SB15-363: Vulnerability Summary for the Week of December 21, 2015

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Title: SB15-363: Vulnerability Summary for the Week of December 21, 2015

U.S. Department of Homeland Security US-CERT

National Cyber Awareness System:

12/29/2015 12:30 PM EST

Original release date: December 29, 2015

The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information.

The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:

  • High - Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 - 10.0

  • Medium - Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 - 6.9

  • Low - Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 - 3.9

Entries may include additional information provided by organizations and efforts sponsored by US-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of US-CERT analysis.

High Vulnerabilities

Primary
Vendor -- Product
DescriptionPublishedCVSS ScoreSource & Patch Info
adcon -- a840_telemetry_gateway_base_station_firmware Adcon Telemetry A840 Telemetry Gateway Base Station has hardcoded credentials, which allows remote attackers to obtain administrative access via unspecified vectors. 2015-12-23 10.0 CVE-2015-7930
MISC
adobe -- air Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-8460, CVE-2015-8636, and CVE-2015-8645. 2015-12-28 10.0 CVE-2015-8459
CONFIRM
adobe -- air Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8634, CVE-2015-8635, CVE-2015-8638, CVE-2015-8639, CVE-2015-8640, CVE-2015-8641, CVE-2015-8642, CVE-2015-8643, CVE-2015-8646, CVE-2015-8647, CVE-2015-8648, and CVE-2015-8649. 2015-12-28 9.3 CVE-2015-8650
CONFIRM
apache -- hbase Apache HBase 0.98 before 0.98.12.1, 1.0 before 1.0.1.1, and 1.1 before 1.1.0.1, as used in IBM InfoSphere BigInsights 3.0, 3.0.0.1, and 3.0.0.2 and other products, uses incorrect ACLs for ZooKeeper coordination state, which allows remote attackers to cause a denial of service (daemon outage), obtain sensitive information, or modify data via unspecified client traffic. 2015-12-21 7.5 CVE-2015-1836
CONFIRM
MLIST
dovestones -- ad_self_password_reset The PasswordReset.Controllers.ResetController.ChangePasswordIndex method in PasswordReset.dll in Dovestones AD Self Password Reset before 3.0.4.0 allows remote attackers to reset arbitrary passwords via a crafted request with a valid username. 2015-12-23 7.5 CVE-2015-8267
CERT-VN
CONFIRM
emc -- isilon_onefs EMC Isilon OneFS 7.1 before 7.1.1.8, 7.2.0 before 7.2.0.4, and 7.2.1 before 7.2.1.1 allows remote authenticated administrators to bypass a SmartLock root-login restriction by creating a root account and establishing a login session. 2015-12-21 9.0 CVE-2015-4545
BUGTRAQ
emc -- vplex_geosynchrony EMC VPLEX GeoSynchrony 5.4 SP1 before P3 and 5,5 before Patch 1 has a default password for the root account, which allows local users to gain privileges by leveraging a login session. 2015-12-28 7.2 CVE-2015-6850
BUGTRAQ
ephiphanyheathdata -- cardio_server The login page in Epiphany Cardio Server 3.3, 4.0, and 4.1 mishandles authentication requests, which allows remote attackers to conduct LDAP injection attacks, and consequently bypass intended access restrictions, via a crafted URL. 2015-12-27 7.5 CVE-2015-6538
CERT-VN
CONFIRM
epiphanyhealthdata -- cardio_server SQL injection vulnerability in the login page in Epiphany Cardio Server 3.3 allows remote attackers to execute arbitrary SQL commands via a crafted URL. 2015-12-27 7.5 CVE-2015-6537
CERT-VN
CONFIRM
ewon -- ewon_firmware eWON devices with firmware before 10.1s0 do not trigger the discarding of browser session data in response to a log-off action, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation. 2015-12-23 7.5 CVE-2015-7924
MISC
CONFIRM
ffmpeg -- ffmpeg The h264_slice_header_init function in libavcodec/h264_slice.c in FFmpeg before 2.8.3 does not validate the relationship between the number of threads and the number of slices, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted H.264 data. 2015-12-23 7.5 CVE-2015-8661
CONFIRM
ffmpeg -- ffmpeg The ff_dwt_decode function in libavcodec/jpeg2000dwt.c in FFmpeg before 2.8.4 does not validate the number of decomposition levels before proceeding with Discrete Wavelet Transform decoding, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JPEG 2000 data. 2015-12-23 7.5 CVE-2015-8662
CONFIRM
ffmpeg -- ffmpeg The ff_get_buffer function in libavcodec/utils.c in FFmpeg before 2.8.4 preserves width and height values after a failure, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a crafted .mov file. 2015-12-23 7.5 CVE-2015-8663
CONFIRM
google -- chrome The MIDI subsystem in Google Chrome before 47.0.2526.106 does not properly handle the sending of data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors, related to midi_manager.cc, midi_manager_alsa.cc, and midi_manager_mac.cc, a different vulnerability than CVE-2015-8664. 2015-12-23 10.0 CVE-2015-6792
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
google -- chrome Integer overflow in the WebCursor::Deserialize function in content/common/cursors/webcursor.cc in Google Chrome before 47.0.2526.106 allows remote attackers to cause a denial of service or possibly have unspecified other impact via an RGBA pixel array with crafted dimensions, a different vulnerability than CVE-2015-6792. 2015-12-23 7.5 CVE-2015-8664
CONFIRM
CONFIRM
CONFIRM
CONFIRM
honeywell -- midas_black_firmware Honeywell Midas gas detectors before 1.13b3 and Midas Black gas detectors before 2.13b3 allow remote attackers to discover cleartext passwords by sniffing the network. 2015-12-21 9.3 CVE-2015-7908
MISC
isc -- kea The kea-dhcp4 and kea-dhcp6 servers 0.9.2 and 1.0.0-beta in ISC Kea, when certain debugging settings are used, allow remote attackers to cause a denial of service (daemon crash) via a malformed packet. 2015-12-22 7.1 CVE-2015-8373
CONFIRM
juniper -- screenos Juniper ScreenOS 6.2.0r15 through 6.2.0r18, 6.3.0r12 before 6.3.0r12b, 6.3.0r13 before 6.3.0r13b, 6.3.0r14 before 6.3.0r14b, 6.3.0r15 before 6.3.0r15b, 6.3.0r16 before 6.3.0r16b, 6.3.0r17 before 6.3.0r17b, 6.3.0r18 before 6.3.0r18b, 6.3.0r19 before 6.3.0r19b, and 6.3.0r20 before 6.3.0r21 allows remote attackers to obtain administrative access by entering an unspecified password during a (1) SSH or (2) TELNET session. 2015-12-19 10.0 CVE-2015-7755
MISC
CONFIRM
MISC
MISC
MISC
MISC
CONFIRM
MISC
linux -- linux_kernel The ovl_setattr function in fs/overlayfs/inode.c in the Linux kernel through 4.3.3 attempts to merge distinct setattr operations, which allows local users to bypass intended access restrictions and modify the attributes of arbitrary overlay files via a crafted application. 2015-12-28 7.2 CVE-2015-8660
CONFIRM
CONFIRM
MLIST
CONFIRM
loytec -- l-switch_and_l-ip_firmware LOYTEC LIP-3ECTB 6.0.1, LINX-100, LVIS-3E100, and LIP-ME201 devices allow remote attackers to read a password-hash backup file via unspecified vectors. 2015-12-21 10.0 CVE-2015-7906
MISC
moxa -- oncell_central_manager The MessageBrokerServlet servlet in Moxa OnCell Central Manager before 2.2 does not require authentication, which allows remote attackers to obtain administrative access via a command, as demonstrated by the addUserAndGroup action. 2015-12-21 7.5 CVE-2015-6480
MISC
MISC
moxa -- oncell_central_manager The login function in the RequestController class in Moxa OnCell Central Manager before 2.2 has a hardcoded root password, which allows remote attackers to obtain administrative access via a login session. 2015-12-21 7.5 CVE-2015-6481
MISC
MISC
rsa -- securid_web_agent EMC RSA SecurID Web Agent before 8.0 allows physically proximate attackers to bypass the privacy-screen protection mechanism by leveraging an unattended workstation and running DOM Inspector. 2015-12-22 7.2 CVE-2015-6851
BUGTRAQ
saia_burgess_controls -- pcd1.m0xx0_firmware Saia Burgess PCD1.M0xx0, PCD1.M2xx0, PCD2.M5xx0, PCD3.Mxx60, PCD3.Mxxx0, PCD7.D4xxD, PCD7.D4xxV, PCD7.D4xxWTPF, and PCD7.D4xxxT5F devices before 1.24.50 and PCD3.T665 and PCD3.T666 devices before 1.24.41 have hardcoded credentials, which allows remote attackers to obtain administrative access via an FTP session. 2015-12-22 10.0 CVE-2015-7911
MISC
schneider-electric -- bmxnoc0401 Stack-based buffer overflow in the GoAhead Web Server on Schneider Electric Modicon M340 PLC BMXNOx and BMXPx devices allows remote attackers to execute arbitrary code via a long password in HTTP Basic Authentication data. 2015-12-21 10.0 CVE-2015-7937
MISC
CONFIRM
vmware -- vcenter_orchestrator Serialized-object interfaces in VMware vRealize Orchestrator 6.x, vCenter Orchestrator 5.x, vRealize Operations 6.x, vCenter Operations 5.x, and vCenter Application Discovery Manager (vADM) 7.x allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library. 2015-12-20 7.5 CVE-2015-6934
CONFIRM
Back to top

Medium Vulnerabilities

Primary
Vendor -- Product
DescriptionPublishedCVSS ScoreSource & Patch Info
adcon -- a840_telemetry_gateway_base_station_firmware The Java client in Adcon Telemetry A840 Telemetry Gateway Base Station does not authenticate the station device, which allows man-in-the-middle attackers to spoof devices and obtain sensitive information by reading cleartext packet data, related to the lack of SSL support. 2015-12-23 5.8 CVE-2015-7931
MISC
adcon -- a840_telemetry_gateway_base_station_firmware Adcon Telemetry A840 Telemetry Gateway Base Station allows remote attackers to obtain sensitive information by sniffing the network. 2015-12-23 5.0 CVE-2015-7932
MISC
adcon -- a840_telemetry_gateway_base_station_firmware The Java client in Adcon Telemetry A840 Telemetry Gateway Base Station allows remote attackers to discover log-file pathnames via unspecified vectors. 2015-12-23 5.0 CVE-2015-7934
MISC
adobe -- acrobat Heap-based buffer overflow in AGM.dll in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code via a multiple-layer PDF document, a different vulnerability than CVE-2015-6696 and CVE-2015-6698. 2015-12-21 6.8 CVE-2015-8458
CONFIRM
MISC
apache -- hive The LDAP implementation in HiveServer2 in Apache Hive before 1.0.1 and 1.1.x before 1.1.1, as used in IBM InfoSphere BigInsights 3.0, 3.0.0.1, and 3.0.0.2 and other products, mishandles simple unauthenticated and anonymous bind configurations, which allows remote attackers to bypass authentication via a crafted LDAP request. 2015-12-21 4.3 CVE-2015-1772
CONFIRM
MLIST
buffalotech -- airstation_extreme_n600 Buffalo WZR-600DHP2 devices with firmware 2.09, 2.13, and 2.16 use an improper algorithm for selecting the ID value in the header of a DNS query, which makes it easier for remote attackers to spoof responses by predicting this value. 2015-12-26 5.0 CVE-2015-8262
CERT-VN
cisco -- jabber Cisco Jabber 10.6.x, 11.0.x, and 11.1.x on Windows allows man-in-the-middle attackers to conduct STARTTLS downgrade attacks and trigger cleartext XMPP sessions via unspecified vectors, aka Bug ID CSCuw87419. 2015-12-26 4.3 CVE-2015-6409
CISCO
cisco -- ios The IKEv1 state machine in Cisco IOS 15.4 through 15.6 and IOS XE 3.15 through 3.17 allows remote attackers to cause a denial of service (IPsec connection termination) via a crafted IKEv1 packet to a tunnel endpoint, aka Bug ID CSCuw08236. 2015-12-19 5.0 CVE-2015-6429
CISCO
cisco -- ios_xe Cisco IOS XE 16.1.1 allows remote attackers to cause a denial of service (device reload) via a packet with the 00-00-00-00-00-00 source MAC address, aka Bug ID CSCux48405. 2015-12-22 6.1 CVE-2015-6431
CISCO
eaton -- proview Eaton Cooper Power Systems ProView 4.x and 5.x before 5.1 on Form 6 controls and Idea and IdeaPLUS relays does not properly initialize padding fields in Ethernet packets, which allows remote attackers to obtain sensitive information by reading packet data. 2015-12-22 4.3 CVE-2015-6471
MISC
ewon -- ewon_firmware Cross-site request forgery (CSRF) vulnerability on eWON devices with firmware through 10.1s0 allows remote attackers to hijack the authentication of administrators for requests that trigger firmware upload, removal of configuration data, or a reboot. 2015-12-23 6.8 CVE-2015-7925
MISC
CONFIRM
ewon -- ewon_firmware eWON devices with firmware before 10.1s0 omit RBAC for I/O server information and status requests, which allows remote attackers to obtain sensitive information via an unspecified URL. 2015-12-23 5.0 CVE-2015-7926
MISC
CONFIRM
ewon -- ewon_firmware Cross-site scripting (XSS) vulnerability on eWON devices with firmware through 10.1s0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. 2015-12-23 4.3 CVE-2015-7927
MISC
CONFIRM
ewon -- ewon_firmware eWON devices with firmware before 10.1s0 do not have an off autocomplete attribute for a password field, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation. 2015-12-23 5.0 CVE-2015-7928
MISC
CONFIRM
ewon -- ewon_firmware eWON devices with firmware through 10.1s0 support unspecified GET requests, which might allow remote attackers to obtain sensitive information by reading (1) web-server access logs, (2) web-server Referer logs, or (3) the browser history. 2015-12-23 5.0 CVE-2015-7929
MISC
CONFIRM
honeywell -- midas_black_firmware Directory traversal vulnerability in the web server on Honeywell Midas gas detectors before 1.13b3 and Midas Black gas detectors before 2.13b3 allows remote attackers to bypass authentication, and write to a configuration file or trigger a calibration or test, via unspecified vectors. 2015-12-21 6.4 CVE-2015-7907
MISC
ibm -- websphere_portal Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF29, 8.0.0 before 8.0.0.1 CF19, and 8.5.0 before CF08 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2015-4998. 2015-12-21 4.3 CVE-2015-4993
CONFIRM
AIXAPAR
ibm -- websphere_portal Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF29, 8.0.0 before 8.0.0.1 CF19, and 8.5.0 before CF08 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2015-4993. 2015-12-21 4.3 CVE-2015-4998
CONFIRM
AIXAPAR
ibm -- websphere_portal IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF29, 8.0.0 before 8.0.0.1 CF19, and 8.5.0 before CF08 allows remote authenticated users to cause a denial of service (memory consumption) via a crafted document. 2015-12-21 6.8 CVE-2015-5001
CONFIRM
AIXAPAR
ibm -- websphere_portal Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.0.0 before 8.0.0.1 CF19 and 8.5.0 through CF08 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. 2015-12-21 4.3 CVE-2015-7413
CONFIRM
AIXAPAR
ipswitch -- whatsup_gold Multiple SQL injection vulnerabilities in IPSwitch WhatsUp Gold before 16.4 allow remote attackers to execute arbitrary SQL commands via (1) the UniqueID (aka sUniqueID) parameter to WrFreeFormText.asp in the Reports component or (2) the Find Device parameter. 2015-12-26 6.5 CVE-2015-6004
CERT-VN
MISC
CONFIRM
juniper -- screenos The encryption implementation in Juniper ScreenOS 6.2.0r15 through 6.2.0r18, 6.3.0r12 before 6.3.0r12b, 6.3.0r13 before 6.3.0r13b, 6.3.0r14 before 6.3.0r14b, 6.3.0r15 before 6.3.0r15b, 6.3.0r16 before 6.3.0r16b, 6.3.0r17 before 6.3.0r17b, 6.3.0r18 before 6.3.0r18b, 6.3.0r19 before 6.3.0r19b, and 6.3.0r20 before 6.3.0r21 makes it easier for remote attackers to discover the plaintext content of VPN sessions by sniffing the network for ciphertext data and conducting an unspecified decryption attack. 2015-12-19 5.0 CVE-2015-7756
MISC
CONFIRM
MISC
MISC
MISC
CONFIRM
MISC
let's_php! -- pbbs Cross-site scripting (XSS) vulnerability in Let's PHP! p++BBS before 4.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. 2015-12-27 4.3 CVE-2015-7783
CONFIRM
JVNDB
JVN
linux -- linux_kernel Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel before 4.3.3 allows local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls. 2015-12-28 5.4 CVE-2013-7446
MLIST
MLIST
MLIST
CONFIRM
CONFIRM
MISC
CONFIRM
MLIST
MLIST
CONFIRM
CONFIRM
linux -- linux_kernel fs/ext4/namei.c in the Linux kernel before 3.7 allows physically proximate attackers to cause a denial of service (system crash) via a crafted no-journal filesystem, a related issue to CVE-2013-2015. 2015-12-28 4.9 CVE-2015-7509
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
linux -- linux_kernel Race condition in the rds_sendmsg function in net/rds/sendmsg.c in the Linux kernel before 4.3.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-6937. 2015-12-28 5.9 CVE-2015-7990
MLIST
CONFIRM
CONFIRM
CONFIRM
MLIST
CONFIRM
CONFIRM
linux -- linux_kernel The networking implementation in the Linux kernel through 4.3.3, as used in Android and other products, does not validate protocol identifiers for certain protocol families, which allows local users to cause a denial of service (NULL function pointer dereference and system crash) or possibly gain privileges by leveraging CLONE_NEWUSER support to execute a crafted SOCK_RAW application. 2015-12-28 6.9 CVE-2015-8543
CONFIRM
CONFIRM
MLIST
CONFIRM
motorola -- moscad_ip_gateway_firmware Motorola Solutions MOSCAD IP Gateway allows remote attackers to read arbitrary files via unspecified vectors. 2015-12-22 5.0 CVE-2015-7935
MISC
motorola -- moscad_ip_gateway_firmware Cross-site request forgery (CSRF) vulnerability in Motorola Solutions MOSCAD IP Gateway allows remote attackers to hijack the authentication of administrators for requests that modify a password. 2015-12-22 6.8 CVE-2015-7936
MISC
netgear -- wnr1000v3 NETGEAR WNR1000v3 devices with firmware 1.0.2.68 use the same source port number for every DNS query, which makes it easier for remote attackers to spoof responses by selecting that number for the destination port. 2015-12-26 5.0 CVE-2015-8263
CERT-VN
opcsystems -- opc_systems.net Untrusted search path vulnerability in Open Automation OPC Systems.NET 8.00.0023 and earlier allows local users to gain privileges via a Trojan horse DLL in an unspecified directory. 2015-12-22 6.9 CVE-2015-7917
MISC
phpmyadmin -- phpmyadmin libraries/config/messages.inc.php in phpMyAdmin 4.0.x before 4.0.10.12, 4.4.x before 4.4.15.2, and 4.5.x before 4.5.3.1 allows remote attackers to obtain sensitive information via a crafted request, which reveals the full path in an error message. 2015-12-26 5.0 CVE-2015-8669
CONFIRM
CONFIRM
rsi_video_technologies -- frontel_protocol The Frontel protocol before 3 on RSI Video Technologies Videofied devices sends a cleartext serial number, which allows remote attackers to determine a hardcoded key by sniffing the network and performing a "jumbled up" calculation with this number. 2015-12-26 4.3 CVE-2015-8252
CERT-VN
MISC
rsi_video_technologies -- frontel_protocol The Frontel protocol before 3 on RSI Video Technologies Videofied devices sets up AES encryption but sends all traffic in cleartext, which allows remote attackers to obtain sensitive (1) message or (2) MJPEG video data by sniffing the network. 2015-12-26 4.3 CVE-2015-8253
CERT-VN
MISC
rsi_video_technologies -- frontel_protocol The Frontel protocol before 3 on RSI Video Technologies Videofied devices does not use integrity protection, which makes it easier for man-in-the-middle attackers to (1) initiate a false alarm or (2) deactivate an alarm by modifying the client-server data stream. 2015-12-26 4.3 CVE-2015-8254
CERT-VN
MISC
searchblox -- searchblox SearchBlox 8.3 before 8.3.1 allows remote attackers to write to the config file, and consequently cause a denial of service (application crash), via unspecified vectors. 2015-12-21 6.4 CVE-2015-7919
MISC
tails_project -- tails Tails before 1.7 includes the wget program but does not prevent automatic fallback from passive FTP to active FTP, which allows remote FTP servers to discover the Tor client IP address by reading a (1) PORT or (2) EPRT command. NOTE: within wget itself, the automatic fallback is not considered a vulnerability by CVE. 2015-12-27 5.0 CVE-2015-7665
CONFIRM
MLIST
MLIST
MLIST
CONFIRM
MLIST
CONFIRM
Back to top

Low Vulnerabilities

Primary
Vendor -- Product
DescriptionPublishedCVSS ScoreSource & Patch Info
ipswitch -- whatsup_gold Multiple cross-site scripting (XSS) vulnerabilities in IPSwitch WhatsUp Gold before 16.4 allow remote attackers to inject arbitrary web script or HTML via (1) an SNMP OID object, (2) an SNMP trap message, (3) the View Names field, (4) the Group Names field, (5) the Flow Monitor Credentials field, (6) the Flow Monitor Threshold Name field, (7) the Task Library Name field, (8) the Task Library Description field, (9) the Policy Library Name field, (10) the Policy Library Description field, (11) the Template Library Name field, (12) the Template Library Description field, (13) the System Script Library Name field, (14) the System Script Library Description field, or (15) the CLI Settings Library Description field. 2015-12-26 3.5 CVE-2015-6005
CERT-VN
MISC
CONFIRM
linux -- linux_kernel The vivid_fb_ioctl function in drivers/media/platform/vivid/vivid-osd.c in the Linux kernel through 4.3.3 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a crafted application. 2015-12-28 1.9 CVE-2015-7884
CONFIRM
CONFIRM
MLIST
CONFIRM
linux -- linux_kernel The dgnc_mgmt_ioctl function in drivers/staging/dgnc/dgnc_mgmt.c in the Linux kernel through 4.3.3 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a crafted application. 2015-12-28 2.1 CVE-2015-7885
CONFIRM
CONFIRM
MLIST
CONFIRM
linux -- linux_kernel fs/btrfs/inode.c in the Linux kernel before 4.3.3 mishandles compressed inline extents, which allows local users to obtain sensitive pre-truncation information from a file via a clone action. 2015-12-28 2.1 CVE-2015-8374
CONFIRM
CONFIRM
MLIST
CONFIRM
CONFIRM
linux -- linux_kernel The (1) pptp_bind and (2) pptp_connect functions in drivers/net/ppp/pptp.c in the Linux kernel through 4.3.3 do not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application. 2015-12-28 1.9 CVE-2015-8569
MLIST
CONFIRM
CONFIRM
MLIST
MISC
CONFIRM
Back to top

This product is provided subject to this Notification and this Privacy & Use policy.


This email was sent to linux-security@xxxxxxxxxxx using GovDelivery, on behalf of: United States Computer Emergency Readiness Team (US-CERT) · 245 Murray Lane SW Bldg 410 · Washington, DC 20598 · (888) 282-0870 Powered by GovDelivery

[Index of Archives]     [Fedora Announce]     [Linux Crypto]     [Kernel]     [Netfilter]     [Bugtraq]     [USB]     [Fedora Security]

  Powered by Linux