of a freed memory area, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; CVE-2015-2731, MFSA-2015-63]

An attacker can create an invalid ECDSA signature which will be accepted by Firefox (VIGILANCE-VUL-17694). [severity:2/4; CVE-2015-2730, MFSA-2015-64]

An attacker can force the usage of a freed memory area with an XMLHttpRequest object, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; CVE-2015-2722, CVE-2015-2733, MFSA-2015-65]

An attacker can generate several memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; CVE-2015-2734, CVE-2015-2735, CVE-2015-2736, CVE-2015-2737, CVE-2015-2738, CVE-2015-2739, CVE-2015-2740, MFSA-2015-66]

An attacker can make Firefox/Thunderbird accept an invalid certificate that was explicitly accepted by the end user, while the acceptation conditions are not fulfilled anymore. [severity:2/4; CVE-2015-2741, MFSA-2015-67]

An attacker can read the crash reports created on MacOS X, inorder to retrieve a few recent keystrokes. [severity:1/4; CVE-2015-2742, MFSA-2015-68]

An attacker can bypass security features in PDF.js, in order to escalate his privileges. [severity:3/4; CVE-2015-2743, MFSA-2015-69]

NSS accepts weak Diffie-Hellman keys. See VIGILANCE-VUL-16950 [severity:2/4; CVE-2015-4000, Logjam, MFSA-2015-70]

NSS does not reject TLS negotiation with the algorithms ECDH + ECDSA when the ServerKeyExchange message is missing (VIGILANCE-VUL-17695). [severity:2/4; CVE-2015-2721, MFSA-2015-71]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2014-9390

git: code execution via cas insensitive filesystems

Synthesis of the vulnerability

An attacker who controls a git server, can inject commands in the client side, if this one use a filesystem where 2 filenames can not coexist in a directory if they differ only in their case.
Impacted products: Fedora, openSUSE, Solaris, Ubuntu.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights, user access/rights.
Provenance: internet server.
Creation date: 22/06/2015.
Identifiers: bulletinapr2015, CVE-2014-9390, FEDORA-2014-17341, MDVSA-2015:169, openSUSE-SU-2015:0159-1, openSUSE-SU-2015:0673-1, openSUSE-SU-2015:1096-1, USN-2470-1, VIGILANCE-VUL-17195.

Description of the vulnerability

An attacker who controls a git server, can inject commands in the client side, if this one use a filesystem where 2 filenames can not coexist in a directory if they differ only in their case.

The filesystems from Microsoft (FAT, NTFS) are the main concerned ones.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about SunOS: