The Patriot Files Forums  

Go Back   The Patriot Files Forums > Military News > Cyber Warfare

Post New Thread  Reply
 
Thread Tools Display Modes
  #1  
Old 03-31-2015, 05:54 AM
The Patriot's Avatar
The Patriot The Patriot is offline
Senior Member
 

Join Date: Jun 2002
Posts: 1,386,283
Default SB15-089: Vulnerability Summary for the Week of March 23, 2015

SB15-089: Vulnerability Summary for the Week of March 23, 2015

03-30-2015 06:06 AM

Original release date: March 30, 2015
The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information.

The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:
  • High - Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 - 10.0
  • Medium - Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 - 6.9
  • Low - Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 - 3.9
Entries may include additional information provided by organizations and efforts sponsored by US-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of US-CERT analysis.



High Vulnerabilities

Primary
Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoarubanetworks -- arubaosThe "RAP console" feature in ArubaOS 5.x through 6.2.x, 6.3.x before 6.3.1.15, and 6.4.x before 6.4.2.4 on Aruba access points in Remote Access Point (AP) mode allows remote attackers to execute arbitrary commands via unspecified vectors.2015-03-247.2CVE-2015-1388
CONFIRMcisco -- iosThe Autonomic Networking Infrastructure (ANI) implementation in Cisco IOS 12.2, 12.4, 15.0, 15.2, 15.3, and 15.4 and IOS XE 3.10.xS through 3.13.xS before 3.13.1S allows remote attackers to spoof Autonomic Networking Registration Authority (ANRA) responses, and consequently bypass intended device and node access restrictions or cause a denial of service (disrupted domain access), via crafted AN messages, aka Bug ID CSCup62191.2015-03-269.0CVE-2015-0635
CISCOcisco -- iosThe Autonomic Networking Infrastructure (ANI) implementation in Cisco IOS 12.2, 12.4, 15.0, 15.2, 15.3, and 15.4 and IOS XE 3.10.xS through 3.13.xS before 3.13.1S allows remote attackers to cause a denial of service (disrupted domain access) via spoofed AN messages that reset a finite state machine, aka Bug ID CSCup62293.2015-03-267.8CVE-2015-0636
CISCOcisco -- iosThe Autonomic Networking Infrastructure (ANI) implementation in Cisco IOS 12.2, 12.4, 15.0, 15.2, 15.3, and 15.4 and IOS XE 3.10.xS through 3.13.xS before 3.13.1S allows remote attackers to cause a denial of service (device reload) via spoofed AN messages, aka Bug ID CSCup62315.2015-03-267.8CVE-2015-0637
CISCOcisco -- iosCisco IOS 12.2, 12.4, 15.0, 15.2, and 15.3, when a VRF interface is configured, allows remote attackers to cause a denial of service (interface queue wedge) via crafted ICMPv4 packets, aka Bug ID CSCsi02145.2015-03-267.1CVE-2015-0638
CISCOcisco -- ios_xeThe Common Flow Table (CFT) feature in Cisco IOS XE 3.6 and 3.7 before 3.7.1S, 3.8 before 3.8.0S, 3.9 before 3.9.0S, 3.10 before 3.10.0S, 3.11 before 3.11.0S, 3.12 before 3.12.0S, 3.13 before 3.13.0S, 3.14 before 3.14.0S, and 3.15 before 3.15.0S, when MMON or NBAR is enabled, allows remote attackers to cause a denial of service (device reload) via malformed IPv6 packets with IPv4 UDP encapsulation, aka Bug ID CSCua79665.2015-03-267.8CVE-2015-0639
CISCOcisco -- ios_xeThe high-speed logging (HSL) feature in Cisco IOS XE 2.x and 3.x before 3.10.4S, 3.11 before 3.11.3S, 3.12 before 3.12.1S, 3.13 before 3.13.0S, 3.14 before 3.14.0S, and 3.15 before 3.15.0S allows remote attackers to cause a denial of service (device reload) via large IP packets that require NAT and HSL processing after fragmentation, aka Bug ID CSCuo25741.2015-03-267.8CVE-2015-0640
CISCOcisco -- ios_xeCisco IOS XE 2.x and 3.x before 3.9.0S, 3.10 before 3.10.0S, 3.11 before 3.11.0S, 3.12 before 3.12.0S, 3.13 before 3.13.0S, 3.14 before 3.14.0S, and 3.15 before 3.15.0S allows remote attackers to cause a denial of service (device reload) via crafted IPv6 packets, aka Bug ID CSCub68073.2015-03-267.8CVE-2015-0641
CISCOcisco -- iosCisco IOS 12.2, 12.4, 15.0, 15.1, 15.2, 15.3, and 15.4 and IOS XE 2.5.x, 2.6.x, 3.1.xS through 3.12.xS before 3.12.3S, 3.2.xE through 3.7.xE before 3.7.1E, 3.3.xSG, 3.4.xSG, and 3.13.xS before 3.13.2S allow remote attackers to cause a denial of service (device reload) by sending malformed IKEv2 packets over (1) IPv4 or (2) IPv6, aka Bug ID CSCum36951.2015-03-267.8CVE-2015-0642
CONFIRM
CISCOcisco -- iosCisco IOS 12.2, 12.4, 15.0, 15.1, 15.2, 15.3, and 15.4 and IOS XE 2.5.x, 2.6.x, 3.1.xS through 3.12.xS before 3.12.3S, 3.2.xE through 3.7.xE before 3.7.1E, 3.3.xSG, 3.4.xSG, and 3.13.xS before 3.13.2S allow remote attackers to cause a denial of service (memory consumption and device reload) by sending malformed IKEv2 packets over (1) IPv4 or (2) IPv6, aka Bug ID CSCuo75572.2015-03-267.8CVE-2015-0643
CONFIRM
CISCOcisco -- ios_xeAppNav in Cisco IOS XE 3.8 through 3.10 before 3.10.3S, 3.11 before 3.11.3S, 3.12 before 3.12.1S, 3.13 before 3.13.0S, 3.14 before 3.14.0S, and 3.15 before 3.15.0S allows remote attackers to execute arbitrary code or cause a denial of service (device reload) via a crafted TCP packet, aka Bug ID CSCuo53622.2015-03-267.8CVE-2015-0644
CISCOcisco -- ios_xeThe Layer 4 Redirect (L4R) feature in Cisco IOS XE 2.x and 3.x before 3.10.4S, 3.11 before 3.11.3S, 3.12 before 3.12.2S, 3.13 before 3.13.1S, 3.14 before 3.14.0S, and 3.15 before 3.15.0S allows remote attackers to cause a denial of service (device reload) via malformed (1) IPv4 or (2) IPv6 packets, aka Bug ID CSCuq59131.2015-03-267.8CVE-2015-0645
CISCOcisco -- iosMemory leak in the TCP input module in Cisco IOS 12.2, 12.4, 15.0, 15.2, 15.3, and 15.4 and IOS XE 3.3.xXO, 3.5.xE, 3.6.xE, 3.8.xS through 3.10.xS before 3.10.5S, and 3.11.xS and 3.12.xS before 3.12.3S allows remote attackers to cause a denial of service (memory consumption or device reload) by sending crafted TCP packets over (1) IPv4 or (2) IPv6, aka Bug ID CSCum94811.2015-03-267.8CVE-2015-0646
CISCOcisco -- iosCisco IOS 12.2, 12.4, 15.0, 15.2, and 15.3 allows remote attackers to cause a denial of service (device reload) via malformed Common Industrial Protocol (CIP) UDP packets, aka Bug ID CSCum98371.2015-03-267.8CVE-2015-0647
CISCOcisco -- iosMemory leak in Cisco IOS 12.2, 12.4, 15.0, 15.2, and 15.3 allows remote attackers to cause a denial of service (memory consumption) via crafted Common Industrial Protocol (CIP) TCP packets, aka Bug ID CSCun49658.2015-03-267.8CVE-2015-0648
CISCOcisco -- iosCisco IOS 12.2, 12.4, 15.0, 15.2, and 15.3 allows remote attackers to cause a denial of service (device reload) via malformed Common Industrial Protocol (CIP) TCP packets, aka Bug ID CSCun63514.2015-03-267.8CVE-2015-0649
CISCOcisco -- iosThe Service Discovery Gateway (aka mDNS Gateway) in Cisco IOS 12.2, 12.4, 15.0, 15.1, 15.2, 15.3, and 15.4 and IOS XE 3.9.xS and 3.10.xS before 3.10.4S, 3.11.xS before 3.11.3S, 3.12.xS before 3.12.2S, and 3.13.xS before 3.13.1S allows remote attackers to cause a denial of service (device reload) by sending malformed mDNS UDP packets over (1) IPv4 or (2) IPv6, aka Bug ID CSCup70579.2015-03-267.8CVE-2015-0650
CISCOcitrix -- command_centerCitrix Command Center before 5.1 Build 35.4 and 5.2 before Build 42.7 does not properly restrict access to the Advent Java Management Extensions (JMX) Servlet, which allows remote attackers to execute arbitrary code via unspecified vectors to servlets/Jmx_dynamic.2015-03-267.5CVE-2015-2683
MISC
BUGTRAQ
CONFIRM
FULLDISC
MISCfutomi -- mp_form_mail_cgifutomi CGI Cafe MP Form Mail CGI eCommerce before 2.0.12 on Windows allows remote attackers to execute arbitrary Perl code via unspecified vectors.2015-03-207.5CVE-2015-0898
JVN
CONFIRM
JVNDB
CONFIRMgenixcms -- genixcmsMultiple SQL injection vulnerabilities in MetalGenix GeniXCMS before 0.0.2 allow remote attackers to execute arbitrary SQL commands via the (1) page parameter to index.php or (2) username parameter to gxadmin/login.php.2015-03-237.5CVE-2015-2679
CONFIRM
CONFIRM
CONFIRM
MISC
EXPLOIT-DB
MISC
OSVDB
OSVDB
CONFIRMibm -- general_parallel_file_systemIBM General Parallel File System (GPFS) 3.4 before 3.4.0.32, 3.5 before 3.5.0.24, and 4.1 before 4.1.0.7 allows local users to obtain root privileges for program execution via unspecified vectors.2015-03-237.2CVE-2015-0197
CONFIRMibm -- general_parallel_file_systemIBM General Parallel File System (GPFS) 3.4 before 3.4.0.32, 3.5 before 3.5.0.24, and 4.1 before 4.1.0.7 in certain cipherList configurations allows remote attackers to bypass authentication and execute arbitrary programs as root via unspecified vectors.2015-03-2310.0CVE-2015-0198
CONFIRMlinuxfoundation -- cups-filtersThe remove_bad_chars function in utils/cups-browsed.c in cups-filters before 1.0.66 allows remote IPP printers to execute arbitrary commands via consecutive shell metacharacters in the (1) model or (2) PDL. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2707.2015-03-247.5CVE-2015-2265
UBUNTU
CONFIRM
CONFIRMmozilla -- firefoxMozilla Firefox before 36.0.4, Firefox ESR 31.x before 31.5.3, and SeaMonkey before 2.33.1 allow remote attackers to bypass the Same Origin Policy and execute arbitrary JavaScript code with chrome privileges via vectors involving SVG hash navigation.2015-03-237.5CVE-2015-0818
CONFIRM
UBUNTU
SECTRACK
CONFIRM
DEBIAN
REDHAT
SUSE
SUSEsixapart -- movable_typeMovable Type before 5.2.6 does not properly use the Storable::thaw function, which allows remote attackers to execute arbitrary code via the comment_state parameter.2015-03-277.5CVE-2013-2184
MISC
DEBIAN
MLIST
MLISTsolarwinds -- firewall_security_manageruserlogin.jsp in SolarWinds Firewall Security Manager (FSM) before 6.6.5 HotFix1 allows remote attackers to gain privileges and execute arbitrary code via unspecified vectors, related to client session handling.2015-03-2410.0CVE-2015-2284
MISCtcpdump -- tcpdumpInteger signedness error in the mobility_opt_print function in the IPv6 mobility printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) or possibly execute arbitrary code via a negative length value.2015-03-247.5CVE-2015-0261
CONFIRM
SECTRACK
BUGTRAQ
DEBIAN
MISCtcpdump -- tcpdumpThe force printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.2015-03-247.5CVE-2015-2155
CONFIRM
SECTRACK
BUGTRAQ
DEBIAN
MISCvastal -- phpvidSQL injection vulnerability in groups.php in Vastal I-Tech phpVID 0.9.9 and 1.2.3 allows remote attackers to execute arbitrary SQL commands via the order_by parameter. NOTE: The cat parameter vector is already covered by CVE-2008-4157.2015-03-207.5CVE-2015-2563
MISC
FULLDISC
MISCweb-dorado -- ecommerce_wdMultiple SQL injection vulnerabilities in the Web-Dorado ECommerce WD (com_ecommercewd) component 1.2.5 for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) search_category_id, (2) sort_order, or (3) filter_manufacturer_ids in a displayproducts action to index.php.2015-03-207.5CVE-2015-2562
FULLDISC
MISCx -- libxfontThe bdfReadProperties function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 allows remote authenticated users to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a (1) negative or (2) large property count in a BDF font file.2015-03-208.5CVE-2015-1802
MISC
UBUNTU
SECTRACK
DEBIAN
FEDORA
FEDORAx -- libxfontThe bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 does not properly handle character bitmaps it cannot read, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) and possibly execute arbitrary code via a crafted BDF font file.2015-03-208.5CVE-2015-1803
MISC
UBUNTU
SECTRACK
DEBIAN
FEDORA
FEDORAx -- libxfontThe bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 does not properly perform type conversion for metrics values, which allows remote authenticated users to cause a denial of service (out-of-bounds memory access) and possibly execute arbitrary code via a crafted BDF font file.2015-03-208.5CVE-2015-1804
MISC
UBUNTU
SECTRACK
DEBIAN
FEDORA
FEDORABack to top


Medium Vulnerabilities

Primary
Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoapache -- batikXML external entity (XXE) vulnerability in the SVG to (1) PNG and (2) JPG conversion classes in Apache Batik 1.x before 1.8 allows remote attackers to read arbitrary files or cause a denial of service via a crafted SVG file.2015-03-246.4CVE-2015-0250
CONFIRM
UBUNTU
FULLDISCapache -- xerces-cinternal/XMLReader.cpp in Apache Xerces-C before 3.1.2 allows remote attackers to cause a denial of service (segmentation fault and crash) via crafted XML data.2015-03-245.0CVE-2015-0252
CONFIRM
DEBIANasus -- rt-g32_firmwareCross-site request forgery (CSRF) vulnerability in the ASUS RT-G32 routers with firmware 2.0.2.6 and 2.0.3.2 allows remote attackers to hijack the authentication of administrators for requests that change the administrator password via a request to start_apply.htm.2015-03-236.8CVE-2015-2676
MISC
FULLDISC
MISCasus -- rt-g32_firmwareMultiple cross-site scripting (XSS) vulnerabilities in the ASUS RT-G32 routers with firmware 2.0.2.6 and 2.0.3.2 allow remote attackers to inject arbitrary web script or HTML via the (1) next_page, (2) group_id, (3) action_script, or (4) flag parameter to start_apply.htm.2015-03-234.3CVE-2015-2681
MISC
FULLDISC
MISCcisco -- iosThe Autonomic Networking Infrastructure (ANI) implementation in Cisco IOS 15.4S and 15.4(3)S allows remote attackers to modify configuration settings or cause a denial of service (partial service outage) by sending crafted Autonomic Networking (AN) messages on an intranet network, aka Bug ID CSCup62167.2015-03-206.4CVE-2015-0669
SECTRACK
CISCOcisco -- spa_301_1_line_ip_phoneThe default configuration of Cisco Small Business IP phones SPA 300 7.5.5 and SPA 500 7.5.5 does not properly support authentication, which allows remote attackers to read audio-stream data or originate telephone calls via a crafted XML request, aka Bug ID CSCuo52482.2015-03-206.4CVE-2015-0670
SECTRACK
CISCOcisco -- ios_xrThe DHCPv4 server in Cisco IOS XR 5.2.2 on ASR 9000 devices allows remote attackers to cause a denial of service (service outage) via a flood of crafted DHCP packets, aka Bug ID CSCup67822.2015-03-265.0CVE-2015-0672
CISCOcisco -- mobility_services_engineCisco Mobility Services Engine (MSE) 8.0(110.0) allows remote authenticated users to discover the passwords of arbitrary users by (1) reading log files or (2) using an unspecified GUI feature, aka Bug ID CSCut24792.2015-03-264.0CVE-2015-0673
CISCOcitrix -- command_centerCitrix Command Center before 5.1 Build 35.4 and 5.2 before Build 42.7 allows remote attackers to obtain credentials via a direct request to conf/securitydbData.xml.2015-03-265.0CVE-2015-2682
MISC
CONFIRM
FULLDISC
MISCcodoforum -- codoforumThe sanitize function in Codoforum 2.5.1 does not properly implement filtering for directory traversal sequences, which allows remote attackers to read arbitrary files via a .. (dot dot) in the path parameter to index.php.2015-03-235.0CVE-2014-9261
CONFIRM
EXPLOIT-DB
MISC
MISC
OSVDBcs-cart -- cs-cartCross-site request forgery (CSRF) vulnerability in CS-Cart 4.2.4 allows remote attackers to hijack the authentication of users for requests that change a user password via a request to profiles-update/.2015-03-256.8CVE-2015-2701
EXPLOIT-DB
OSVDBdigia -- qtThe BMP decoder in QtGui in QT before 5.5 does not properly calculate the masks used to extract the color components, which allows remote attackers to cause a denial of service (divide-by-zero and crash) via a crafted BMP file.2015-03-255.0CVE-2015-0295
MLIST
SUSE
FEDORA
FEDORA
FEDORA
FEDORA
FEDORA
FEDORAdjangoproject -- djangoThe utils.html.strip_tags function in Django 1.6.x before 1.6.11, 1.7.x before 1.7.7, and 1.8.x before 1.8c1, when using certain versions of Python, allows remote attackers to cause a denial of service (infinite loop) by increasing the length of the input string.2015-03-255.0CVE-2015-2316
CONFIRM
UBUNTUdjangoproject -- djangoThe utils.http.is_safe_url function in Django before 1.4.20, 1.5.x, 1.6.x before 1.6.11, 1.7.x before 1.7.7, and 1.8.x before 1.8c1 does not properly validate URLs, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a control character in a URL, as demonstrated by a \x08javascript: URL.2015-03-254.3CVE-2015-2317
CONFIRM
DEBIAN
UBUNTUgenixcms -- genixcmsMultiple cross-site scripting (XSS) vulnerabilities in MetalGenix GeniXCMS before 0.0.2 allow remote attackers to inject arbitrary web script or HTML via the (1) cat parameter in the categories page to gxadmin/index.php or (2) page parameter to index.php.2015-03-234.3CVE-2015-2678
MISC
MISC
CONFIRM
MISC
EXPLOIT-DB
MISC
OSVDBgluster -- glusterfsThe __socket_proto_state_machine function in GlusterFS 3.5 allows remote attackers to cause a denial of service (infinite loop) via a "00000000" fragment header.2015-03-275.0CVE-2014-3619
MISC
CONFIRM
SUSE
SUSEgnu -- gnutlsGnuTLS before 3.1.0 does not verify that the RSA PKCS #1 signature algorithm matches the signature algorithm in the certificate, which allows remote attackers to conduct downgrade attacks via unspecified vectors.2015-03-245.0CVE-2015-0282
CONFIRM
DEBIANibm -- rational_clearquestCross-site request forgery (CSRF) vulnerability in ClearQuest Web in IBM Rational ClearQuest 7.1.x before 7.1.2.17, 8.0.0.x before 8.0.0.14, and 8.0.1.x before 8.0.1.7 allows remote attackers to hijack the authentication of arbitrary users for requests that trigger a logout or insert XSS sequences.2015-03-246.8CVE-2014-8925
CONFIRMibm -- business_process_managerCross-site scripting (XSS) vulnerability in the Process Portal in IBM Business Process Manager (BPM) 8.0 through 8.0.1.3, 8.5.0 through 8.5.0.1, and 8.5.5 through 8.5.5.0 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.2015-03-234.3CVE-2015-0105
CONFIRM
AIXAPAR
AIXAPARibm -- business_process_managerCross-site scripting (XSS) vulnerability in IBM Business Process Manager (BPM) 7.5.x through 7.5.1.2, 8.0 through 8.0.1.3, 8.5.0 through 8.5.0.1, and 8.5.5 through 8.5.5.0 and WebSphere Lombardi Edition (WLE) 7.2.x through 7.2.0.5 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.2015-03-234.3CVE-2015-0106
CONFIRM
AIXAPARibm -- powervcIBM PowerVC Standard 1.2.0.x before 1.2.0.4 and 1.2.1.x before 1.2.2 validates Hardware Management Console (HMC) certificates only during the pre-login stage, which allows man-in-the-middle attackers to spoof devices via a crafted certificate.2015-03-234.3CVE-2015-0137
CONFIRMibm -- tivoli_directory_serverGSKit in IBM Tivoli Directory Server (ITDS) 6.0 before 6.0.0.73-ISS-ITDS-IF0073, 6.1 before 6.1.0.66-ISS-ITDS-IF0066, 6.2 before 6.2.0.42-ISS-ITDS-IF0042, and 6.3 before 6.3.0.35-ISS-ITDS-IF0035 and IBM Security Directory Server (ISDS) 6.3.1 before 6.3.1.9-ISS-ISDS-IF0009 does not properly restrict TLS state transitions, which makes it easier for remote attackers to conduct cipher-downgrade attacks to EXPORT_RSA ciphers via crafted TLS traffic, related to the "FREAK" issue, a different vulnerability than CVE-2015-0204.2015-03-244.3CVE-2015-0138
CONFIRMibm -- business_process_managerCross-site scripting (XSS) vulnerability in the Coach NG framework in IBM Business Process Manager (BPM) 8.0 through 8.0.1.3, 8.5.0 through 8.5.0.1, and 8.5.5 through 8.5.5.0 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.2015-03-234.3CVE-2015-0158
CONFIRM
SECTRACK
AIXAPAR
AIXAPAR
AIXAPARibm -- general_parallel_file_systemThe mmfslinux kernel module in IBM General Parallel File System (GPFS) 3.4 before 3.4.0.32, 3.5 before 3.5.0.24, and 4.1 before 4.1.0.7 allows local users to cause a denial of service (memory corruption) via unspecified character-device ioctl calls.2015-03-234.9CVE-2015-0199
CONFIRMinetc_project -- inetcThe Inetc plugin for Nullsoft Scriptable Install System (NSIS), as used in CERT/CC Failure Observation Engine (FOE) and other products, does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and possibly execute arbitrary code by sending a crafted certificate in a download session for Windows executable files.2015-03-214.3CVE-2015-0941
CERT-VNmetalgenix -- genixcmsCross-site request forgery (CSRF) vulnerability in MetalGenix GeniXCMS before 0.0.2 allows remote attackers to hijack the authentication of administrators for requests that add an administrator account via a request in the users page to gxadmin/index.php.2015-03-236.8CVE-2015-2680
CONFIRM
CONFIRM
CONFIRM
MISC
EXPLOIT-DB
MISC
OSVDB
CONFIRMmozilla -- firefoxThe asm.js implementation in Mozilla Firefox before 36.0.3, Firefox ESR 31.x before 31.5.2, and SeaMonkey before 2.33.1 does not properly determine the cases in which bounds checking may be safely skipped during JIT compilation and heap access, which allows remote attackers to read or write to unintended memory locations, and consequently execute arbitrary code, via crafted JavaScript.2015-03-236.8CVE-2015-0817
CONFIRM
UBUNTU
SECTRACK
CONFIRM
DEBIAN
REDHAT
SUSE
SUSEprojectsend -- projectsendSQL injection vulnerability in client-edit.php in ProjectSend (formerly cFTP) r561 allows remote authenticated users to execute arbitrary SQL commands via the id parameter to users-edit.php.2015-03-206.5CVE-2015-2564
BUGTRAQ
MISC
EXPLOIT-DB
FULLDISC
MISC
OSVDBredhat -- richfacesJBoss RichFaces before 4.5.4 allows remote attackers to inject expression language (EL) expressions and execute arbitrary Java code via the do parameter.2015-03-266.8CVE-2015-0279
CONFIRM
REDHATtcpdump -- tcpdumpThe rpki_rtr_pdu_print function in print-rpki-rtr.c in the TCP printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) via a crafted header length in an RPKI-RTR Protocol Data Unit (PDU).2015-03-245.0CVE-2015-2153
CONFIRM
SECTRACK
BUGTRAQ
DEBIAN
MISCtcpdump -- tcpdumpThe osi_print_cksum function in print-isoclns.c in the ethernet printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted (1) length, (2) offset, or (3) base pointer checksum value.2015-03-245.0CVE-2015-2154
CONFIRM
SECTRACK
BUGTRAQ
DEBIAN
MISCwebsense -- triton_ap_webMultiple cross-site scripting (XSS) vulnerabilities in the Investigative Reports in Websense TRITON AP-WEB before 8.0.0 and Web Security and Filter, Web Security Gateway, and Web Security Gateway Anywhere 7.8.3 before Hotfix 02 and 7.8.4 before Hotfix 01 allow remote attackers to inject arbitrary web script or HTML via the (1) ReportName (Job Name) parameter to the Explorer report scheduler (cgi-bin/WsCgiExplorerSchedule.exe) in the Job Queue or the col parameter to the (2) Names or (3) Anonymous (explorer_wse/explorer_anon.exe) summary report page.2015-03-254.3CVE-2014-9711
MISC
MISC
CONFIRM
CONFIRM
CONFIRM
BUGTRAQ
BUGTRAQ
FULLDISC
FULLDISC
MISC
MISCwebsense -- triton_ap_dataCross-site scripting (XSS) vulnerability in the Message Log in the Email Security Gateway in Websense TRITON AP-EMAIL before 8.0.0 and V-Series 7.7 appliances allows remote attackers to inject arbitrary web script or HTML via the sender address in an email.2015-03-254.3CVE-2015-2702
MISC
CONFIRM
BUGTRAQ
FULLDISC
MISCwebsense -- triton_ap_webMultiple cross-site scripting (XSS) vulnerabilities in Websense TRITON AP-WEB before 8.0.0 and V-Series 7.7 appliances allow remote attackers to inject arbitrary web script or HTML via the (1) ws-userip in the ws-encdata parameter to cve-bin/moreBlockInfo.cgi in the Data Security block page or (2) admin_msg parameter to configure/ssl_ui/eva-config/client-cert-import_wsoem.html in the Content Gateway, which is not properly handled in an error message.2015-03-254.3CVE-2015-2703
MISC
MISC
CONFIRM
BUGTRAQ
BUGTRAQ
FULLDISC
FULLDISC
MISC
MISCwebsense -- tritonThe network diagnostics tool (CommandLineServlet) in the Appliance Manager command line utility (CLU) in Websense TRITON 7.8.3 and V-Series appliances before 7.8.4 Hotfix 02 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the "second" parameter of a command, as demonstrated by the Destination parameter in the ping command.2015-03-266.5CVE-2015-2746
MISC
CONFIRM
BUGTRAQ
FULLDISC
MISCwebsense -- tritonMultiple cross-site scripting (XSS) vulnerabilities in the data loss prevention (DLP) incident Forensics Preview in Websense Triton 7.8.3 and V-Series 7.7 appliances allow remote attackers to inject arbitrary web script or HTML via a crafted (1) email or (2) HTTP request, which triggers a DLP Policy.2015-03-264.3CVE-2015-2747
MISC
BUGTRAQ
FULLDISC
MISCwebsense -- triton_ap_dataWebsense TRITON AP-WEB before 8.0.0 does not properly restrict access to files in explorer_wse/, which allows remote attackers to obtain sensitive information via a direct request to a (1) Web Security incident report or the (2) Explorer configuration (websense.ini) file.2015-03-265.0CVE-2015-2748
MISC
CONFIRM
BUGTRAQ
FULLDISC
MISCBack to top


Low Vulnerabilities

Primary
Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infodrupal -- drupalDrupal 6.x before 6.35 and 7.x before 7.35 allows remote authenticated users to reset the password of other accounts by leveraging an account with the same password hash as another account and a crafted password reset URL.2015-03-253.5CVE-2015-2559
CONFIRM
DEBIANemc -- xcelerated_management_systemEMC Documentum xCelerated Management System (xMS) 1.1 before P14 stores cleartext Windows Service credentials in a batch file during Documentum Platform and xCelerated Composition Platform (xCP) provisioning, which allows local users to obtain sensitive information by reading a file.2015-03-232.1CVE-2015-0527
BUGTRAQgreenend -- puttyThe (1) ssh2_load_userkey and (2) ssh2_save_userkey functions in PuTTY 0.51 through 0.63 do not properly wipe SSH-2 private keys from memory, which allows local users to obtain sensitive information by reading the memory.2015-03-272.1CVE-2015-2157
CONFIRM
CONFIRM
MLIST
MLIST
DEBIAN
SUSE
FEDORA
FEDORAibm -- installation_managerIBM Rational ClearCase 8.0.0 before 8.0.0.14 and 8.0.1 before 8.0.1.7, when Installation Manager before 1.8.2 is used, retains cleartext server passwords in process memory throughout the installation procedure, which might allow local users to obtain sensitive information by leveraging access to the installation account.2015-03-241.2CVE-2014-6134
CONFIRMibm -- security_identity_manager_adapterThe (1) IBM Tivoli Identity Manager Active Directory adapter before 5.1.24 and (2) IBM Security Identity Manager Active Directory adapter before 6.0.14 for IBM Security Identity Manager on Windows, when certain log and trace levels are configured, store the cleartext administrator password in a log file, which allows local users to obtain sensitive information by reading a file.2015-03-241.9CVE-2014-8923
CONFIRMibm -- business_process_managerMultiple cross-site scripting (XSS) vulnerabilities in the Process Portal in IBM Business Process Manager (BPM) 8.0 through 8.0.1.3, 8.5.0 through 8.5.0.1, and 8.5.5 through 8.5.5.0 allow remote authenticated users to inject arbitrary web script or HTML via unspecified data fields.2015-03-233.5CVE-2015-0103
CONFIRM
AIXAPARibm -- powervcpowervc-iso-import in IBM PowerVC 1.2.0.x before 1.2.0.4 and 1.2.1.x before 1.2.2 places an access token on the command line during IVM and PowerKVM management, which allows local users to obtain sensitive information by listing the process.2015-03-232.1CVE-2015-0136
CONFIRMocportal -- ocportalMultiple cross-site scripting (XSS) vulnerabilities in ocPortal before 9.0.17 allow remote authenticated users to inject arbitrary web script or HTML via the (1) title or (2) text field in the cms_calendar page to cms/index.php; unspecified fields in (3) the cms_polls page to cms/index.php or (4) a new topic in the topics page to forum/index.php; or (5) a new PT (private topic/private message) in the topics page to forum/index.php.2015-03-233.5CVE-2015-2677
CONFIRM
SECTRACK
BUGTRAQ
MISC
CONFIRMs9y -- serendipityCross-site scripting (XSS) vulnerability in templates/2k11/admin/entries.tpl in Serendipity before 2.0.1 allows remote authenticated editors to inject arbitrary web script or HTML via the serendipity[cat][name] parameter to serendipity_admin.php, when creating a new category.2015-03-233.5CVE-2015-2289
CONFIRM
SECTRACK
BUGTRAQ
MLIST
MISC
CONFIRMBack to top
This product is provided subject to this Notification and this Privacy & Use policy.




More...
sendpm.gif Reply With Quote
Sponsored Links
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is On

All times are GMT -7. The time now is 03:36 AM.


Powered by vBulletin, Jelsoft Enterprises Ltd.