VARIoT IoT vulnerabilities database
| VAR-201403-0209 | CVE-2014-0705 | Cisco Wireless LAN Controller Service disruption in device multicast listener discovery service (DoS) Vulnerabilities |
CVSS V2: 7.1 CVSS V3: - Severity: HIGH |
The multicast listener discovery (MLD) service on Cisco Wireless LAN Controller (WLC) devices 7.2, 7.3, 7.4 before 7.4.121.0, and 7.5, when MLDv2 Snooping is enabled, allows remote attackers to cause a denial of service (device restart) via a malformed IPv6 MLDv2 packet, aka Bug ID CSCuh74233. Vendors have confirmed this vulnerability Bug ID CSCuh74233 It is released as.Malformed by a third party IPv6 MLDv2 Service disruption via packets ( Reboot device ) There is a possibility of being put into a state. The Cisco Wireless LAN Controller is responsible for system-wide wireless LAN functions such as security policy, intrusion protection, RF management, quality of service, and mobility.
Attackers can exploit this issue to cause the affected device to restart, denying service to legitimate users.
This issue is being tracked by Cisco Bug ID CSCuh74233
| VAR-201403-0210 | CVE-2014-0706 | Cisco Wireless LAN Controller Service disruption on devices (DoS) Vulnerabilities |
CVSS V2: 7.8 CVSS V3: - Severity: HIGH |
Cisco Wireless LAN Controller (WLC) devices 7.2 before 7.2.115.2, 7.3, and 7.4 before 7.4.110.0 allow remote attackers to cause a denial of service (device restart) via a crafted 802.11 Ethernet frame, aka Bug ID CSCue87929.
Attackers can exploit this issue to cause the affected device to restart, denying service to legitimate users.
This issue is being tracked by Cisco Bug ID CSCue87929. Cisco WLC devices have security vulnerabilities
| VAR-201403-0211 | CVE-2014-0707 | Cisco Wireless LAN Controller Denial of service on device (DoS) Vulnerability |
CVSS V2: 7.8 CVSS V3: - Severity: HIGH |
Cisco Wireless LAN Controller (WLC) devices 7.2, 7.3, and 7.4 before 7.4.110.0 allow remote attackers to cause a denial of service (device restart) via a crafted 802.11 Ethernet frame, aka Bug ID CSCuf80681.
Attackers can exploit this issue to cause the affected device to restart, denying service to legitimate users.
This issue is being tracked by Cisco Bug ID CSCuf80681
| VAR-201403-0550 | No CVE | SAP EBP Catalog Interface (SRM-EBP-CAT) Information Disclosure Vulnerability |
CVSS V2: 2.1 CVSS V3: - Severity: LOW |
The Catalog Interface is a log that ensures trouble-free communication between the SAP system and external directories. The SAP EBP Catalog Interface (SRM-EBP-CAT) has an information disclosure vulnerability that allows an attacker to exploit a vulnerability to access potentially sensitive information
| VAR-201403-0720 | No CVE | Samsung Proprietary Android Backdoor Unauthorized Access Vulnerability |
CVSS V2: - CVSS V3: - Severity: - |
Samsung Android is prone to an unauthorized-access vulnerability.
Attackers can exploit this issue to execute arbitrary RFS commands on the affected device. This may aid in further attacks.
| VAR-201403-0306 | CVE-2014-2321 | ZTE F460/F660 backdoor unauthorized access vulnerability |
CVSS V2: 10.0 CVSS V3: - Severity: High |
web_shell_cmd.gch on ZTE F460 and F660 cable modems allows remote attackers to obtain administrative access via sendcmd requests, as demonstrated by using "set TelnetCfg" commands to enable a TELNET service with specified credentials. ZTE F460/F660 cable modems contain an unauthenticated backdoor. ZTE Provided by F460/F660 Has a problem with accessing the product without authorization. ZTE Provided by F460/F660 Without authentication web_shell_cmd.gch There is an issue with access to the script.A remote attacker may execute arbitrary commands with administrator privileges for the device. ZTE of ZTE F460 and ZTE F660 contains vulnerabilities related to authorization, privileges, and access control.None. ZTE F460/F660 are cable modem products. The web_shell_cmd.gch script accepts unauthenticated commands and can be accessed from the WAN interface. ZTE F460/F660 are prone to an unauthorized-access vulnerability. This may aid in further attacks. A security vulnerability exists in the web_shell_cmd.gch script file of ZTE F460 and F660 fiber optic modems. A remote attacker can exploit this vulnerability to gain administrative privileges by sending a sendcmd request
| VAR-201404-0682 | CVE-2014-0088 | nginx of ngx_http_spdy_module Module SPDY Vulnerabilities in arbitrary code execution |
CVSS V2: 7.5 CVSS V3: - Severity: HIGH |
The SPDY implementation in the ngx_http_spdy_module module in nginx 1.5.10 before 1.5.11, when running on a 32-bit platform, allows remote attackers to execute arbitrary code via a crafted request.
An attacker can exploit this issue to execute arbitrary code in the context of the affected application.
nginx SPDY Implementation 1.5.10 is vulnerable. nginx is a lightweight web server/reverse proxy server and email (IMAP/POP3) proxy server developed by Russian programmer Igor Sysoev
| VAR-201403-0386 | CVE-2014-1911 | Foscam IP camera authentication bypass vulnerability |
CVSS V2: 7.8 CVSS V3: - Severity: HIGH |
The Foscam FI8910W camera with firmware before 11.37.2.55 allows remote attackers to obtain sensitive video and image data via a blank username and password. The FI8910W Foscam IP camera running firmware version 11.37.2.54 fails to properly authenticate users. Foscam Provided by FI8910W There is an authentication bypass vulnerability (CWE-592) Exists. CWE-592: Authentication Bypass Issues http://cwe.mitre.org/data/definitions/592.htmlA remote attacker may be able to access video streaming or image files. FOSCAM IP-Cameras is a webcam device. FOSCAM FI8910W IP camera is prone to an authentication-bypass vulnerability.
Attackers may exploit this issue to execute arbitrary commands, gain unauthorized access, or bypass intended security restrictions. Other attacks may also be possible.
http://drupal.org/node/207891
| VAR-201403-0460 | CVE-2014-2234 | Apple OS X of OpenSSL Specific for Apple Vulnerabilities in patches that prevent additional validation within custom applications |
CVSS V2: 6.4 CVSS V3: - Severity: MEDIUM |
A certain Apple patch for OpenSSL in Apple OS X 10.9.2 and earlier uses a Trust Evaluation Agent (TEA) feature without terminating certain TLS/SSL handshakes as specified in the SSL_CTX_set_verify callback function's documentation, which allows remote attackers to bypass extra verification within a custom application via a crafted certificate chain that is acceptable to TEA but not acceptable to that application. Apple Mac OS X is prone to a security-bypass vulnerability.
Successfully exploiting this issue allows attackers to perform man-in-the-middle attacks and bypass certain security restrictions. A remote attacker could exploit this vulnerability with a specially crafted certificate chain to bypass authentication
| VAR-201402-0350 | CVE-2014-0774 | Schneider Electric OPC Factory Server of C++ Sample client stack-based buffer overflow vulnerability |
CVSS V2: 6.9 CVSS V3: - Severity: MEDIUM |
Stack-based buffer overflow in the C++ sample client in Schneider Electric OPC Factory Server (OFS) TLXCDSUOFS33 - 3.35, TLXCDSTOFS33 - 3.35, TLXCDLUOFS33 - 3.35, TLXCDLTOFS33 - 3.35, and TLXCDLFOFS33 - 3.35 allows local users to gain privileges via vectors involving a malformed configuration file. This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Schneider Electric OFS Client. User interaction is required to exploit this vulnerability in that the target must load a malicious file.The specific flaw exists within the parsing of the configuration file. A crafted configuration file will result in an exploitable stack buffer overflow. An attacker can use this to execute arbitrary code in the context of the OFS Client. Schneider Electric provides total solutions for the energy and infrastructure, industrial, data center and network, building and residential markets in more than 100 countries. The SESU tool used by several of these products is used to update software on Windows PC systems. Failed exploit attempts will result in a denial-of-service condition. Schneider Electric OPC Factory Server (OFS) is a set of data communication editing software of French Schneider Electric (Schneider Electric). The software supports important information access, open page design, transparent architecture and interoperability, etc., enabling users to obtain good process and communication effects. The following versions are affected: Schneider Electric OFS TLXCDSUOFS33 - version 3.35, TLXCDSTOFS33 - version 3.35, TLXCDLUOFS33 - version 3.35, TLXCDLTOFS33 - version 3.35, TLXCDLFOFS33 - version 3.35
| VAR-201403-0508 | CVE-2014-0101 | Linux kernel Code problem vulnerability |
CVSS V2: 7.8 CVSS V3: - Severity: HIGH |
The sctp_sf_do_5_1D_ce function in net/sctp/sm_statefuns.c in the Linux kernel through 3.13.6 does not validate certain auth_enable and auth_capable fields before making an sctp_sf_authenticate call, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via an SCTP handshake with a modified INIT chunk and a crafted AUTH chunk before a COOKIE_ECHO chunk. The Linux kernel is prone to a denial-of-service vulnerability.
An attacker can exploit this issue to crash the affected computer, denying service to legitimate users. The NFSv4 implementation is one of the distributed file system protocols. The vulnerability stems from the fact that the program does not verify the auth_enable and auth_capable fields before calling sctp_sf_authenticate.
(CVE-2014-2851)
Sasha Levin reported a bug in the Linux kernel's virtual memory management
subsystem. 6.2) - x86_64
3. (CVE-2014-0101, Important)
* A race condition flaw, leading to heap-based buffer overflows, was found
in the way the Linux kernel's N_TTY line discipline (LDISC) implementation
handled concurrent processing of echo output and TTY write operations
originating from user space when the underlying TTY driver was PTY.
This update also fixes the following bug:
* Prior to this update, a guest-provided value was used as the head length
of the socket buffer allocated on the host. If the host was under heavy
memory load and the guest-provided value was too large, the allocation
could have failed, resulting in stalls and packet drops in the guest's Tx
path. With this update, the guest-provided value has been limited to a
reasonable size so that socket buffer allocations on the host succeed
regardless of the memory load on the host, and guests can send packets
without experiencing packet drops or stalls.
This update also fixes the following bug:
* Due to an incorrect call of the weak-modules script in the kernel spec
file, the weak-modules directory was removed from the system when removing
or upgrading certain kernel packages related to weak-modules, such as
kernel-debug. With this update, the weak-modules call in the kernel spec
file has been corrected, and the script now preserves the weak-modules
directory on the system in this scenario. ============================================================================
Ubuntu Security Notice USN-2225-1
May 27, 2014
linux-lts-saucy vulnerabilities
============================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 LTS
Summary:
Several security issues were fixed in the kernel.
Software Description:
- linux-lts-saucy: Linux hardware enablement kernel from Saucy
Details:
Matthew Daley reported an information leak in the floppy disk driver of the
Linux kernel. (CVE-2014-0055)
A flaw was discovered in the handling of network packets when mergeable
buffers are disabled for virtual machines in the Linux kernel. (CVE-2014-0077)
Nikolay Aleksandrov discovered a race condition in Linux kernel's IPv4
fragment handling code.
(CVE-2014-0100)
A flaw was discovered in the Linux kernel's handling of the SCTP handshake. (CVE-2014-0101)
A flaw was discovered in the handling of routing information in Linux
kernel's IPv6 stack. (CVE-2014-2309)
An error was discovered in the Linux kernel's DCCP protocol support. (CVE-2014-2523)
Max Sydorenko discovered a race condition in the Atheros 9k wireless driver
in the Linux kernel. (CVE-2014-2672)
Adhemerval Zanella Neto discovered a flaw the in the Transactional Memory
(TM) implementation for powerpc based machine.
(CVE-2014-2673)
An error was discovered in the Reliable Datagram Sockets (RDS) protocol
stack in the Linux kernel.
(CVE-2014-2678)
Yaara Rozenblum discovered a race condition in the Linux kernel's Generic
IEEE 802.11 Networking Stack (mac80211). (CVE-2014-2706)
A flaw was discovered in the Linux kernel's ping sockets.
(CVE-2014-2851)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 12.04 LTS:
linux-image-3.11.0-22-generic 3.11.0-22.38~precise1
linux-image-3.11.0-22-generic-lpae 3.11.0-22.38~precise1
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2014:124
http://www.mandriva.com/en/support/security/
_______________________________________________________________________
Package : kernel
Date : June 13, 2014
Affected: Business Server 1.0
_______________________________________________________________________
Problem Description:
Multiple vulnerabilities has been found and corrected in the Linux
kernel:
kernel/auditsc.c in the Linux kernel through 3.14.5, when
CONFIG_AUDITSYSCALL is enabled with certain syscall rules, allows
local users to obtain potentially sensitive single-bit values from
kernel memory or cause a denial of service (OOPS) via a large value
of a syscall number (CVE-2014-3917).
The futex_requeue function in kernel/futex.c in the Linux kernel
through 3.14.5 does not ensure that calls have two different futex
addresses, which allows local users to gain privileges via a crafted
FUTEX_REQUEUE command that facilitates unsafe waiter modification
(CVE-2014-3153). NOTE: the affected code was moved to
the __skb_get_nlattr and __skb_get_nlattr_nest functions before the
vulnerability was announced (CVE-2014-3144). NOTE: the affected code was moved to the
__skb_get_nlattr_nest function before the vulnerability was announced
(CVE-2014-3145).
The raw_cmd_copyin function in drivers/block/floppy.c in the Linux
kernel through 3.14.3 does not properly handle error conditions during
processing of an FDRAWCMD ioctl call, which allows local users to
trigger kfree operations and gain privileges by leveraging write
access to a /dev/fd device (CVE-2014-1737).
Buffer overflow in virt/kvm/irq_comm.c in the KVM subsystem in the
Linux kernel before 3.2.24 allows local users to cause a denial
of service (crash) and possibly execute arbitrary code via vectors
related to Message Signaled Interrupts (MSI), irq routing entries,
and an incorrect check by the setup_routing_entry function before
invoking the kvm_set_irq function (CVE-2012-2137).
The updated packages provides a solution for these security issues. The verification
of md5 checksums and GPG signatures is performed automatically for you. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/en/support/security/advisories/
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iD8DBQFTmvH3mqjQ0CJFipgRAjgaAKDtCfvK/cukQMyPkhdgllxaobQHFQCdHoJo
g42VcK2YoEgcX9BPP3/zfWg=
=4uZg
-----END PGP SIGNATURE-----
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Important: kernel security and bug fix update
Advisory ID: RHSA-2014:0328-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0328.html
Issue date: 2014-03-25
CVE Names: CVE-2013-1860 CVE-2014-0055 CVE-2014-0069
CVE-2014-0101
=====================================================================
1. Summary:
Updated kernel packages that fix multiple security issues and several bugs
are now available for Red Hat Enterprise Linux 6.
The Red Hat Security Response Team has rated this update as having
Important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Desktop (v. 6) - i386, noarch, x86_64
Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64
Red Hat Enterprise Linux HPC Node (v. 6) - noarch, x86_64
Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64
Red Hat Enterprise Linux Server (v. 6) - i386, noarch, ppc64, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 6) - i386, noarch, x86_64
Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64
3.
* A flaw was found in the way the get_rx_bufs() function in the vhost_net
implementation in the Linux kernel handled error conditions reported by the
vhost_get_vq_desc() function. A privileged guest user could use this flaw
to crash the host. (CVE-2014-0055, Important)
* A flaw was found in the way the Linux kernel processed an authenticated
COOKIE_ECHO chunk during the initialization of an SCTP connection. (CVE-2014-0101, Important)
* A flaw was found in the way the Linux kernel's CIFS implementation
handled uncached write operations with specially crafted iovec structures.
An unprivileged local user with access to a CIFS share could use this flaw
to crash the system, leak kernel memory, or, potentially, escalate their
privileges on the system. Note: the default cache settings for CIFS mounts
on Red Hat Enterprise Linux 6 prohibit a successful exploitation of this
issue. (CVE-2014-0069, Moderate)
* A heap-based buffer overflow flaw was found in the Linux kernel's cdc-wdm
driver, used for USB CDC WCM device management. An attacker with physical
access to a system could use this flaw to cause a denial of service or,
potentially, escalate their privileges. (CVE-2013-1860, Low)
Red Hat would like to thank Nokia Siemens Networks for reporting
CVE-2014-0101, and Al Viro for reporting CVE-2014-0069.
This update also fixes several bugs. Documentation for these changes will
be available shortly from the Technical Notes document linked to in the
References section.
All kernel users are advised to upgrade to these updated packages, which
contain backported patches to correct these issues. The system must be
rebooted for this update to take effect.
4. Solution:
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the
Red Hat Network to apply this update are available at
https://access.redhat.com/site/articles/11258
To install kernel packages manually, use "rpm -ivh [package]". Do not use
"rpm -Uvh" as that will remove the running kernel binaries from your
system. You may use "rpm -e" to remove old kernels after determining that
the new kernel functions properly on your system.
5. Bugs fixed (https://bugzilla.redhat.com/):
921970 - CVE-2013-1860 kernel: usb: cdc-wdm buffer overflow triggered by device
1062577 - CVE-2014-0055 kernel: vhost-net: insufficient handling of error conditions in get_rx_bufs()
1064253 - CVE-2014-0069 kernel: cifs: incorrect handling of bogus user pointers during uncached writes
1070705 - CVE-2014-0101 kernel: net: sctp: null pointer dereference when processing authenticated cookie_echo chunk
6. Package List:
Red Hat Enterprise Linux Desktop (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/kernel-2.6.32-431.11.2.el6.src.rpm
i386:
kernel-2.6.32-431.11.2.el6.i686.rpm
kernel-debug-2.6.32-431.11.2.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-431.11.2.el6.i686.rpm
kernel-debug-devel-2.6.32-431.11.2.el6.i686.rpm
kernel-debuginfo-2.6.32-431.11.2.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-431.11.2.el6.i686.rpm
kernel-devel-2.6.32-431.11.2.el6.i686.rpm
kernel-headers-2.6.32-431.11.2.el6.i686.rpm
perf-2.6.32-431.11.2.el6.i686.rpm
perf-debuginfo-2.6.32-431.11.2.el6.i686.rpm
python-perf-debuginfo-2.6.32-431.11.2.el6.i686.rpm
noarch:
kernel-abi-whitelists-2.6.32-431.11.2.el6.noarch.rpm
kernel-doc-2.6.32-431.11.2.el6.noarch.rpm
kernel-firmware-2.6.32-431.11.2.el6.noarch.rpm
x86_64:
kernel-2.6.32-431.11.2.el6.x86_64.rpm
kernel-debug-2.6.32-431.11.2.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-431.11.2.el6.x86_64.rpm
kernel-debug-devel-2.6.32-431.11.2.el6.x86_64.rpm
kernel-debuginfo-2.6.32-431.11.2.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-431.11.2.el6.x86_64.rpm
kernel-devel-2.6.32-431.11.2.el6.x86_64.rpm
kernel-headers-2.6.32-431.11.2.el6.x86_64.rpm
perf-2.6.32-431.11.2.el6.x86_64.rpm
perf-debuginfo-2.6.32-431.11.2.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-431.11.2.el6.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/kernel-2.6.32-431.11.2.el6.src.rpm
i386:
kernel-debug-debuginfo-2.6.32-431.11.2.el6.i686.rpm
kernel-debuginfo-2.6.32-431.11.2.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-431.11.2.el6.i686.rpm
perf-debuginfo-2.6.32-431.11.2.el6.i686.rpm
python-perf-2.6.32-431.11.2.el6.i686.rpm
python-perf-debuginfo-2.6.32-431.11.2.el6.i686.rpm
x86_64:
kernel-debug-debuginfo-2.6.32-431.11.2.el6.x86_64.rpm
kernel-debuginfo-2.6.32-431.11.2.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-431.11.2.el6.x86_64.rpm
perf-debuginfo-2.6.32-431.11.2.el6.x86_64.rpm
python-perf-2.6.32-431.11.2.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-431.11.2.el6.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/kernel-2.6.32-431.11.2.el6.src.rpm
noarch:
kernel-abi-whitelists-2.6.32-431.11.2.el6.noarch.rpm
kernel-doc-2.6.32-431.11.2.el6.noarch.rpm
kernel-firmware-2.6.32-431.11.2.el6.noarch.rpm
x86_64:
kernel-2.6.32-431.11.2.el6.x86_64.rpm
kernel-debug-2.6.32-431.11.2.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-431.11.2.el6.x86_64.rpm
kernel-debug-devel-2.6.32-431.11.2.el6.x86_64.rpm
kernel-debuginfo-2.6.32-431.11.2.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-431.11.2.el6.x86_64.rpm
kernel-devel-2.6.32-431.11.2.el6.x86_64.rpm
kernel-headers-2.6.32-431.11.2.el6.x86_64.rpm
perf-2.6.32-431.11.2.el6.x86_64.rpm
perf-debuginfo-2.6.32-431.11.2.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-431.11.2.el6.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/kernel-2.6.32-431.11.2.el6.src.rpm
x86_64:
kernel-debug-debuginfo-2.6.32-431.11.2.el6.x86_64.rpm
kernel-debuginfo-2.6.32-431.11.2.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-431.11.2.el6.x86_64.rpm
perf-debuginfo-2.6.32-431.11.2.el6.x86_64.rpm
python-perf-2.6.32-431.11.2.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-431.11.2.el6.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/kernel-2.6.32-431.11.2.el6.src.rpm
i386:
kernel-2.6.32-431.11.2.el6.i686.rpm
kernel-debug-2.6.32-431.11.2.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-431.11.2.el6.i686.rpm
kernel-debug-devel-2.6.32-431.11.2.el6.i686.rpm
kernel-debuginfo-2.6.32-431.11.2.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-431.11.2.el6.i686.rpm
kernel-devel-2.6.32-431.11.2.el6.i686.rpm
kernel-headers-2.6.32-431.11.2.el6.i686.rpm
perf-2.6.32-431.11.2.el6.i686.rpm
perf-debuginfo-2.6.32-431.11.2.el6.i686.rpm
python-perf-debuginfo-2.6.32-431.11.2.el6.i686.rpm
noarch:
kernel-abi-whitelists-2.6.32-431.11.2.el6.noarch.rpm
kernel-doc-2.6.32-431.11.2.el6.noarch.rpm
kernel-firmware-2.6.32-431.11.2.el6.noarch.rpm
ppc64:
kernel-2.6.32-431.11.2.el6.ppc64.rpm
kernel-bootwrapper-2.6.32-431.11.2.el6.ppc64.rpm
kernel-debug-2.6.32-431.11.2.el6.ppc64.rpm
kernel-debug-debuginfo-2.6.32-431.11.2.el6.ppc64.rpm
kernel-debug-devel-2.6.32-431.11.2.el6.ppc64.rpm
kernel-debuginfo-2.6.32-431.11.2.el6.ppc64.rpm
kernel-debuginfo-common-ppc64-2.6.32-431.11.2.el6.ppc64.rpm
kernel-devel-2.6.32-431.11.2.el6.ppc64.rpm
kernel-headers-2.6.32-431.11.2.el6.ppc64.rpm
perf-2.6.32-431.11.2.el6.ppc64.rpm
perf-debuginfo-2.6.32-431.11.2.el6.ppc64.rpm
python-perf-debuginfo-2.6.32-431.11.2.el6.ppc64.rpm
s390x:
kernel-2.6.32-431.11.2.el6.s390x.rpm
kernel-debug-2.6.32-431.11.2.el6.s390x.rpm
kernel-debug-debuginfo-2.6.32-431.11.2.el6.s390x.rpm
kernel-debug-devel-2.6.32-431.11.2.el6.s390x.rpm
kernel-debuginfo-2.6.32-431.11.2.el6.s390x.rpm
kernel-debuginfo-common-s390x-2.6.32-431.11.2.el6.s390x.rpm
kernel-devel-2.6.32-431.11.2.el6.s390x.rpm
kernel-headers-2.6.32-431.11.2.el6.s390x.rpm
kernel-kdump-2.6.32-431.11.2.el6.s390x.rpm
kernel-kdump-debuginfo-2.6.32-431.11.2.el6.s390x.rpm
kernel-kdump-devel-2.6.32-431.11.2.el6.s390x.rpm
perf-2.6.32-431.11.2.el6.s390x.rpm
perf-debuginfo-2.6.32-431.11.2.el6.s390x.rpm
python-perf-debuginfo-2.6.32-431.11.2.el6.s390x.rpm
x86_64:
kernel-2.6.32-431.11.2.el6.x86_64.rpm
kernel-debug-2.6.32-431.11.2.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-431.11.2.el6.x86_64.rpm
kernel-debug-devel-2.6.32-431.11.2.el6.x86_64.rpm
kernel-debuginfo-2.6.32-431.11.2.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-431.11.2.el6.x86_64.rpm
kernel-devel-2.6.32-431.11.2.el6.x86_64.rpm
kernel-headers-2.6.32-431.11.2.el6.x86_64.rpm
perf-2.6.32-431.11.2.el6.x86_64.rpm
perf-debuginfo-2.6.32-431.11.2.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-431.11.2.el6.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/kernel-2.6.32-431.11.2.el6.src.rpm
i386:
kernel-debug-debuginfo-2.6.32-431.11.2.el6.i686.rpm
kernel-debuginfo-2.6.32-431.11.2.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-431.11.2.el6.i686.rpm
perf-debuginfo-2.6.32-431.11.2.el6.i686.rpm
python-perf-2.6.32-431.11.2.el6.i686.rpm
python-perf-debuginfo-2.6.32-431.11.2.el6.i686.rpm
ppc64:
kernel-debug-debuginfo-2.6.32-431.11.2.el6.ppc64.rpm
kernel-debuginfo-2.6.32-431.11.2.el6.ppc64.rpm
kernel-debuginfo-common-ppc64-2.6.32-431.11.2.el6.ppc64.rpm
perf-debuginfo-2.6.32-431.11.2.el6.ppc64.rpm
python-perf-2.6.32-431.11.2.el6.ppc64.rpm
python-perf-debuginfo-2.6.32-431.11.2.el6.ppc64.rpm
s390x:
kernel-debug-debuginfo-2.6.32-431.11.2.el6.s390x.rpm
kernel-debuginfo-2.6.32-431.11.2.el6.s390x.rpm
kernel-debuginfo-common-s390x-2.6.32-431.11.2.el6.s390x.rpm
kernel-kdump-debuginfo-2.6.32-431.11.2.el6.s390x.rpm
perf-debuginfo-2.6.32-431.11.2.el6.s390x.rpm
python-perf-2.6.32-431.11.2.el6.s390x.rpm
python-perf-debuginfo-2.6.32-431.11.2.el6.s390x.rpm
x86_64:
kernel-debug-debuginfo-2.6.32-431.11.2.el6.x86_64.rpm
kernel-debuginfo-2.6.32-431.11.2.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-431.11.2.el6.x86_64.rpm
perf-debuginfo-2.6.32-431.11.2.el6.x86_64.rpm
python-perf-2.6.32-431.11.2.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-431.11.2.el6.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/kernel-2.6.32-431.11.2.el6.src.rpm
i386:
kernel-2.6.32-431.11.2.el6.i686.rpm
kernel-debug-2.6.32-431.11.2.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-431.11.2.el6.i686.rpm
kernel-debug-devel-2.6.32-431.11.2.el6.i686.rpm
kernel-debuginfo-2.6.32-431.11.2.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-431.11.2.el6.i686.rpm
kernel-devel-2.6.32-431.11.2.el6.i686.rpm
kernel-headers-2.6.32-431.11.2.el6.i686.rpm
perf-2.6.32-431.11.2.el6.i686.rpm
perf-debuginfo-2.6.32-431.11.2.el6.i686.rpm
python-perf-debuginfo-2.6.32-431.11.2.el6.i686.rpm
noarch:
kernel-abi-whitelists-2.6.32-431.11.2.el6.noarch.rpm
kernel-doc-2.6.32-431.11.2.el6.noarch.rpm
kernel-firmware-2.6.32-431.11.2.el6.noarch.rpm
x86_64:
kernel-2.6.32-431.11.2.el6.x86_64.rpm
kernel-debug-2.6.32-431.11.2.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-431.11.2.el6.x86_64.rpm
kernel-debug-devel-2.6.32-431.11.2.el6.x86_64.rpm
kernel-debuginfo-2.6.32-431.11.2.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-431.11.2.el6.x86_64.rpm
kernel-devel-2.6.32-431.11.2.el6.x86_64.rpm
kernel-headers-2.6.32-431.11.2.el6.x86_64.rpm
perf-2.6.32-431.11.2.el6.x86_64.rpm
perf-debuginfo-2.6.32-431.11.2.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-431.11.2.el6.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/kernel-2.6.32-431.11.2.el6.src.rpm
i386:
kernel-debug-debuginfo-2.6.32-431.11.2.el6.i686.rpm
kernel-debuginfo-2.6.32-431.11.2.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-431.11.2.el6.i686.rpm
perf-debuginfo-2.6.32-431.11.2.el6.i686.rpm
python-perf-2.6.32-431.11.2.el6.i686.rpm
python-perf-debuginfo-2.6.32-431.11.2.el6.i686.rpm
x86_64:
kernel-debug-debuginfo-2.6.32-431.11.2.el6.x86_64.rpm
kernel-debuginfo-2.6.32-431.11.2.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-431.11.2.el6.x86_64.rpm
perf-debuginfo-2.6.32-431.11.2.el6.x86_64.rpm
python-perf-2.6.32-431.11.2.el6.x86_64.rpm
python-perf-debuginfo-2.6.32-431.11.2.el6.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package
7. References:
https://www.redhat.com/security/data/cve/CVE-2013-1860.html
https://www.redhat.com/security/data/cve/CVE-2014-0055.html
https://www.redhat.com/security/data/cve/CVE-2014-0069.html
https://www.redhat.com/security/data/cve/CVE-2014-0101.html
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/6.5_Technical_Notes/kernel.html
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2014 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFTMZPXXlSAg2UNWIIRAs3jAKCY1B4c1Gm3xuwrXDDvHlYLoVu3WQCfRaVc
ZY3S4jlAmQF9n5M8ByIyFkY=
=OVFT
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
| VAR-201403-0474 | CVE-2014-2104 | Cisco Unified Communications Domain Manager of Business Voice Services Manager Page cross-site scripting vulnerability |
CVSS V2: 4.3 CVSS V3: - Severity: MEDIUM |
Multiple cross-site scripting (XSS) vulnerabilities in the Business Voice Services Manager (BVSM) page in Cisco Unified Communications Domain Manager 9.0(.1) allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug IDs CSCum78536, CSCum78526, CSCum69809, and CSCum63113. Vendors have confirmed this vulnerability Bug ID CSCum78536 , CSCum78526 , CSCum69809 and CSCum63113 It is released as.By any third party through unspecified parameters Web Script or HTML May be inserted.
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
These issues are being tracked by Cisco Bug ID's CSCum78536, CSCum78526, CSCum69809, and CSCum63113. This component features scalable, distributed, and highly available enterprise Voice over IP call processing
| VAR-201402-0383 | CVE-2014-2103 | Cisco Intrusion Prevention System Service disruption in software (DoS) Vulnerabilities |
CVSS V2: 6.8 CVSS V3: - Severity: MEDIUM |
Cisco Intrusion Prevention System (IPS) Software allows remote attackers to cause a denial of service (MainApp process outage) via malformed SNMP packets, aka Bug IDs CSCum52355 and CSCul49309. Vendors have confirmed this vulnerability Bug ID CSCum52355 and CSCul49309 It is released as.Malformed by a third party SNMP Service disruption via packets (MainApp Stop process ) There is a possibility of being put into a state.
Attackers can exploit this issue to cause the MainApp process to become unresponsive, which leads to denial-of-service conditions.
This issue is being tracked by Cisco Bug ID CSCum52355 and CSCul49309. The system can immediately interrupt, adjust or isolate some abnormal or harmful network data transmission behaviors
| VAR-201402-0439 | No CVE | SAP BusinessObjects Explorer SBOP Resource Manager Information Disclosure Vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
BusinessObjects Explorer is a data discovery application. SAP BusinessObjects Explorer SBOP Resource Manager has an information disclosure vulnerability that allows an attacker to access potentially sensitive information
| VAR-201402-0349 | CVE-2014-0759 | Schneider Electric Floating License Manager Privilege Escalation Vulnerability |
CVSS V2: 6.9 CVSS V3: 5.9 Severity: MEDIUM |
Unquoted Windows search path vulnerability in Schneider Electric Floating License Manager 1.0.0 through 1.4.0 allows local users to gain privileges via a Trojan horse application with a name composed of an initial substring of a path that contains a space character. Supplementary information : CWE Vulnerability type by CWE-428: Unquoted Search Path or Element ( Unquoted search path or element ) Has been identified. Schneider Electric provides total solutions for the energy and infrastructure, industrial, data center and network, building and residential markets in more than 100 countries. The SESU tool used by several of these products is used to update software on Windows PC systems.
Attackers can leverage this issue to gain escalated privileges
| VAR-201403-0323 | CVE-2014-2264 | Synology DiskStation Manager VPN module hard-coded password vulnerability |
CVSS V2: 7.8 CVSS V3: - Severity: HIGH |
The OpenVPN module in Synology DiskStation Manager (DSM) 4.3-3810 update 1 has a hardcoded root password of synopass, which makes it easier for remote attackers to obtain access via a VPN session. Synology Provided by DiskStation Manager Has a problem with hard-coded credentials.
Successful attacks can allow a remote attacker to gain unauthorized access to the vulnerable device. Synology DiskStation Manager (DSM) is an operating system developed by Synology for network storage servers (NAS). The operating system can manage data, documents, photos, music and other information
| VAR-201404-0291 | CVE-2013-7350 | Check Point Security Gateway Vulnerability in |
CVSS V2: 10.0 CVSS V3: - Severity: HIGH |
Multiple unspecified vulnerabilities in Check Point Security Gateway 80 R71.x before R71.45 (730159141) and R75.20.x before R75.20.4 and 600 and 1100 appliances R75.20.x before R75.20.42 have unknown impact and attack vectors related to "important security fixes.". Founded in 1993, Check Point Software Technologies is headquartered in Redwood City, Calif., and is the world's leading provider of Internet security solutions, leading the global enterprise firewall, personal firewall and virtual private network (VPN) markets. There are multiple vulnerabilities in Check Point's multiple products. There are currently no detailed vulnerability descriptions.
The impact of these issues is currently unknown. We will update this BID as more information emerges.
The following products are affected:
Security Gateway 80 R71.x and R75.20.x
600 Appliance R75.20.x
1100 Appliance R75.20.x. Please keep an eye on the cnnvd website or manufacturer announcements
| VAR-201402-0191 | CVE-2014-0679 | Cisco Prime Infrastructure In root Vulnerability to execute arbitrary commands with privileges |
CVSS V2: 9.0 CVSS V3: - Severity: HIGH |
Cisco Prime Infrastructure 1.2 and 1.3 before 1.3.0.20-2, 1.4 before 1.4.0.45-2, and 2.0 before 2.0.0.0.294-2 allows remote authenticated users to execute arbitrary commands with root privileges via an unspecified URL, aka Bug ID CSCum71308.
An attacker can exploit this issue to execute system commands with root-level privileges.
This issue being tracked by Cisco Bug ID CSCum71308
| VAR-201402-0581 | No CVE | Inteno DG301 'username' command injection vulnerability |
CVSS V2: 3.6 CVSS V3: - Severity: LOW |
The DG301 is a high-end Multi-WAN residential gateway with advanced router and bridging capabilities. Inteno DG301 'username' has a command injection vulnerability that can be exploited by an attacker to inject and execute arbitrary shell commands due to failure to adequately filter user-supplied input.
| VAR-201402-0700 | CVE-2025-34037 | Multiple Secure Bypass Vulnerabilities in Linksys Multiple E-Series Routers |
CVSS V2: 7.5 CVSS V3: - Severity: Critical |
An OS command injection vulnerability exists in various models of E-Series Linksys routers via the /tmUnblock.cgi and /hndUnblock.cgi endpoints over HTTP on port 8080. The CGI scripts improperly process user-supplied input passed to the ttcp_ip parameter without sanitization, allowing unauthenticated attackers to inject shell commands. This vulnerability was reported to be exploited in the wild by the "TheMoon" worm in 2014 to deploy a MIPS ELF payload, enabling arbitrary code execution on the router. Additionally, this vulnerability may affect other Linksys products to include, but not limited to, WAG/WAP/WES/WET/WRT-series router models and Wireless-N access points and routers. Exploitation evidence was observed by the Shadowserver Foundation on 2025-02-06 UTC. Linksys E-series routers are popular router devices. Multiple Linksys E-series routers have multiple security vulnerabilities that allow malicious users to bypass some of the security restrictions: 1. 2. The device fails to properly restrict access to the console, allowing an attacker to access restricted functionality through the TCP port 8083