The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of SunOS

computer vulnerability alert CVE-2014-9365

Python: bypassing X.509 check

Synthesis of the vulnerability

An attacker can setup a malicious HTTPS server, and invite a Python client to connect, without detecting that the web server uses the certificate from another site.
Impacted products: BIG-IP Hardware, TMOS, MBS, Solaris, Python, RHEL.
Severity: 2/4.
Consequences: user access/rights, data reading, data creation/edition.
Provenance: internet server.
Confidence: confirmed by the editor (5/5).
Creation date: 11/12/2014.
Identifiers: bulletinjan2015, bulletinoct2015, CVE-2014-9365, K11068141, MDVSA-2015:075, RHSA-2017:1868-01, VIGILANCE-VUL-15786.

Description of the vulnerability

An SSL client must check that the host name included in the X.509 certificate received from the server is the one of the targeted server.

However, HTTPS clients of Python do not perform this check.

An attacker can therefore setup a malicious HTTPS server, and invite a Python client to connect, without detecting that the web server uses the certificate from another site.
Complete Vigil@nce bulletin.... (Free trial)

vulnerability CVE-2014-8091 CVE-2014-8092 CVE-2014-8093

X.Org Server: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of X.Org Server.
Impacted products: Debian, Fedora, MBS, NetBSD, OpenBSD, openSUSE, Solaris, RHEL, Slackware, SUSE Linux Enterprise Desktop, SLES, Ubuntu, XOrg Bundle ~ not comprehensive.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights, denial of service on service.
Provenance: user account.
Confidence: confirmed by the editor (5/5).
Creation date: 09/12/2014.
Identifiers: bulletinjan2015, bulletinoct2015, CVE-2014-8091, CVE-2014-8092, CVE-2014-8093, CVE-2014-8094, CVE-2014-8095, CVE-2014-8096, CVE-2014-8097, CVE-2014-8098, CVE-2014-8099, CVE-2014-8100, CVE-2014-8101, CVE-2014-8102, CVE-2014-8103, DSA-3095-1, FEDORA-2014-16600, FEDORA-2014-16623, FEDORA-2015-3948, FEDORA-2015-3964, MDVSA-2015:119, NetBSD-SA2015-001, openSUSE-SU-2014:1719-1, RHSA-2014:1982-01, RHSA-2014:1983-01, SSA:2014-356-03, SUSE-SU-2015:0045-1, USN-2436-1, USN-2436-2, USN-2438-1, VIGILANCE-VUL-15760.

Description of the vulnerability

Several vulnerabilities were announced in X.Org Server.

An attacker can force a NULL pointer to be dereferenced in SUN-DES-1, in order to trigger a denial of service. [severity:1/4; CVE-2014-8091]

An attacker can generate an integer overflow in X11 Core, in order to trigger a denial of service, and possibly to execute code. [severity:2/4; CVE-2014-8092]

An attacker can generate an integer overflow in GLX, in order to trigger a denial of service, and possibly to execute code. [severity:2/4; CVE-2014-8093]

An attacker can generate an integer overflow in DRI2, in order to trigger a denial of service, and possibly to execute code. [severity:2/4; CVE-2014-8094]

An attacker can generate a buffer overflow in XInput, in order to trigger a denial of service, and possibly to execute code. [severity:2/4; CVE-2014-8095]

An attacker can generate a buffer overflow in XC-MISC, in order to trigger a denial of service, and possibly to execute code. [severity:2/4; CVE-2014-8096]

An attacker can generate a buffer overflow in DBE, in order to trigger a denial of service, and possibly to execute code. [severity:2/4; CVE-2014-8097]

An attacker can generate a buffer overflow in GLX, in order to trigger a denial of service, and possibly to execute code. [severity:2/4; CVE-2014-8098]

An attacker can generate a buffer overflow in XVideo, in order to trigger a denial of service, and possibly to execute code. [severity:2/4; CVE-2014-8099]

An attacker can generate a buffer overflow in Render, in order to trigger a denial of service, and possibly to execute code. [severity:2/4; CVE-2014-8100]

An attacker can generate a buffer overflow in RandR, in order to trigger a denial of service, and possibly to execute code. [severity:2/4; CVE-2014-8101]

An attacker can generate a buffer overflow in XFixes, in order to trigger a denial of service, and possibly to execute code. [severity:2/4; CVE-2014-8102]

An attacker can generate a buffer overflow in DRI3, in order to trigger a denial of service, and possibly to execute code. [severity:2/4; CVE-2014-8103]
Complete Vigil@nce bulletin.... (Free trial)

vulnerability note CVE-2014-8500

ISC BIND: infinite loop of Delegation

Synthesis of the vulnerability

An attacker, who owns a malicious DNS server and who invites a client of BIND to query this server, can generate an infinite loop in the delegation processing of ISC BIND, in order to trigger a denial of service.
Impacted products: Debian, BIG-IP Hardware, TMOS, Fedora, FreeBSD, HP-UX, AIX, BIND, Junos OS, MBS, NetBSD, OpenBSD, openSUSE, Solaris, RHEL, Slackware, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 3/4.
Consequences: denial of service on server, denial of service on service, denial of service on client.
Provenance: internet server.
Confidence: confirmed by the editor (5/5).
Creation date: 09/12/2014.
Identifiers: AA-01216, bulletinjan2015, c04550240, c04769567, CERTFR-2014-AVI-512, CERTFR-2015-AVI-146, CVE-2014-8500, DSA-3094-1, FEDORA-2014-16557, FEDORA-2014-16576, FEDORA-2014-16607, FreeBSD-SA-14:29.bind, FreeBSD-SA-14:30.unbound, HPSBUX03235, HPSBUX03400, JSA10676, MDVSA-2014:238, MDVSA-2015:165, NetBSD-SA2015-002, openSUSE-SU-2015:1250-1, openSUSE-SU-2015:1250-2, RHSA-2014:1984-01, RHSA-2014:1985-01, RHSA-2016:0078-01, SOL15927, SSA:2014-344-01, SSA:2015-111-01, SSRT101750, SSRT102211, SUSE-SU-2015:0011-1, SUSE-SU-2015:0011-2, SUSE-SU-2015:0096-1, SUSE-SU-2015:0480-1, SUSE-SU-2015:0488-1, USN-2437-1, VIGILANCE-VUL-15754, VU#264212.

Description of the vulnerability

The ISC BIND product can be configured as a Recursive Resolver.

In this case, when a server indicates a delegation, BIND sends a second query to this other server. However, there is no limit on the number of delegations.

An attacker, who owns a malicious DNS server and who invites a client of BIND to query this server, can therefore generate an infinite loop in the delegation processing of ISC BIND, in order to trigger a denial of service.
Complete Vigil@nce bulletin.... (Free trial)

vulnerability note CVE-2014-3158

ppp: integer overflow of pppd/options.c

Synthesis of the vulnerability

An attacker can generate an integer overflow in pppd/options.c of ppp, in order to trigger a denial of service, and possibly to execute code with root privileges.
Impacted products: Debian, Fedora, MBS, openSUSE, Solaris, Slackware, Ubuntu, Unix (platform) ~ not comprehensive.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights, denial of service on service.
Provenance: user shell.
Confidence: confirmed by the editor (5/5).
Creation date: 01/12/2014.
Identifiers: bulletinapr2015, CVE-2014-3158, DSA-3079-1, FEDORA-2014-9401, FEDORA-2014-9412, MDVSA-2014:178, MDVSA-2015:135, openSUSE-SU-2014:1135-1, SSA:2015-111-11, USN-2429-1, VIGILANCE-VUL-15724.

Description of the vulnerability

The ppp suite implements the PPP protocol.

However, if an option provided by a local user is too large, an integer overflows, and the getword() function of the pppd/options.c file continues to write in memory.

An attacker can therefore generate an integer overflow in pppd/options.c of ppp, in order to trigger a denial of service, and possibly to execute code with root privileges.
Complete Vigil@nce bulletin.... (Free trial)

vulnerability CVE-2014-8962 CVE-2014-9028

FLAC: two vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of FLAC.
Impacted products: Debian, Fedora, MBS, openSUSE, Solaris, RHEL, Ubuntu.
Severity: 3/4.
Consequences: user access/rights, denial of service on service, denial of service on client.
Provenance: document.
Confidence: confirmed by the editor (5/5).
Creation date: 25/11/2014.
Identifiers: bulletinjan2015, CVE-2014-8962, CVE-2014-9028, DSA-3082-1, FEDORA-2014-16148, FEDORA-2014-16175, FEDORA-2014-16251, FEDORA-2014-16258, FEDORA-2014-16270, FEDORA-2014-16272, FEDORA-2015-13145, FEDORA-2015-13160, MDVSA-2014:239, MDVSA-2015:188, oCERT 2014-008, openSUSE-SU-2014:1588-1, RHSA-2015:0767-01, USN-2426-1, VIGILANCE-VUL-15700.

Description of the vulnerability

Several vulnerabilities were announced in FLAC.

An attacker can generate a buffer overflow in find_metadata_, in order to trigger a denial of service, and possibly to execute code. [severity:3/4; CVE-2014-8962]

An attacker can generate a buffer overflow in read_residual_partitioned_rice_, in order to trigger a denial of service, and possibly to execute code. [severity:3/4; CVE-2014-9028]
Complete Vigil@nce bulletin.... (Free trial)

computer vulnerability note CVE-2014-8964

PCRE: buffer overflow of Zero Minimum Repeat

Synthesis of the vulnerability

An attacker can generate a buffer overflow via a Zero Minimum Repeat in PCRE, in order to trigger a denial of service, and possibly to execute code.
Impacted products: FabricOS, Brocade Network Advisor, Brocade vTM, Fedora, MBS, MongoDB, openSUSE, openSUSE Leap, Solaris, RHEL, SUSE Linux Enterprise Desktop, SLES, Nessus, Ubuntu, Unix (platform) ~ not comprehensive.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights, user access/rights, denial of service on server, denial of service on service, denial of service on client.
Provenance: document.
Confidence: confirmed by the editor (5/5).
Creation date: 20/11/2014.
Identifiers: BSA-2016-006, bulletinjul2015, CERTFR-2018-AVI-288, CVE-2014-8964, FEDORA-2014-15573, FEDORA-2014-16215, FEDORA-2014-16224, FEDORA-2014-17624, FEDORA-2014-17626, FEDORA-2014-17642, MDVSA-2015:002, MDVSA-2015:137, openSUSE-SU-2015:0858-1, openSUSE-SU-2015:1216-1, openSUSE-SU-2016:3099-1, RHSA-2015:0330-02, SUSE-SU-2015:1273-1, TNS-2018-08, USN-2694-1, VIGILANCE-VUL-15679.

Description of the vulnerability

The PCRE suite implements Perl regular expressions.

The syntax "(?...)" defines an optional group. However, the engine incorrectly processes included optional groups (Zero Minimum Repeat), which generates an overflow.

An attacker can therefore generate a buffer overflow via a Zero Minimum Repeat in PCRE, in order to trigger a denial of service, and possibly to execute code.
Complete Vigil@nce bulletin.... (Free trial)

vulnerability CVE-2014-8767 CVE-2014-8768 CVE-2014-8769

tcpdump: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of tcpdump.
Impacted products: Debian, Fedora, AIX, MBS, openSUSE, openSUSE Leap, Solaris, tcpdump, Ubuntu, Unix (platform) ~ not comprehensive.
Severity: 2/4.
Consequences: denial of service on service, denial of service on client.
Provenance: intranet client.
Confidence: confirmed by the editor (5/5).
Creation date: 18/11/2014.
Identifiers: bulletinjul2015, CVE-2014-8767, CVE-2014-8768, CVE-2014-8769, DSA-3086-1, FEDORA-2014-15541, FEDORA-2014-15549, MDVSA-2014:240, MDVSA-2015:125, openSUSE-SU-2015:0284-1, openSUSE-SU-2017:1199-1, USN-2433-1, VIGILANCE-VUL-15660.

Description of the vulnerability

Several vulnerabilities were announced in tcpdump.

An attacker can send a malicious OLSR packet, in order to trigger a denial of service. [severity:2/4; CVE-2014-8767]

An attacker can send a malicious Geonet packet, in order to trigger a denial of service. [severity:2/4; CVE-2014-8768]

An attacker can send malicious AOVD packets, in order to force tcpdump to display invalid data. [severity:1/4; CVE-2014-8769]
Complete Vigil@nce bulletin.... (Free trial)

computer vulnerability bulletin CVE-2014-3710

PHP: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of PHP.
Impacted products: Debian, MBS, Solaris, PHP, Slackware, Synology DSM.
Severity: 2/4.
Consequences: user access/rights, denial of service on service.
Provenance: internet client.
Confidence: confirmed by the editor (5/5).
Creation date: 14/11/2014.
Identifiers: bulletinjul2015, CERTFR-2014-AVI-483, CVE-2014-3710, DSA-3074-1, DSA-3074-2, MDVSA-2015:080, SSA:2014-356-02, VIGILANCE-VUL-15648.

Description of the vulnerability

Several vulnerabilities were announced in PHP.

An attacker can create a malformed ELF file, to force a read at an invalid address in the donote() function of fileinfo, in order to trigger a denial of service (VIGILANCE-VUL-15626). [severity:1/4; CVE-2014-3710]

An attacker can generate a buffer overflow in php_getopt(), in order to trigger a denial of service, and possibly to execute code. [severity:2/4]

An attacker can generate a buffer overflow in zend_hash_copy, in order to trigger a denial of service, and possibly to execute code. [severity:2/4]

An attacker can generate a buffer overflow in libmagic/readcdf.c, in order to trigger a denial of service, and possibly to execute code. [severity:2/4]
Complete Vigil@nce bulletin.... (Free trial)

computer vulnerability CVE-2014-8710 CVE-2014-8711 CVE-2014-8712

Wireshark: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Wireshark.
Impacted products: Debian, Fedora, MBS, openSUSE, Solaris, RHEL, Wireshark.
Severity: 2/4.
Consequences: user access/rights, denial of service on service, denial of service on client.
Provenance: intranet client.
Confidence: confirmed by the editor (5/5).
Creation date: 13/11/2014.
Identifiers: bulletinjan2015, CERTFR-2014-AVI-481, CVE-2014-8710, CVE-2014-8711, CVE-2014-8712, CVE-2014-8713, CVE-2014-8714, DSA-3076-1, FEDORA-2014-15244, MDVSA-2014:223, openSUSE-SU-2014:1503-1, RHSA-2015:1460-01, RHSA-2015:2393-01, VIGILANCE-VUL-15635, wnpa-sec-2014-20, wnpa-sec-2014-21, wnpa-sec-2014-22, wnpa-sec-2014-23.

Description of the vulnerability

Several vulnerabilities were announced in Wireshark.

An attacker can generate a buffer overflow in SigComp UDVM, in order to trigger a denial of service, and possibly to execute code. [severity:2/4; CVE-2014-8710, wnpa-sec-2014-20]

An attacker can send a malicious AMQP packet, in order to trigger a denial of service. [severity:1/4; CVE-2014-8711, wnpa-sec-2014-21]

An attacker can send a malicious NCP packet, in order to trigger a denial of service. [severity:1/4; CVE-2014-8712, wnpa-sec-2014-22]

An attacker can send a malicious NCP packet, in order to trigger a denial of service. [severity:1/4; CVE-2014-8713, wnpa-sec-2014-22]

An attacker can generate an infinite loop in TN5250, in order to trigger a denial of service. [severity:1/4; CVE-2014-8714, wnpa-sec-2014-23]
Complete Vigil@nce bulletin.... (Free trial)

computer vulnerability alert CVE-2014-3710

Fine Free file: unreachable memory reading via ELF donote

Synthesis of the vulnerability

An attacker can create a malformed ELF file, to force a read at an invalid address in the donote() function of file, in order to trigger a denial of service.
Impacted products: Debian, Fedora, FreeBSD, MBS, openSUSE, Solaris, RHEL, Synology DSM, Ubuntu, Unix (platform) ~ not comprehensive.
Severity: 1/4.
Consequences: denial of service on client.
Provenance: document.
Confidence: confirmed by the editor (5/5).
Creation date: 12/11/2014.
Identifiers: bulletinjul2015, CVE-2014-3710, DSA-3072-1, FEDORA-2014-13571, FreeBSD-SA-14:28.file, MDVSA-2014:236, MDVSA-2015:080, openSUSE-SU-2014:1516-1, RHSA-2014:1765-01, RHSA-2014:1766-01, RHSA-2014:1767-01, RHSA-2014:1768-01, RHSA-2015:2155-07, RHSA-2016:0760-01, USN-2391-1, USN-2494-1, VIGILANCE-VUL-15626.

Description of the vulnerability

The file program is use to detect the type of a file.

However, the donote() function of the src/readelf.c file tries to read a memory area which is not reachable, which triggers a fatal error.

An attacker can therefore create a malformed ELF file, to force a read at an invalid address in the donote() function of file, in order to trigger a denial of service.
Complete Vigil@nce bulletin.... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about SunOS: