VARIoT IoT vulnerabilities database

A vulnerability in the Akamai Connect feature of Cisco Wide Area Application Services (WAAS) Appliances could allow an unauthenticated, remote attacker to cause a denial-of-service (DoS) condition on an affected device. The vulnerability is due to certain file-handling inefficiencies of the affected system. An attacker could exploit this vulnerability by directing client systems to access a corrupted file that the client systems cannot decompress correctly. A successful exploit could allow the attacker to cause the affected device to crash or hang unexpectedly and result in a DoS condition that may require manual intervention to regain normal operating conditions. Cisco Bug IDs: CSCve82472. Vendors have confirmed this vulnerability Bug ID CSCve82472 It is released as.Service operation interruption (DoS) There is a possibility of being put into a state. An attacker can exploit this issue to cause a denial-of-service condition, denying service to legitimate users. This software is mainly used in the link environment with small bandwidth and large delay

A vulnerability in the web framework of Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of an affected system. The vulnerability is due to insufficient input validation of some parameters that are passed to the web server of the affected system. An attacker could exploit this vulnerability by convincing a user to follow a malicious link or by intercepting a user request and injecting malicious code into the request. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected web interface or allow the attacker to access sensitive browser-based information. Cisco Bug IDs: CSCve96608. Vendors have confirmed this vulnerability Bug ID CSCve96608 It is released as.Information may be obtained and information may be altered. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. Cisco WebEx Meetings Server (CWMS) is a set of multi-functional conference solutions including audio, video and Web conference in Cisco's WebEx conference solution

A vulnerability in the web-based UI of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to execute a cross-frame scripting (XFS) attack. The vulnerability exists because the affected software does not provide sufficient protections for HTML inline frames (iframes). An attacker could exploit this vulnerability by directing a user of the affected software to an attacker-controlled web page that contains a malicious HTML inline frame. A successful exploit could allow the attacker to conduct click-jacking or other types of client-side browser attacks. Cisco Bug IDs: CSCve60993. Vendors have confirmed this vulnerability Bug ID CSCve60993 It is released as.Information may be obtained and information may be altered. This component provides a scalable, distributed and highly available enterprise IP telephony call processing solution

A vulnerability in the Web Admin Interface of Cisco Meeting Server could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to insufficient bound checks performed by the affected software. An attacker could exploit this vulnerability by sending a malicious HTTP packet to the affected system. A successful exploit could allow the attacker to cause a reload of the Web Admin Server. Cisco Bug IDs: CSCve89149. Cisco Meeting Server Contains an input validation vulnerability. Vendors have confirmed this vulnerability Bug ID CSCve89149 It is released as.Service operation interruption (DoS) There is a possibility of being put into a state. Web Admin Interface is one of the Web login interfaces

A vulnerability in the web-based management interface of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device, aka HREF XSS. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information. The vulnerability exists in the Cisco Adaptive Security Appliance (ASA) Software when the WEBVPN feature is enabled. Cisco Bug IDs: CSCve91068. Vendors have confirmed this vulnerability Bug ID CSCve91068 It is released as.Information may be obtained and information may be altered. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks

A vulnerability in the routine that loads DLL files in Cisco Meeting App for Windows could allow an authenticated, local attacker to run an executable file with privileges equivalent to those of Cisco Meeting App. The vulnerability is due to incomplete input validation of the path name for DLL files before they are loaded. An attacker could exploit this vulnerability by installing a crafted DLL file in a specific system directory. A successful exploit could allow the attacker to execute commands on the underlying Microsoft Windows host with privileges equivalent to those of Cisco Meeting App. The attacker would need valid user credentials to exploit this vulnerability. Cisco Bug IDs: CSCvd77907. Vendors have confirmed this vulnerability Bug ID CSCvd77907 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Failed exploit attempts will result in a denial of service condition

A vulnerability in the Independent Computing Architecture (ICA) accelerator feature for the Cisco Wide Area Application Services (WAAS) could allow an unauthenticated, remote attacker to cause an ICA application optimization-related process to restart, resulting in a partial denial of service (DoS) condition. The vulnerability is due to improperly aborting a connection when an unexpected protocol packet is received. An attacker could exploit this vulnerability by sending a crafted ICA traffic through the targeted device. A successful exploit could allow the attacker to cause a DoS condition that is due to a process unexpectedly restarting. The Cisco WAAS could drop ICA traffic while the process is restarting. This vulnerability affects Cisco Wide Area Application Services (WAAS) and Cisco Virtual Wide Area Application Services (vWAAS). Cisco Bug IDs: CSCve74457. Vendors have confirmed this vulnerability Bug ID CSCve74457 It is released as.Service operation interruption (DoS) There is a possibility of being put into a state. This software is mainly used in the link environment with small bandwidth and large delay

A vulnerability in the Network Access Manager (NAM) of Cisco AnyConnect Secure Mobility Client could allow an authenticated, local attacker to enable multiple network adapters, aka a Dual-Homed Interface vulnerability. The vulnerability is due to insufficient NAM policy enforcement. An attacker could exploit this vulnerability by manipulating network interfaces of the device to allow multiple active network interfaces. A successful exploit could allow the attacker to send traffic over a non-authorized network interface. Cisco Bug IDs: CSCvf66539. Vendors have confirmed this vulnerability Bug ID CSCvf66539 It is released as.Information may be tampered with. An attacker may exploit this issue to bypass certain security restrictions and perform unauthorized actions. Network Access Manager (NAM) is one of the network access managers

A vulnerability in the gRPC code of Cisco IOS XR Software for Cisco Network Convergence System (NCS) 5500 Series Routers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition when the emsd service stops. The vulnerability is due to the software's inability to process HTTP/2 packets. An attacker could exploit this vulnerability by sending a malformed HTTP/2 frame to the affected device. A successful exploit could allow the attacker to create a DoS condition when the emsd service stops. Cisco Bug IDs: CSCvb99388. Vendors have confirmed this vulnerability Bug ID CSCvb99388 It is released as.Service operation interruption (DoS) There is a possibility of being put into a state. IOSXRSoftware is one of a modular, distributed network operating system. Note: Successful exploitation of the issue is possible only if the gRPC is enabled on the device

Remote manipulations with language pack updater lead to NTLM-relay attack for system user in Gemalto's HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE version 7.55. Both Gemalto HASP SRM and Sentinel HASP are dongle drivers from Gemalto. Sentinel LDK is a license management tool. Attackers can exploit this vulnerability to implement NTLM relay attacks

A vulnerability in the web interface of Cisco License Manager software could allow an unauthenticated, remote attacker to download and view files within the application that should be restricted, aka Directory Traversal. The issue is due to improper sanitization of user-supplied input in HTTP request parameters that describe filenames. An attacker could exploit this vulnerability by using directory traversal techniques to submit a path to a desired file location. An exploit could allow the attacker to view application files that may contain sensitive information. Cisco Bug IDs: CSCvd83577. Vendors have confirmed this vulnerability Bug ID CSCvd83577 It is released as.Information may be obtained. Authentication is not required to exploit this vulnerability.The specific flaw exists within the ReportCSV servlet, which listens on TCP port 8080 by default. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to read any files accessible to the SYSTEM user. This software is used to activate Cisco equipment and software, and obtain equipment licenses or product keys online

Stack overflow in custom XML-parser in Gemalto's HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE version 7.55 leads to remote denial of service. Gemalto Sentinel License Manager is prone to the following security vulnerabilities: 1. Multiple stack-based buffer-overflow vulnerabilities. 2. Multiple heap-based buffer-overflow vulnerabilities. 3. A security bypass vulnerability. 4. A denial-of-service vulnerability. Attackers can exploit these issues to execute arbitrary code in the context of the user running the affected application or perform unauthorized actions. Failed exploit attempts will likely cause a denial-of-service condition. Gemalto Sentinel LDK RTE is a license management tool of American Gemalto (Gemalto). custom XML-parser is one of the XML parsers. A remote attacker could exploit this vulnerability to cause a denial of service

Stack based buffer overflow in Ipswitch IMail server up to and including 12.5.5 allows remote attackers to execute arbitrary code via unspecified vectors in IMmailSrv, aka ETBL or ETCETERABLUE. Ipswitch IMail Server Contains a buffer error vulnerability. This vulnerability is also known as “ ETBL Or ETCETERABLUE Is called.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Ipswitch IMail Server is an American Ipswitch company's mail server running on the Microsoft Windows operating system. A remote attacker could exploit this vulnerability to execute arbitrary code

Stack based buffer overflow in Ipswitch IMail server up to and including 12.5.5 allows remote attackers to execute arbitrary code via unspecified vectors in IMmailSrv, aka ETRE or ETCTERARED. Ipswitch IMail Server Contains a buffer error vulnerability. This vulnerability is also known as “ ETRE Or ETCTERARED Is called.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Ipswitch IMail Server is an American Ipswitch company's mail server running on the Microsoft Windows operating system. A remote attacker could exploit this vulnerability to execute arbitrary code

Services and files in Lenovo Fingerprint Manager before 8.01.42 have incorrect ACLs, which allows local users to invalidate local checks and gain privileges via standard filesystem operations. Lenovo Fingerprint Manager Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Lenovo Fingerprint Manager is a set of fingerprint identification sensor drivers developed by Lenovo in China for the Thinkpad series. There is a privilege escalation vulnerability in Lenovo Fingerprint Manager versions earlier than 8.01.42. The vulnerability is caused by incorrect access control lists (ACLs) in Services and files. A local attacker can exploit this vulnerability by running an executable file with administrator privileges to disable local detection and elevate privileges

Hikvision DS-2CD2710F-I and DS-5C-I Series are webcam products developed by China Hikvision. There is an unauthorized operation loophole in the image setting interface of Hikvision webcam, and the validity of the parameters cannot be verified during reception and processing. An attacker could use this vulnerability to perform unauthorized operations.

Hikvision DS-2CD2710F-I and DS-5C-I Series are webcam products developed by China Hikvision. Hikvision has loopholes in design logic, and failed to correctly verify the wrong parameters when receiving and processing standard parameters. An attacker could use the vulnerability to cause the device to restart.

In lib/ofp-util.c in Open vSwitch (OvS) before 2.8.1, there are multiple memory leaks while parsing malformed OpenFlow group mod messages. NOTE: the vendor disputes the relevance of this report, stating "it can only be triggered by an OpenFlow controller, but OpenFlow controllers have much more direct and powerful ways to force Open vSwitch to allocate memory, such as by inserting flows into the flow table.". Open vSwitch (OvS) Contains a resource exhaustion vulnerability. Vendors are contesting this vulnerability. For details, see NVD of Current Description Please Confirm. https://nvd.nist.gov/vuln/detail/CVE-2017-14970Service operation interruption (DoS) There is a possibility of being put into a state. OpenvSwitch (OvS) is a multi-layer virtual switch product based on open source technology (subject to Apache 2.0 license). It supports large-scale network automation, standard management interfaces and protocols through programming extensions. A security vulnerability exists in the lib/ofp-util.c file in versions prior to OvS 2.8.1. A remote attacker could exploit the vulnerability to cause a denial of service. through programming extensions

Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response. Dnsmasq versions 2.77 and earlier contains multiple vulnerabilities. dnsmasq Exists in a buffer error vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Multiple Siemens SCALANCE Products are prone to the following security vulnerabilities: 1. A buffer-overflow vulnerability 2. This BID is being retired as a duplicate of BID 101085 Dnsmasq VU#973527 Multiple Security Vulnerabilities. =========================================================================== Ubuntu Security Notice USN-3430-3 January 04, 2018 dnsmasq regression =========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 12.04 ESM Summary: USN-3430-2 introduced regression in Dnsmasq. Software Description: - dnsmasq: Small caching DNS proxy and DHCP/TFTP server Details: USN-3430-2 fixed several vulnerabilities. The update introduced a new regression that breaks DNS resolution. This update addresses the problem. We apologize for the inconvenience. Original advisory details: Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher discovered that Dnsmasq incorrectly handled DNS requests. (CVE-2017-14491) Felix Wilhelm, Fermin J. (CVE-2017-14492) Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher discovered that Dnsmasq incorrectly handled DHCPv6 requests. (CVE-2017-14493) Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher discovered that Dnsmasq incorrectly handled DHCPv6 packets. (CVE-2017-14494) Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher discovered that Dnsmasq incorrectly handled DNS requests. A remote attacker could use this issue to cause Dnsmasq to consume memory, resulting in a denial of service. (CVE-2017-14495) Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher discovered that Dnsmasq incorrectly handled DNS requests. (CVE-2017-14496) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 12.04 ESM: dnsmasq=C2=A02.59-4ubuntu0.4 dnsmasq-base2.59-4ubuntu0.4 dnsmasq-utils2.59-4ubuntu0.4 After a standard system update you need to reboot your computer to make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: dnsmasq security update Advisory ID: RHSA-2017:2837-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:2837 Issue date: 2017-10-02 CVE Names: CVE-2017-14491 CVE-2017-14492 CVE-2017-14493 CVE-2017-14494 ===================================================================== 1. Summary: An update for dnsmasq is now available for Red Hat Enterprise Linux 7.2 Extended Update Support and Red Hat Enterprise Linux 7.3 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux ComputeNode EUS (v. 7.2) - x86_64 Red Hat Enterprise Linux ComputeNode EUS (v. 7.3) - x86_64 Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2) - x86_64 Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3) - x86_64 Red Hat Enterprise Linux Server EUS (v. 7.2) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server EUS (v. 7.3) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional EUS (v. 7.2) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional EUS (v. 7.3) - ppc64, ppc64le, s390x, x86_64 3. Description: The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server. Security Fix(es): * A heap buffer overflow was found in dnsmasq in the code responsible for building DNS replies. (CVE-2017-14491) * A heap buffer overflow was discovered in dnsmasq in the IPv6 router advertisement (RA) handling code. This issue only affected configurations using one of these options: enable-ra, ra-only, slaac, ra-names, ra-advrouter, or ra-stateless. (CVE-2017-14492) * A stack buffer overflow was found in dnsmasq in the DHCPv6 code. (CVE-2017-14493) * An information leak was found in dnsmasq in the DHCPv6 relay code. An attacker on the local network could send crafted DHCPv6 packets to dnsmasq causing it to forward the contents of process memory, potentially leaking sensitive data. (CVE-2017-14494) Red Hat would like to thank Felix Wilhelm (Google Security Team), Fermin J. Serna (Google Security Team), Gabriel Campana (Google Security Team), Kevin Hamacher (Google Security Team), and Ron Bowes (Google Security Team) for reporting these issues. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1495409 - CVE-2017-14491 dnsmasq: heap overflow in the code responsible for building DNS replies 1495410 - CVE-2017-14492 dnsmasq: heap overflow in the IPv6 router advertisement code 1495411 - CVE-2017-14493 dnsmasq: stack buffer overflow in the DHCPv6 code 1495412 - CVE-2017-14494 dnsmasq: information leak in the DHCPv6 relay code 6. Package List: Red Hat Enterprise Linux ComputeNode EUS (v. 7.2): Source: dnsmasq-2.66-14.el7_2.2.src.rpm x86_64: dnsmasq-2.66-14.el7_2.2.x86_64.rpm dnsmasq-debuginfo-2.66-14.el7_2.2.x86_64.rpm Red Hat Enterprise Linux ComputeNode EUS (v. 7.3): Source: dnsmasq-2.66-21.el7_3.2.src.rpm x86_64: dnsmasq-2.66-21.el7_3.2.x86_64.rpm dnsmasq-debuginfo-2.66-21.el7_3.2.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2): x86_64: dnsmasq-debuginfo-2.66-14.el7_2.2.x86_64.rpm dnsmasq-utils-2.66-14.el7_2.2.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3): x86_64: dnsmasq-debuginfo-2.66-21.el7_3.2.x86_64.rpm dnsmasq-utils-2.66-21.el7_3.2.x86_64.rpm Red Hat Enterprise Linux Server EUS (v. 7.2): Source: dnsmasq-2.66-14.el7_2.2.src.rpm ppc64: dnsmasq-2.66-14.el7_2.2.ppc64.rpm dnsmasq-debuginfo-2.66-14.el7_2.2.ppc64.rpm ppc64le: dnsmasq-2.66-14.el7_2.2.ppc64le.rpm dnsmasq-debuginfo-2.66-14.el7_2.2.ppc64le.rpm s390x: dnsmasq-2.66-14.el7_2.2.s390x.rpm dnsmasq-debuginfo-2.66-14.el7_2.2.s390x.rpm x86_64: dnsmasq-2.66-14.el7_2.2.x86_64.rpm dnsmasq-debuginfo-2.66-14.el7_2.2.x86_64.rpm Red Hat Enterprise Linux Server EUS (v. 7.3): Source: dnsmasq-2.66-21.el7_3.2.src.rpm ppc64: dnsmasq-2.66-21.el7_3.2.ppc64.rpm dnsmasq-debuginfo-2.66-21.el7_3.2.ppc64.rpm ppc64le: dnsmasq-2.66-21.el7_3.2.ppc64le.rpm dnsmasq-debuginfo-2.66-21.el7_3.2.ppc64le.rpm s390x: dnsmasq-2.66-21.el7_3.2.s390x.rpm dnsmasq-debuginfo-2.66-21.el7_3.2.s390x.rpm x86_64: dnsmasq-2.66-21.el7_3.2.x86_64.rpm dnsmasq-debuginfo-2.66-21.el7_3.2.x86_64.rpm Red Hat Enterprise Linux Server Optional EUS (v. 7.2): ppc64: dnsmasq-debuginfo-2.66-14.el7_2.2.ppc64.rpm dnsmasq-utils-2.66-14.el7_2.2.ppc64.rpm ppc64le: dnsmasq-debuginfo-2.66-14.el7_2.2.ppc64le.rpm dnsmasq-utils-2.66-14.el7_2.2.ppc64le.rpm s390x: dnsmasq-debuginfo-2.66-14.el7_2.2.s390x.rpm dnsmasq-utils-2.66-14.el7_2.2.s390x.rpm x86_64: dnsmasq-debuginfo-2.66-14.el7_2.2.x86_64.rpm dnsmasq-utils-2.66-14.el7_2.2.x86_64.rpm Red Hat Enterprise Linux Server Optional EUS (v. 7.3): ppc64: dnsmasq-debuginfo-2.66-21.el7_3.2.ppc64.rpm dnsmasq-utils-2.66-21.el7_3.2.ppc64.rpm ppc64le: dnsmasq-debuginfo-2.66-21.el7_3.2.ppc64le.rpm dnsmasq-utils-2.66-21.el7_3.2.ppc64le.rpm s390x: dnsmasq-debuginfo-2.66-21.el7_3.2.s390x.rpm dnsmasq-utils-2.66-21.el7_3.2.s390x.rpm x86_64: dnsmasq-debuginfo-2.66-21.el7_3.2.x86_64.rpm dnsmasq-utils-2.66-21.el7_3.2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2017-14491 https://access.redhat.com/security/cve/CVE-2017-14492 https://access.redhat.com/security/cve/CVE-2017-14493 https://access.redhat.com/security/cve/CVE-2017-14494 https://access.redhat.com/security/updates/classification/#critical https://access.redhat.com/security/vulnerabilities/3199382 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFZ0mgAXlSAg2UNWIIRAjO5AKCLm+Q/dlf8ARY5gQ34AkiIeWXCSwCdHYO/ 9aC3xN495X7ocyJg/PeZjNk= =cZi/ -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-dns/dnsmasq < 2.78 >= 2.78 Description =========== Multiple vulnerabilities have been discovered in Dnsmasq. Workaround ========== There is no known workaround at this time. Resolution ========== All Dnsmasq users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-dns/dnsmasq-2.78" References ========== [ 1 ] CVE-2017-14491 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14491 [ 2 ] CVE-2017-14492 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14492 [ 3 ] CVE-2017-14493 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14493 [ 4 ] CVE-2017-14494 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14494 [ 5 ] CVE-2017-14495 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14495 [ 6 ] CVE-2017-14496 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14496 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201710-27 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2017 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . 5.9 server) - i386, ia64, x86_64 3

Huawei Honor 5S smart phones with software the versions before TAG-TL00C01B173 have an authentication bypass vulnerability due to the improper design of some components. An attacker can get a user's smart phone and install malicious apps in the mobile phone, allowing the attacker to reset the password and fingerprint of the phone without authentication. Huawei Honor 5S Smartphone software contains authentication vulnerabilities.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. HuaweiHonor5S is a smartphone from China's Huawei company. HuaweiHonor5S has an authentication bypass vulnerability