VARIoT IoT vulnerabilities database

Cross-site request forgery has been identified in Moxa IKS and EDS, which may allow for the execution of unauthorized actions on the device. MoxaIKS and EDS are Moxa's line of industrial switches. An attacker could exploit the vulnerability to perform unauthorized actions on the device. Moxa IKS and EDS are prone to following security vulnerabilities: 1. A cross-site-scripting vulnerability 2. Multiple stack-based buffer-overflow vulnerabilities 3. A security vulnerability 4. An information disclosure vulnerability 5. A cross-site request-forgery vulnerability 6. Multiple denial-of-service vulnerabilities 7. A security-bypass vulnerability 8. An authentication bypass vulnerability An attacker may leverage these issues to view arbitrary files within the context of the web server, execute arbitrary script code in the browser of the victim in the context of the affected site, steal cookie-based authentication credentials, gain access to sensitive information, compromise the application, access or modify data, reboot or crash of the application resulting in a denial of service condition, bypass security restrictions, or execute arbitrary code. This may lead to other vulnerabilities. The following Moxa products and versions are affected: IKS-G6824A series versions 4.5 and prior, EDS-405A series versions 3.8 and prior, EDS-408A series versions 3.8 and prior, and EDS-510A series versions 3.8 and prior. Moxa IKS-G6824A series are all products of Moxa Company in Taiwan, China. IKS-G6824A series is a series of rack-mount Ethernet switches. EDS-405A series is an EDS-405A series Ethernet switch. EDS-408A series is an EDS-408A series Ethernet switch

Moxa IKS-G6824A series Versions 4.5 and prior, EDS-405A series Version 3.8 and prior, EDS-408A series Version 3.8 and prior, and EDS-510A series Version 3.8 and prior use plaintext transmission of sensitive data, which may allow an attacker to capture sensitive data such as an administrative password. plural Moxa There are vulnerabilities related to certificate and password management and encryption in the product.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. MoxaIKS and EDS are Moxa's line of industrial switches. MoxaIKS and EDS series lack sensitive data for encryption holes. The vulnerability stems from the fact that these devices transmit sensitive data in clear text. An attacker could exploit this vulnerability to capture sensitive data such as administrative passwords. Moxa IKS and EDS are prone to following security vulnerabilities: 1. A cross-site-scripting vulnerability 2. Multiple stack-based buffer-overflow vulnerabilities 3. A security vulnerability 4. An information disclosure vulnerability 5. A cross-site request-forgery vulnerability 6. Multiple denial-of-service vulnerabilities 7. A security-bypass vulnerability 8. An authentication bypass vulnerability An attacker may leverage these issues to view arbitrary files within the context of the web server, execute arbitrary script code in the browser of the victim in the context of the affected site, steal cookie-based authentication credentials, gain access to sensitive information, compromise the application, access or modify data, reboot or crash of the application resulting in a denial of service condition, bypass security restrictions, or execute arbitrary code. This may lead to other vulnerabilities. Moxa IKS-G6824A series are all products of Moxa Company in Taiwan, China. IKS-G6824A series is a series of rack-mount Ethernet switches. EDS-405A series is an EDS-405A series Ethernet switch. EDS-408A series is an EDS-408A series Ethernet switch. Encryption issues exist in several Moxa products. The vulnerability stems from incorrect use of relevant cryptographic algorithms by network systems or products, resulting in improperly encrypted content, weak encryption, and storing sensitive information in plain text

Moxa IKS and EDS do not implement sufficient measures to prevent multiple failed authentication attempts, which may allow an attacker to discover passwords via brute force attack. Moxa IKS and EDS Contains an authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. MoxaIKS and EDS are Moxa's line of industrial switches. MoxaIKS and EDS series have excessive certification attempts to limit the vulnerability. An attacker can exploit the vulnerability to discover passwords through brute force attacks. Moxa IKS and EDS are prone to following security vulnerabilities: 1. A cross-site-scripting vulnerability 2. Multiple stack-based buffer-overflow vulnerabilities 3. A security vulnerability 4. An information disclosure vulnerability 5. A cross-site request-forgery vulnerability 6. Multiple denial-of-service vulnerabilities 7. A security-bypass vulnerability 8. An authentication bypass vulnerability An attacker may leverage these issues to view arbitrary files within the context of the web server, execute arbitrary script code in the browser of the victim in the context of the affected site, steal cookie-based authentication credentials, gain access to sensitive information, compromise the application, access or modify data, reboot or crash of the application resulting in a denial of service condition, bypass security restrictions, or execute arbitrary code. This may lead to other vulnerabilities. The following Moxa products and versions are affected: IKS-G6824A series versions 4.5 and prior, EDS-405A series versions 3.8 and prior, EDS-408A series versions 3.8 and prior, and EDS-510A series versions 3.8 and prior. Moxa IKS-G6824A series are all products of Moxa Company in Taiwan, China. IKS-G6824A series is a series of rack-mount Ethernet switches. EDS-405A series is an EDS-405A series Ethernet switch. EDS-408A series is an EDS-408A series Ethernet switch. A security vulnerability exists in several Moxa products due to the program not adequately limiting the number of authentication requests

Moxa IKS and EDS store plaintext passwords, which may allow sensitive information to be read by someone with access to the device. Moxa IKS and EDS Contains an information disclosure vulnerability.Information may be obtained. MoxaIKS and EDS are Moxa's line of industrial switches. There are plaintext password storage vulnerabilities in MoxaIKS and EDS series. The vulnerability stems from the program storing passwords in clear text. An attacker could exploit this vulnerability to read sensitive information. A cross-site-scripting vulnerability 2. Multiple stack-based buffer-overflow vulnerabilities 3. A security vulnerability 4. A cross-site request-forgery vulnerability 6. Multiple denial-of-service vulnerabilities 7. A security-bypass vulnerability 8. An authentication bypass vulnerability An attacker may leverage these issues to view arbitrary files within the context of the web server, execute arbitrary script code in the browser of the victim in the context of the affected site, steal cookie-based authentication credentials, gain access to sensitive information, compromise the application, access or modify data, reboot or crash of the application resulting in a denial of service condition, bypass security restrictions, or execute arbitrary code. This may lead to other vulnerabilities. The following Moxa products and versions are affected: IKS-G6824A series versions 4.5 and prior, EDS-405A series versions 3.8 and prior, EDS-408A series versions 3.8 and prior, and EDS-510A series versions 3.8 and prior. Moxa IKS-G6824A series are all products of Moxa Company in Taiwan, China. IKS-G6824A series is a series of rack-mount Ethernet switches. EDS-405A series is an EDS-405A series Ethernet switch. EDS-408A series is an EDS-408A series Ethernet switch

Several buffer overflow vulnerabilities have been identified in Moxa IKS and EDS, which may allow remote code execution. Moxa IKS and EDS Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. MoxaIKS and EDS are Moxa's line of industrial switches. A buffer overflow vulnerability exists in the MoxaIKS and EDS families. An attacker could exploit this vulnerability for remote code execution. A cross-site-scripting vulnerability 2. Multiple stack-based buffer-overflow vulnerabilities 3. A security vulnerability 4. An information disclosure vulnerability 5. A cross-site request-forgery vulnerability 6. Multiple denial-of-service vulnerabilities 7. A security-bypass vulnerability 8. An authentication bypass vulnerability An attacker may leverage these issues to view arbitrary files within the context of the web server, execute arbitrary script code in the browser of the victim in the context of the affected site, steal cookie-based authentication credentials, gain access to sensitive information, compromise the application, access or modify data, reboot or crash of the application resulting in a denial of service condition, bypass security restrictions, or execute arbitrary code. This may lead to other vulnerabilities. The following Moxa products and versions are affected: IKS-G6824A series versions 4.5 and prior, EDS-405A series versions 3.8 and prior, EDS-408A series versions 3.8 and prior, and EDS-510A series versions 3.8 and prior. Moxa IKS-G6824A series are all products of Moxa Company in Taiwan, China. IKS-G6824A series is a series of rack-mount Ethernet switches. EDS-405A series is an EDS-405A series Ethernet switch. EDS-408A series is an EDS-408A series Ethernet switch

Moxa IKS and EDS generate a predictable cookie calculated with an MD5 hash, allowing an attacker to capture the administrator's password, which could lead to a full compromise of the device. Moxa IKS and EDS Contains an information disclosure vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. MoxaIKS and EDS are Moxa's line of industrial switches. There are predictable cookie vulnerabilities in the MoxaIKS and EDS series. The vulnerability stems from the fact that the software generates a predictable cookie that uses the MD5 hash calculation. An attacker could exploit the vulnerability to capture an administrator password for complete control of the device. Moxa IKS and EDS are prone to following security vulnerabilities: 1. A cross-site-scripting vulnerability 2. Multiple stack-based buffer-overflow vulnerabilities 3. A security vulnerability 4. An information disclosure vulnerability 5. A cross-site request-forgery vulnerability 6. Multiple denial-of-service vulnerabilities 7. A security-bypass vulnerability 8. An authentication bypass vulnerability An attacker may leverage these issues to view arbitrary files within the context of the web server, execute arbitrary script code in the browser of the victim in the context of the affected site, steal cookie-based authentication credentials, gain access to sensitive information, compromise the application, access or modify data, reboot or crash of the application resulting in a denial of service condition, bypass security restrictions, or execute arbitrary code. This may lead to other vulnerabilities. The following Moxa products and versions are affected: IKS-G6824A series versions 4.5 and prior, EDS-405A series versions 3.8 and prior, EDS-408A series versions 3.8 and prior, and EDS-510A series versions 3.8 and prior. Moxa IKS-G6824A series are all products of Moxa Company in Taiwan, China. IKS-G6824A series is a series of rack-mount Ethernet switches. EDS-405A series is an EDS-405A series Ethernet switch. EDS-408A series is an EDS-408A series Ethernet switch. The vulnerability is caused by the program generating easily predictable cookies

Moxa IKS and EDS does not properly check authority on server side, which results in a read-only user being able to perform arbitrary configuration changes. Moxa IKS and EDS Contains an access control vulnerability.Information may be tampered with. MoxaIKS and EDS are Moxa's line of industrial switches. The vulnerability stems from the device failing to properly check permissions on the server side. An attacker could exploit this vulnerability to modify the configuration. A cross-site-scripting vulnerability 2. Multiple stack-based buffer-overflow vulnerabilities 3. A security vulnerability 4. An information disclosure vulnerability 5. A cross-site request-forgery vulnerability 6. Multiple denial-of-service vulnerabilities 7. A security-bypass vulnerability 8. An authentication bypass vulnerability An attacker may leverage these issues to view arbitrary files within the context of the web server, execute arbitrary script code in the browser of the victim in the context of the affected site, steal cookie-based authentication credentials, gain access to sensitive information, compromise the application, access or modify data, reboot or crash of the application resulting in a denial of service condition, bypass security restrictions, or execute arbitrary code. This may lead to other vulnerabilities. The following Moxa products and versions are affected: IKS-G6824A series versions 4.5 and prior, EDS-405A series versions 3.8 and prior, EDS-408A series versions 3.8 and prior, and EDS-510A series versions 3.8 and prior. Moxa IKS-G6824A series are all products of Moxa Company in Taiwan, China. IKS-G6824A series is a series of rack-mount Ethernet switches. EDS-405A series is an EDS-405A series Ethernet switch. EDS-408A series is an EDS-408A series Ethernet switch

Moxa IKS and EDS allow remote authenticated users to cause a denial of service via a specially crafted packet, which may cause the switch to crash. Moxa IKS and EDS Contains a resource exhaustion vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. MoxaIKS and EDS are Moxa's line of industrial switches. There are uncontrolled resource consumption vulnerabilities in the MoxaIKS and EDS series. Moxa IKS and EDS are prone to following security vulnerabilities: 1. A cross-site-scripting vulnerability 2. Multiple stack-based buffer-overflow vulnerabilities 3. A security vulnerability 4. An information disclosure vulnerability 5. A cross-site request-forgery vulnerability 6. Multiple denial-of-service vulnerabilities 7. A security-bypass vulnerability 8. An authentication bypass vulnerability An attacker may leverage these issues to view arbitrary files within the context of the web server, execute arbitrary script code in the browser of the victim in the context of the affected site, steal cookie-based authentication credentials, gain access to sensitive information, compromise the application, access or modify data, reboot or crash of the application resulting in a denial of service condition, bypass security restrictions, or execute arbitrary code. This may lead to other vulnerabilities. The following Moxa products and versions are affected: IKS-G6824A series versions 4.5 and prior, EDS-405A series versions 3.8 and prior, EDS-408A series versions 3.8 and prior, and EDS-510A series versions 3.8 and prior. Moxa IKS-G6824A series are all products of Moxa Company in Taiwan, China. IKS-G6824A series is a series of rack-mount Ethernet switches. EDS-405A series is an EDS-405A series Ethernet switch. EDS-408A series is an EDS-408A series Ethernet switch

Moxa IKS and EDS fails to properly validate user input, giving unauthenticated and authenticated attackers the ability to perform XSS attacks, which may be used to send a malicious script. Moxa IKS and EDS Contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. MoxaIKS and EDS are Moxa's line of industrial switches. A cross-site scripting vulnerability exists in the MoxaIKS and EDS series. The vulnerability stems from a failure to properly validate user input. An attacker could exploit this vulnerability for a cross-site scripting attack. A cross-site-scripting vulnerability 2. Multiple stack-based buffer-overflow vulnerabilities 3. A security vulnerability 4. An information disclosure vulnerability 5. Multiple denial-of-service vulnerabilities 7. A security-bypass vulnerability 8. An authentication bypass vulnerability An attacker may leverage these issues to view arbitrary files within the context of the web server, execute arbitrary script code in the browser of the victim in the context of the affected site, steal cookie-based authentication credentials, gain access to sensitive information, compromise the application, access or modify data, reboot or crash of the application resulting in a denial of service condition, bypass security restrictions, or execute arbitrary code. This may lead to other vulnerabilities. The following Moxa products and versions are affected: IKS-G6824A series versions 4.5 and prior, EDS-405A series versions 3.8 and prior, EDS-408A series versions 3.8 and prior, and EDS-510A series versions 3.8 and prior. Moxa IKS-G6824A series are all products of Moxa Company in Taiwan, China. IKS-G6824A series is a series of rack-mount Ethernet switches. EDS-405A series is an EDS-405A series Ethernet switch. EDS-408A series is an EDS-408A series Ethernet switch

If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. If the application then behaves differently based on that in a way that is detectable to the remote peer, then this amounts to a padding oracle that could be used to decrypt data. In order for this to be exploitable "non-stitched" ciphersuites must be in use. Stitched ciphersuites are optimised implementations of certain commonly used ciphersuites. Also the application must call SSL_shutdown() twice even if a protocol error has occurred (applications should not do this but some do anyway). Fixed in OpenSSL 1.0.2r (Affected 1.0.2-1.0.2q). OpenSSL Contains an information disclosure vulnerability.Information may be obtained. An attacker can exploit this issue to gain access to sensitive information that may aid in further attacks. The product supports a variety of encryption algorithms, including symmetric ciphers, hash algorithms, secure hash algorithms, etc. A vulnerability in OpenSSL could allow an unauthenticated, remote malicious user to access sensitive information on a targeted system. An attacker who is able to perform man-in-the-middle attacks could exploit the vulnerability by persuading a user to access a link that submits malicious input to the affected software. A successful exploit could allow the malicious user to intercept and modify the browser requests and then observe the server behavior in order to conduct a padding oracle attack and decrypt sensitive information. OpenSSL has confirmed the vulnerability and released software updates. For the stable distribution (stretch), this problem has been fixed in version 1.0.2r-1~deb9u1. For the detailed security status of openssl1.0 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/openssl1.0 Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlx4WgkACgkQEMKTtsN8 TjZZCQ//UdQ3Bi/ZSQJ2yzW7MkbuaHla53iUhztTy2Zrype++NX4tXqqBl+xY9Eu 1D747Y1c2GZ949UaPbIvp8wLCvvxR5A4Tmx4sU3ZOOHXrlsZ5loYg66MslGUOMOU z7zaqXTg3as8wfD6ND5Zd4tP0iLyst8Vyi0W7PuFovLoPAc3/XcMaXghSwabs+JY 3KZuB4UlbOiEnO+6Mf5ghWQYBtN7y/QAVNWREfLmhpx2UY8F7Ia28bR9pXknxkl5 RuN9WH2BtXI4/JiL0TlkAua51NE+vXciPv+Dh4gkQNPWF/rfL9IL5AxjrgojysHf OhZaDcYpOPCXZmiA49JOXJOrIw73Zd9NZmgA1ZXQY1ECQDJ8dB9mSJj1KsUId+Id eTbRRbWwpzSQd5qc4h4NKjeIwA04a3JecDibD3pwf3+qn9sw8xQ/rfAl2byGRbEN FUDT65AIw4CFQDJeIE/vBZqCFhY2aIbRoibpZnp0XsROkw8xKQiH0Kgo7gjsoozT wHYK/rlvaZwbnLG7E8pUUj9Xr8OM9Wn/y7kzyHVekGUcDef3F1pPJ9CYsdppx+Zv MkoFNxc9GZ+Kn2i4l14I3hvwQ4Sy3owNjnTYFQ28yd+MRZoMw+nyXW1i7OCu+KFH 7OQkd5qNDh8iotsaUKT0DQOOL74UDgEPv2x02ahujRl+I3YDDdM=NRWo -----END PGP SIGNATURE----- . ========================================================================== Ubuntu Security Notice USN-4376-2 July 09, 2020 openssl vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 14.04 ESM - Ubuntu 12.04 ESM Summary: Several security issues were fixed in OpenSSL. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: Cesar Pereida Garc\xeda, Sohaib ul Hassan, Nicola Tuveri, Iaroslav Gridin, Alejandro Cabrera Aldaya, and Billy Brumley discovered that OpenSSL incorrectly handled ECDSA signatures. An attacker could possibly use this issue to perform a timing side-channel attack and recover private ECDSA keys. (CVE-2019-1547) Juraj Somorovsky, Robert Merget, and Nimrod Aviram discovered that certain applications incorrectly used OpenSSL and could be exposed to a padding oracle attack. A remote attacker could possibly use this issue to decrypt data. (CVE-2019-1559) Bernd Edlinger discovered that OpenSSL incorrectly handled certain decryption functions. (CVE-2019-1563) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 ESM: libssl1.0.0 1.0.1f-1ubuntu2.27+esm1 Ubuntu 12.04 ESM: libssl1.0.0 1.0.1-4ubuntu5.44 After a standard system update you need to reboot your computer to make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: openssl security update Advisory ID: RHSA-2019:2471-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2019:2471 Issue date: 2019-08-13 CVE Names: CVE-2019-1559 ==================================================================== 1. Summary: An update for openssl is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library. Security Fix(es): * openssl: 0-byte record padding oracle (CVE-2019-1559) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. 5. Bugs fixed (https://bugzilla.redhat.com/): 1683804 - CVE-2019-1559 openssl: 0-byte record padding oracle 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: openssl-1.0.1e-58.el6_10.src.rpm i386: openssl-1.0.1e-58.el6_10.i686.rpm openssl-debuginfo-1.0.1e-58.el6_10.i686.rpm x86_64: openssl-1.0.1e-58.el6_10.i686.rpm openssl-1.0.1e-58.el6_10.x86_64.rpm openssl-debuginfo-1.0.1e-58.el6_10.i686.rpm openssl-debuginfo-1.0.1e-58.el6_10.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): i386: openssl-debuginfo-1.0.1e-58.el6_10.i686.rpm openssl-devel-1.0.1e-58.el6_10.i686.rpm openssl-perl-1.0.1e-58.el6_10.i686.rpm openssl-static-1.0.1e-58.el6_10.i686.rpm x86_64: openssl-debuginfo-1.0.1e-58.el6_10.i686.rpm openssl-debuginfo-1.0.1e-58.el6_10.x86_64.rpm openssl-devel-1.0.1e-58.el6_10.i686.rpm openssl-devel-1.0.1e-58.el6_10.x86_64.rpm openssl-perl-1.0.1e-58.el6_10.x86_64.rpm openssl-static-1.0.1e-58.el6_10.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: openssl-1.0.1e-58.el6_10.src.rpm x86_64: openssl-1.0.1e-58.el6_10.i686.rpm openssl-1.0.1e-58.el6_10.x86_64.rpm openssl-debuginfo-1.0.1e-58.el6_10.i686.rpm openssl-debuginfo-1.0.1e-58.el6_10.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): x86_64: openssl-debuginfo-1.0.1e-58.el6_10.i686.rpm openssl-debuginfo-1.0.1e-58.el6_10.x86_64.rpm openssl-devel-1.0.1e-58.el6_10.i686.rpm openssl-devel-1.0.1e-58.el6_10.x86_64.rpm openssl-perl-1.0.1e-58.el6_10.x86_64.rpm openssl-static-1.0.1e-58.el6_10.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: openssl-1.0.1e-58.el6_10.src.rpm i386: openssl-1.0.1e-58.el6_10.i686.rpm openssl-debuginfo-1.0.1e-58.el6_10.i686.rpm openssl-devel-1.0.1e-58.el6_10.i686.rpm ppc64: openssl-1.0.1e-58.el6_10.ppc.rpm openssl-1.0.1e-58.el6_10.ppc64.rpm openssl-debuginfo-1.0.1e-58.el6_10.ppc.rpm openssl-debuginfo-1.0.1e-58.el6_10.ppc64.rpm openssl-devel-1.0.1e-58.el6_10.ppc.rpm openssl-devel-1.0.1e-58.el6_10.ppc64.rpm s390x: openssl-1.0.1e-58.el6_10.s390.rpm openssl-1.0.1e-58.el6_10.s390x.rpm openssl-debuginfo-1.0.1e-58.el6_10.s390.rpm openssl-debuginfo-1.0.1e-58.el6_10.s390x.rpm openssl-devel-1.0.1e-58.el6_10.s390.rpm openssl-devel-1.0.1e-58.el6_10.s390x.rpm x86_64: openssl-1.0.1e-58.el6_10.i686.rpm openssl-1.0.1e-58.el6_10.x86_64.rpm openssl-debuginfo-1.0.1e-58.el6_10.i686.rpm openssl-debuginfo-1.0.1e-58.el6_10.x86_64.rpm openssl-devel-1.0.1e-58.el6_10.i686.rpm openssl-devel-1.0.1e-58.el6_10.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): i386: openssl-debuginfo-1.0.1e-58.el6_10.i686.rpm openssl-perl-1.0.1e-58.el6_10.i686.rpm openssl-static-1.0.1e-58.el6_10.i686.rpm ppc64: openssl-debuginfo-1.0.1e-58.el6_10.ppc64.rpm openssl-perl-1.0.1e-58.el6_10.ppc64.rpm openssl-static-1.0.1e-58.el6_10.ppc64.rpm s390x: openssl-debuginfo-1.0.1e-58.el6_10.s390x.rpm openssl-perl-1.0.1e-58.el6_10.s390x.rpm openssl-static-1.0.1e-58.el6_10.s390x.rpm x86_64: openssl-debuginfo-1.0.1e-58.el6_10.x86_64.rpm openssl-perl-1.0.1e-58.el6_10.x86_64.rpm openssl-static-1.0.1e-58.el6_10.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: openssl-1.0.1e-58.el6_10.src.rpm i386: openssl-1.0.1e-58.el6_10.i686.rpm openssl-debuginfo-1.0.1e-58.el6_10.i686.rpm openssl-devel-1.0.1e-58.el6_10.i686.rpm x86_64: openssl-1.0.1e-58.el6_10.i686.rpm openssl-1.0.1e-58.el6_10.x86_64.rpm openssl-debuginfo-1.0.1e-58.el6_10.i686.rpm openssl-debuginfo-1.0.1e-58.el6_10.x86_64.rpm openssl-devel-1.0.1e-58.el6_10.i686.rpm openssl-devel-1.0.1e-58.el6_10.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): i386: openssl-debuginfo-1.0.1e-58.el6_10.i686.rpm openssl-perl-1.0.1e-58.el6_10.i686.rpm openssl-static-1.0.1e-58.el6_10.i686.rpm x86_64: openssl-debuginfo-1.0.1e-58.el6_10.x86_64.rpm openssl-perl-1.0.1e-58.el6_10.x86_64.rpm openssl-static-1.0.1e-58.el6_10.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2019-1559 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2019 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBXVLQoNzjgjWX9erEAQhrPw/9GCD2YzodBEbKTACKVI0Q4MmLL/RWDmkJ tbqTRrZO9b84CIh8nZKB5bra3/ujBPVkYglD8OM1n7aqETipvIPzo4UsNJRmUbSa UKWpFzyJEr+d76xI6HIlkPRV9V6ISb11hR3wpr63zoVBX16ac3dD5uv/Z758zNjO aMw4/MiLyNcHVcL23RaLzgkw36+0t8N4aRBtKFIrBP3NmSRfZdlVOTHq5YjIR096 SkMDgDX+inbPXdnONEDBkvf2c/icNzhmKlBysoA8EdC9h2Dpr44kBUTDPtl8zUDG jH9D8QVdQfs0Ze97Tfm/+w4p8EbXWwv7f6lz1TEqZFobaut2w9PCpXMFnmZTArMf pAQzUw3ADLCR8cKIsXAvckKvCeiuAOdoA+W19iyyxvJTNm5TCRxBzpZRR694cwxN BjPAsm8TbRkkmzmlZfHl+BFHZwDFOU6P0VJEtS3fR2Q0QpaJloPIgYkaJ+VeXeGd KH2USEMDZPXV8XCeSYQSca+1tPb/4LCcen9J7ZTij8jOHVwyaRqVIjU7UbtErCQM ZG9VVC65IEmHoLQOAF+mQBnZJzuP1+Ne8fbRT2naFb05k+j/xhbLGdarEUVqQQhu 8JWKauxZ54qWPBz6h2YJbv4DsOHWEIWiI73fxztxqNuyFFAyn31AUDGMMyJ6X4lT NaUmqnSxAX4=3jdt -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Description: Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector (mod_cluster), the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.2 serves as a replacement for Red Hat JBoss Web Server 5.1, and includes bug fixes, enhancements, and component upgrades, which are documented in the Release Notes, linked to in the References. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. The following packages have been upgraded to a later upstream version: imgbased (1.1.9), ovirt-node-ng (4.3.5), redhat-release-virtualization-host (4.3.5), redhat-virtualization-host (4.3.5). Bugs fixed (https://bugzilla.redhat.com/): 1640820 - CVE-2018-16838 sssd: improper implementation of GPOs due to too restrictive permissions 1658366 - CVE-2018-16881 rsyslog: imptcp: integer overflow when Octet-Counted TCP Framing is enabled 1683804 - CVE-2019-1559 openssl: 0-byte record padding oracle 1687920 - RHVH fails to reinstall if required size is exceeding the available disk space due to anaconda bug 1694065 - CVE-2019-0161 edk2: stack overflow in XHCI causing denial of service 1702223 - Rebase RHV-H on RHEL 7.7 1709829 - CVE-2019-10139 cockpit-ovirt: admin and appliance passwords saved in plain text variable file during HE deployment 1718388 - CVE-2019-10160 python: regression of CVE-2019-9636 due to functional fix to allow port numbers in netloc 1720156 - RHVH 4.3.4 version info is incorrect in plymouth and "/etc/os-release" 1720160 - RHVH 4.3.4: Incorrect info in /etc/system-release-cpe 1720310 - RHV-H post-installation scripts failing, due to existing tags 1720434 - RHVH 7.7 brand is wrong in Anaconda GUI. 1720435 - Failed to install RHVH 7.7 1720436 - RHVH 7.7 should based on RHEL 7.7 server but not workstation. 1724044 - Failed dependencies occur during install systemtap package. 1726534 - dhclient fails to load libdns-export.so.1102 after upgrade if the user installed library is not persisted on the new layer 1727007 - Update RHVH 7.7 branding with new Red Hat logo 1727859 - Failed to boot after upgrading a host with a custom kernel 1728998 - "nodectl info" displays error after RHVH installation 1729023 - The error message is inappropriate when run `imgbase layout --init` on current layout 6. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/openssl-1.0.2r-i586-1_slack14.2.txz: Upgraded. Go into the error state if a fatal alert is sent or received. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1559 (* Security fix *) patches/packages/openssl-solibs-1.0.2r-i586-1_slack14.2.txz: Upgraded. +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated packages for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/openssl-1.0.2r-i586-1_slack14.2.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/openssl-solibs-1.0.2r-i586-1_slack14.2.txz Updated packages for Slackware x86_64 14.2: ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/openssl-1.0.2r-x86_64-1_slack14.2.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/openssl-solibs-1.0.2r-x86_64-1_slack14.2.txz MD5 signatures: +-------------+ Slackware 14.2 packages: b23a71963648d515630497f203eefab8 openssl-1.0.2r-i586-1_slack14.2.txz 8b04a9be9b78052791f02428be44a639 openssl-solibs-1.0.2r-i586-1_slack14.2.txz Slackware x86_64 14.2 packages: c183c2ad507a65020f13c0dc154c0b11 openssl-1.0.2r-x86_64-1_slack14.2.txz d656915855edd6365636ac558b8180cb openssl-solibs-1.0.2r-x86_64-1_slack14.2.txz Installation instructions: +------------------------+ Upgrade the packages as root: # upgradepkg openssl-1.0.2r-i586-1_slack14.2.txz openssl-solibs-1.0.2r-i586-1_slack14.2.txz +-----+ Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com +------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address

Cross-site scripting (XSS) vulnerability in F5 BIG-IP Access Policy Manager (APM) 11.5.x and 11.6.x Admin Web UI. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. F5 BIG-IP APM versions 4.6.0 and 11.5.1 through 11.6.3 are vulnerable

The Fixon K2 wireless router is a wireless router for home use. The Fidelity K2 wireless router has a command execution vulnerability. The vulnerability stems from the failure to filter the two parameters timeRebootEnablestatus and timeRebootrange. Attackers can use this vulnerability to execute arbitrary commands.

A DoS Vulnerability was found in JP1/Base.An attacker may conduct denial-of-service attacks.

A Remote Code Execution vulnerability in lmgrd and vendor daemon components of FlexNet Publisher version 11.16.1.0 and earlier could allow a remote attacker to corrupt the memory by allocating / deallocating memory, loading lmgrd or the vendor daemon and causing the heartbeat between lmgrd and the vendor daemon to stop. This would force the vendor daemon to shut down. No exploit of this vulnerability has been demonstrated. FlexNet Publisher Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Schneider Electric Floating License Manager is prone to multiple security vulnerabilities Attackers can exploit these issues to shut down the affected device, denying service to legitimate users. Floating License Manager version 2.3.0.0 and prior are vulnerable

Improper validation of array index can lead to unauthorized access while processing debugFS in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in version MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS605, SD 210/SD 212/SD 205, SD 425, SD 439 / SD 429, SD 615/16/SD 415, SD 625, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24. plural Snapdragon The product contains a vulnerability related to array index validation.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. QualcommMDM9206 and other products are products of Qualcomm. The MDM9206 is a central processing unit (CPU) product. The SDX24 is a modem. The SD425 is a central processing unit (CPU) product. An unauthorized access vulnerability exists in Display in several Qualcomm products due to a program failing to properly validate an array index that an attacker could use to gain unauthorized access

An issue was discovered on D-Link DIR-878 1.12B01 devices. Because strncpy is misused, there is a stack-based buffer overflow vulnerability that does not require authentication via the HNAP_AUTH HTTP header. D-Link DIR-878 The device contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. D-LinkDIR-878 is a wireless router from D-Link Corporation of Taiwan, China. A buffer overflow vulnerability exists in D-LinkDIR-8781.12B01. A remote attacker can exploit the vulnerability with the \342\200\230HNAP_AUTH\342\200\231 HTTP header to execute code

An issue was discovered on D-Link DIR-878 1.12B01 devices. At the /HNAP1 URI, an attacker can log in with a blank password. D-Link DIR-878 The device contains vulnerabilities related to certificate and password management.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. D-LinkDIR-878 is a wireless router from D-Link Corporation of Taiwan, China. A security vulnerability exists in /HNAP1URI in D-LinkDIR-8781.12B01

An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. There is an information disclosure vulnerability via requests for the router_info.xml document. This will reveal the PIN code, MAC address, routing table, firmware version, update time, QOS information, LAN information, and WLAN information of the device. D-Link DIR-825 Devices have vulnerabilities related to authorization, permissions, and access control.Information may be obtained. D-LinkDIR-825 is a router from D-Link Corporation of Taiwan, China

An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. They allow remote attackers to execute arbitrary commands via the ntp_server parameter in an ntp_sync.cgi POST request. D-Link DIR-825 The device contains a command injection vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. D-LinkDIR-825 is a router from D-Link Corporation of Taiwan, China. A security vulnerability exists in D-LinkDIR-8252.10

An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. The "user" account has a blank password. D-Link DIR-825 The device contains an authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. D-LinkDIR-825 is a router from D-Link Corporation of Taiwan, China. A security vulnerability exists in D-LinkDIR-825B2.10, which was caused by a null password used by the \342\200\230user\342\200\231 account. An attacker could use this vulnerability to log in to the router