VARIoT IoT vulnerabilities database
| VAR-201312-0237 | CVE-2013-6696 | Cisco Adaptive Security Appliance Service disruption in software (DoS) Vulnerabilities |
CVSS V2: 7.1 CVSS V3: - Severity: HIGH |
Cisco Adaptive Security Appliance (ASA) Software does not properly handle errors during the processing of DNS responses, which allows remote attackers to cause a denial of service (device reload) via a malformed response, aka Bug ID CSCuj28861. Vendors have confirmed this vulnerability Bug ID CSCuj28861 It is released as.Third-party service disruption via malformed response ( Device reload ) There is a possibility of being put into a state. Cisco ASA Software is prone to a remote denial-of-service vulnerability.
An attacker can exploit this issue to cause an affected device to reload, denying service to legitimate users.
This issue is being tracked by Cisco Bug ID CSCuj28861
| VAR-201312-0304 | CVE-2013-7043 | Cisco Scientific Atlanta DPR2320 Cross-site request forgery vulnerability in router software |
CVSS V2: 8.3 CVSS V3: - Severity: HIGH |
Multiple cross-site request forgery (CSRF) vulnerabilities on Cisco Scientific Atlanta DPR2320R2 routers with software 2.0.2r1262-090417 allow remote attackers to hijack the authentication of administrators for requests that (1) change a password via the Password parameter to goform/RgSecurity; (2) reboot the device via the Restart parameter to goform/restart; (3) modify Wi-Fi settings, as demonstrated by the WpaPreSharedKey parameter to goform/wlanSecurity; or (4) modify parental controls via the ParentalPassword parameter to goform/RgParentalBasic. The Cisco DPR2320R2 Wireless Router is a wireless router product from the United States Cisco.
A cross-site request forgery vulnerability exists in the Cisco DPR2320R2 wireless router using firmware version 2.0.2r1262-090417. A remote attacker could use this vulnerability to perform administrator actions to control the affected device. Cisco Scientific Atlanta DPR2320R2 is a cable modem gateway device of Cisco (Cisco). The device includes a cable modem, router and wireless access point, enabling multiple PCs, notebooks or other network devices to share broadband access
| VAR-201311-0241 | CVE-2013-6918 | Satechi Smart Travel Router Web Management Console Remote Authentication Bypass Vulnerability |
CVSS V2: 5.8 CVSS V3: - Severity: MEDIUM |
The web interface on the Satechi travel router 1.5, when Wi-Fi is used for WAN access, exposes the console without authentication on the WAN IP address regardless of the "Web Management via WAN" setting, which allows remote attackers to bypass intended access restrictions via HTTP requests. The Satechi Smart Travel Router is a wireless router device. A remote attacker can bypass the access restriction control device by submitting an HTTP request. Satechi Travel Router is a portable router product of American Satechi Company that includes standard international plug adapters, USB chargers and WiFi (802.11b/g/n) routers
| VAR-201312-0311 | CVE-2013-7094 | SAP NetWeaver of RSDDCVER_COUNT_TAB_COLS In function SQL Injection vulnerability |
CVSS V2: 7.5 CVSS V3: - Severity: HIGH |
SQL injection vulnerability in the RSDDCVER_COUNT_TAB_COLS function in SAP NetWeaver 7.30 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. The SAP NetWeaver \"RSDDCVER_COUNT_TAB_COLS\" function fails to properly filter user-submitted input, allowing remote attackers to exploit vulnerabilities to submit special SQL queries that can retrieve or manipulate database information. SAP NetWeaver is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied input before using it in an SQL query.
Exploiting this issue could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
SAP NetWeaver 7.30 is vulnerable; other versions may also be affected
| VAR-201311-0517 | No CVE | ZyXEL GS1510-16 'webctrl.cgi' Remote Password Disclosure Vulnerability |
CVSS V2: - CVSS V3: - Severity: - |
ZyXEL GS1510-16 is prone to a password-disclosure vulnerability.
Attackers can exploit this issue to gain access to administrator password that may lead to further attacks.
| VAR-201312-0461 | CVE-2013-6718 | IBM BladeCenter For system Advanced Management Module Vulnerabilities in the acquisition of account names and passwords in firmware |
CVSS V2: 6.4 CVSS V3: - Severity: MEDIUM |
The Advanced Management Module (AMM) with firmware 3.64B, 3.64C, and 3.64G for IBM BladeCenter systems allows remote attackers to discover account names and passwords via use of an unspecified interface.
Little is known about this issue or its effects at this time. We will update this BID as more information emerges
| VAR-201311-0401 | No CVE | Interstage Application Server/Studio Log Feature Buffer Overflow Vulnerability |
CVSS V2: 7.5 CVSS V3: - Severity: HIGH |
Interstage Application Server is an application platform that supports building and running business systems. The Interstage Application Server/Studio logging feature (ihsrlog/rotatelogs) has an unspecified error that allows a remote attacker to exploit a vulnerability for a buffer overflow attack and execute arbitrary code in the application context
| VAR-201311-0359 | CVE-2013-6885 | AMD Family 16h Models 00h-0Fh Denial of service in microcode running on a processor (DoS) Vulnerability |
CVSS V2: 4.7 CVSS V3: - Severity: MEDIUM |
The microcode on AMD 16h 00h through 0Fh processors does not properly handle the interaction between locked instructions and write-combined memory types, which allows local users to cause a denial of service (system hang) via a crafted application, aka the errata 793 issue. Vendors report this vulnerability Errata 793 Published as a problem.Denial of service by a local user via a crafted application ( System hang ) May be in a state. AMD 16h Model Processor is prone to a denial-of-service vulnerability.
Successful exploits will cause the affected system to hang, denying service to legitimate users. AMD CPU is a CPU processor launched by AMD Corporation of the United States.
CVE-2014-9419
It was found that on Linux kernels compiled with the 32 bit
interfaces (CONFIG_X86_32) a malicious user program can do a
partial ASLR bypass through TLS base addresses leak when attacking
other programs.
CVE-2014-9529
It was discovered that the Linux kernel is affected by a race
condition flaw when doing key garbage collection, allowing local
users to cause a denial of service (memory corruption or panic).
CVE-2014-9584
It was found that the Linux kernel does not validate a length value
in the Extensions Reference (ER) System Use Field, which allows
local users to obtain sensitive information from kernel memory via a
crafted iso9660 image.
For the stable distribution (wheezy), these problems have been fixed in
version 3.2.65-1+deb7u1.
For the upcoming stable distribution (jessie) and the unstable
distribution (sid), these problems will be fixed soon. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201407-03
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: High
Title: Xen: Multiple Vunlerabilities
Date: July 16, 2014
Bugs: #440768, #484478, #486354, #497082, #497084, #497086,
#499054, #499124, #500528, #500530, #500536, #501080,
#501906, #505714, #509054, #513824
ID: 201407-03
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been found in Xen, the worst of which
could lead to arbitrary code execution.
Background
==========
Xen is a bare-metal hypervisor.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-emulations/xen < 4.3.2-r4 >= 4.3.2-r4
*>= 4.2.4-r4
2 app-emulations/xen-tools
< 4.3.2-r5 >= 4.3.2-r5
*>= 4.2.4-r6
3 app-emulations/xen-pvgrub
< 4.3.2 *>= 4.3.2
*>= 4.2.4
-------------------------------------------------------------------
3 affected packages
Description
===========
Multiple vulnerabilities have been discovered in Xen. Please review the
CVE identifiers referenced below for details.
Impact
======
A remote attacker can utilize multiple vectors to execute arbitrary
code, cause Denial of Service, or gain access to data on the host.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Xen 4.3 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-emulations/xen-4.3.2-r2"
All Xen 4.2 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-emulations/xen-4.2.4-r2"
All xen-tools 4.3 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=app-emulations/xen-tools-4.3.2-r2"
All xen-tools 4.2 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=app-emulations/xen-tools-4.2.4-r2"
All Xen PVGRUB 4.3 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=app-emulations/xen-pvgrub-4.3.2"
All Xen PVGRUB 4.2 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=app-emulations/xen-pvgrub-4.2.4"
References
==========
[ 1 ] CVE-2013-1442
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1442
[ 2 ] CVE-2013-4329
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4329
[ 3 ] CVE-2013-4355
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4355
[ 4 ] CVE-2013-4356
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4356
[ 5 ] CVE-2013-4361
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4361
[ 6 ] CVE-2013-4368
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4368
[ 7 ] CVE-2013-4369
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4369
[ 8 ] CVE-2013-4370
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4370
[ 9 ] CVE-2013-4371
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4371
[ 10 ] CVE-2013-4375
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4375
[ 11 ] CVE-2013-4416
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4416
[ 12 ] CVE-2013-4494
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4494
[ 13 ] CVE-2013-4551
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4551
[ 14 ] CVE-2013-4553
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4553
[ 15 ] CVE-2013-4554
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4554
[ 16 ] CVE-2013-6375
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6375
[ 17 ] CVE-2013-6400
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6400
[ 18 ] CVE-2013-6885
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6885
[ 19 ] CVE-2013-6885
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6885
[ 20 ] CVE-2014-1642
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1642
[ 21 ] CVE-2014-1666
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1666
[ 22 ] CVE-2014-1891
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1891
[ 23 ] CVE-2014-1892
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1892
[ 24 ] CVE-2014-1893
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1893
[ 25 ] CVE-2014-1894
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1894
[ 26 ] CVE-2014-1895
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1895
[ 27 ] CVE-2014-1896
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1896
[ 28 ] CVE-2014-2599
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2599
[ 29 ] CVE-2014-3124
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3124
[ 30 ] CVE-2014-4021
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-4021
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201407-03.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2014 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Important: kernel security, bug fix, and enhancement update
Advisory ID: RHSA-2014:0285-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0285.html
Issue date: 2014-03-12
CVE Names: CVE-2013-2929 CVE-2013-4483 CVE-2013-4554
CVE-2013-6381 CVE-2013-6383 CVE-2013-6885
CVE-2013-7263
=====================================================================
1. Summary:
Updated kernel packages that fix multiple security issues, several bugs,
and add one enhancement are now available for Red Hat Enterprise Linux 5.
The Red Hat Security Response Team has rated this update as having
Important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux (v. 5 server) - i386, ia64, noarch, ppc, s390x, x86_64
Red Hat Enterprise Linux Desktop (v. 5 client) - i386, noarch, x86_64
3. Description:
The kernel packages contain the Linux kernel, the core of any Linux
operating system.
* A buffer overflow flaw was found in the way the qeth_snmp_command()
function in the Linux kernel's QETH network device driver implementation
handled SNMP IOCTL requests with an out-of-bounds length. A local,
unprivileged user could use this flaw to crash the system or, potentially,
escalate their privileges on the system. (CVE-2013-6381, Important)
* A flaw was found in the way the ipc_rcu_putref() function in the Linux
kernel's IPC implementation handled reference counter decrementing.
A local, unprivileged user could use this flaw to trigger an Out of Memory
(OOM) condition and, potentially, crash the system. (CVE-2013-4483,
Moderate)
* It was found that the Xen hypervisor implementation did not correctly
check privileges of hypercall attempts made by HVM guests, allowing
hypercalls to be invoked from protection rings 1 and 2 in addition to ring
0. A local attacker in an HVM guest able to execute code on privilege
levels 1 and 2 could potentially use this flaw to further escalate their
privileges in that guest. Note: Xen HVM guests running unmodified versions
of Red Hat Enterprise Linux and Microsoft Windows are not affected by this
issue because they are known to only use protection rings 0 (kernel) and 3
(userspace). (CVE-2013-4554, Moderate)
* A flaw was found in the way the Linux kernel's Adaptec RAID controller
(aacraid) checked permissions of compat IOCTLs. A local attacker could use
this flaw to bypass intended security restrictions. (CVE-2013-6383,
Moderate)
* It was found that, under specific circumstances, a combination of write
operations to write-combined memory and locked CPU instructions may cause a
core hang on certain AMD CPUs (for more information, refer to AMD CPU
erratum 793 linked in the References section). A privileged user in a guest
running under the Xen hypervisor could use this flaw to cause a denial of
service on the host system. This update adds a workaround to the Xen
hypervisor implementation, which mitigates the AMD CPU issue. Non-AMD CPUs
are not vulnerable. (CVE-2013-6885, Moderate)
* It was found that certain protocol handlers in the Linux kernel's
networking implementation could set the addr_len value without initializing
the associated data structure. A local, unprivileged user could use this
flaw to leak kernel stack memory to user space using the recvmsg, recvfrom,
and recvmmsg system calls. (CVE-2013-7263, Low)
* A flaw was found in the way the get_dumpable() function return value was
interpreted in the ptrace subsystem of the Linux kernel. When
'fs.suid_dumpable' was set to 2, a local, unprivileged local user could
use this flaw to bypass intended ptrace restrictions and obtain
potentially sensitive information. (CVE-2013-2929, Low)
Red Hat would like to thank Vladimir Davydov of Parallels for reporting
CVE-2013-4483 and the Xen project for reporting CVE-2013-4554 and
CVE-2013-6885. Upstream acknowledges Jan Beulich as the original reporter
of CVE-2013-4554 and CVE-2013-6885.
This update also fixes several bugs and adds one enhancement.
Documentation for these changes will be available shortly from the
Technical Notes document linked to in the References section.
All kernel users are advised to upgrade to these updated packages, which
contain backported patches to correct these issues and add this
enhancement. The system must be rebooted for this update to take effect.
4. Solution:
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the
Red Hat Network to apply this update are available at
https://access.redhat.com/site/articles/11258
To install kernel packages manually, use "rpm -ivh [package]". Do not use
"rpm -Uvh" as that will remove the running kernel binaries from your
system. You may use "rpm -e" to remove old kernels after determining that
the new kernel functions properly on your system.
5. Bugs fixed (https://bugzilla.redhat.com/):
1024854 - CVE-2013-4483 kernel: ipc: ipc_rcu_putref refcount races
1028148 - CVE-2013-2929 kernel: exec/ptrace: get_dumpable() incorrect tests
1029111 - CVE-2013-4554 kernel: xen: hypercalls exposed to privilege rings 1 and 2 of HVM guests
1033530 - CVE-2013-6383 Kernel: AACRAID Driver compat IOCTL missing capability check
1033600 - CVE-2013-6381 Kernel: qeth: buffer overflow in snmp ioctl
1035823 - CVE-2013-6885 hw: AMD CPU erratum may cause core hang
1035875 - CVE-2013-7263 CVE-2013-7265 Kernel: net: leakage of uninitialized memory to user-space via recv syscalls
6. Package List:
Red Hat Enterprise Linux Desktop (v. 5 client):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/kernel-2.6.18-371.6.1.el5.src.rpm
i386:
kernel-2.6.18-371.6.1.el5.i686.rpm
kernel-PAE-2.6.18-371.6.1.el5.i686.rpm
kernel-PAE-debuginfo-2.6.18-371.6.1.el5.i686.rpm
kernel-PAE-devel-2.6.18-371.6.1.el5.i686.rpm
kernel-debug-2.6.18-371.6.1.el5.i686.rpm
kernel-debug-debuginfo-2.6.18-371.6.1.el5.i686.rpm
kernel-debug-devel-2.6.18-371.6.1.el5.i686.rpm
kernel-debuginfo-2.6.18-371.6.1.el5.i686.rpm
kernel-debuginfo-common-2.6.18-371.6.1.el5.i686.rpm
kernel-devel-2.6.18-371.6.1.el5.i686.rpm
kernel-headers-2.6.18-371.6.1.el5.i386.rpm
kernel-xen-2.6.18-371.6.1.el5.i686.rpm
kernel-xen-debuginfo-2.6.18-371.6.1.el5.i686.rpm
kernel-xen-devel-2.6.18-371.6.1.el5.i686.rpm
noarch:
kernel-doc-2.6.18-371.6.1.el5.noarch.rpm
x86_64:
kernel-2.6.18-371.6.1.el5.x86_64.rpm
kernel-debug-2.6.18-371.6.1.el5.x86_64.rpm
kernel-debug-debuginfo-2.6.18-371.6.1.el5.x86_64.rpm
kernel-debug-devel-2.6.18-371.6.1.el5.x86_64.rpm
kernel-debuginfo-2.6.18-371.6.1.el5.x86_64.rpm
kernel-debuginfo-common-2.6.18-371.6.1.el5.x86_64.rpm
kernel-devel-2.6.18-371.6.1.el5.x86_64.rpm
kernel-headers-2.6.18-371.6.1.el5.x86_64.rpm
kernel-xen-2.6.18-371.6.1.el5.x86_64.rpm
kernel-xen-debuginfo-2.6.18-371.6.1.el5.x86_64.rpm
kernel-xen-devel-2.6.18-371.6.1.el5.x86_64.rpm
Red Hat Enterprise Linux (v. 5 server):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/kernel-2.6.18-371.6.1.el5.src.rpm
i386:
kernel-2.6.18-371.6.1.el5.i686.rpm
kernel-PAE-2.6.18-371.6.1.el5.i686.rpm
kernel-PAE-debuginfo-2.6.18-371.6.1.el5.i686.rpm
kernel-PAE-devel-2.6.18-371.6.1.el5.i686.rpm
kernel-debug-2.6.18-371.6.1.el5.i686.rpm
kernel-debug-debuginfo-2.6.18-371.6.1.el5.i686.rpm
kernel-debug-devel-2.6.18-371.6.1.el5.i686.rpm
kernel-debuginfo-2.6.18-371.6.1.el5.i686.rpm
kernel-debuginfo-common-2.6.18-371.6.1.el5.i686.rpm
kernel-devel-2.6.18-371.6.1.el5.i686.rpm
kernel-headers-2.6.18-371.6.1.el5.i386.rpm
kernel-xen-2.6.18-371.6.1.el5.i686.rpm
kernel-xen-debuginfo-2.6.18-371.6.1.el5.i686.rpm
kernel-xen-devel-2.6.18-371.6.1.el5.i686.rpm
ia64:
kernel-2.6.18-371.6.1.el5.ia64.rpm
kernel-debug-2.6.18-371.6.1.el5.ia64.rpm
kernel-debug-debuginfo-2.6.18-371.6.1.el5.ia64.rpm
kernel-debug-devel-2.6.18-371.6.1.el5.ia64.rpm
kernel-debuginfo-2.6.18-371.6.1.el5.ia64.rpm
kernel-debuginfo-common-2.6.18-371.6.1.el5.ia64.rpm
kernel-devel-2.6.18-371.6.1.el5.ia64.rpm
kernel-headers-2.6.18-371.6.1.el5.ia64.rpm
kernel-xen-2.6.18-371.6.1.el5.ia64.rpm
kernel-xen-debuginfo-2.6.18-371.6.1.el5.ia64.rpm
kernel-xen-devel-2.6.18-371.6.1.el5.ia64.rpm
noarch:
kernel-doc-2.6.18-371.6.1.el5.noarch.rpm
ppc:
kernel-2.6.18-371.6.1.el5.ppc64.rpm
kernel-debug-2.6.18-371.6.1.el5.ppc64.rpm
kernel-debug-debuginfo-2.6.18-371.6.1.el5.ppc64.rpm
kernel-debug-devel-2.6.18-371.6.1.el5.ppc64.rpm
kernel-debuginfo-2.6.18-371.6.1.el5.ppc64.rpm
kernel-debuginfo-common-2.6.18-371.6.1.el5.ppc64.rpm
kernel-devel-2.6.18-371.6.1.el5.ppc64.rpm
kernel-headers-2.6.18-371.6.1.el5.ppc.rpm
kernel-headers-2.6.18-371.6.1.el5.ppc64.rpm
kernel-kdump-2.6.18-371.6.1.el5.ppc64.rpm
kernel-kdump-debuginfo-2.6.18-371.6.1.el5.ppc64.rpm
kernel-kdump-devel-2.6.18-371.6.1.el5.ppc64.rpm
s390x:
kernel-2.6.18-371.6.1.el5.s390x.rpm
kernel-debug-2.6.18-371.6.1.el5.s390x.rpm
kernel-debug-debuginfo-2.6.18-371.6.1.el5.s390x.rpm
kernel-debug-devel-2.6.18-371.6.1.el5.s390x.rpm
kernel-debuginfo-2.6.18-371.6.1.el5.s390x.rpm
kernel-debuginfo-common-2.6.18-371.6.1.el5.s390x.rpm
kernel-devel-2.6.18-371.6.1.el5.s390x.rpm
kernel-headers-2.6.18-371.6.1.el5.s390x.rpm
kernel-kdump-2.6.18-371.6.1.el5.s390x.rpm
kernel-kdump-debuginfo-2.6.18-371.6.1.el5.s390x.rpm
kernel-kdump-devel-2.6.18-371.6.1.el5.s390x.rpm
x86_64:
kernel-2.6.18-371.6.1.el5.x86_64.rpm
kernel-debug-2.6.18-371.6.1.el5.x86_64.rpm
kernel-debug-debuginfo-2.6.18-371.6.1.el5.x86_64.rpm
kernel-debug-devel-2.6.18-371.6.1.el5.x86_64.rpm
kernel-debuginfo-2.6.18-371.6.1.el5.x86_64.rpm
kernel-debuginfo-common-2.6.18-371.6.1.el5.x86_64.rpm
kernel-devel-2.6.18-371.6.1.el5.x86_64.rpm
kernel-headers-2.6.18-371.6.1.el5.x86_64.rpm
kernel-xen-2.6.18-371.6.1.el5.x86_64.rpm
kernel-xen-debuginfo-2.6.18-371.6.1.el5.x86_64.rpm
kernel-xen-devel-2.6.18-371.6.1.el5.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package
7. References:
https://www.redhat.com/security/data/cve/CVE-2013-2929.html
https://www.redhat.com/security/data/cve/CVE-2013-4483.html
https://www.redhat.com/security/data/cve/CVE-2013-4554.html
https://www.redhat.com/security/data/cve/CVE-2013-6381.html
https://www.redhat.com/security/data/cve/CVE-2013-6383.html
https://www.redhat.com/security/data/cve/CVE-2013-6885.html
https://www.redhat.com/security/data/cve/CVE-2013-7263.html
https://access.redhat.com/security/updates/classification/#important
http://support.amd.com/TechDocs/51810_16h_00h-0Fh_Rev_Guide.pdf
https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/5/html/5.10_Technical_Notes/kernel.html
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2014 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFTIKllXlSAg2UNWIIRAoE1AKCRsqWRFKokDuMlc5DqDHLfNVvA/wCdHDXK
1A1C4EUJs9uMy4iYcWc1OjI=
=ND0O
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
| VAR-201311-0413 | No CVE | D-Link DAP-1522 Wireless Router Built-in Authentication Credential Security Bypass Vulnerability |
CVSS V2: 6.8 CVSS V3: - Severity: MEDIUM |
D-Link DAP-1522 is a wireless router product from D-Link.
A security bypass vulnerability exists in the D-Link DAP-1522 wireless router. An attacker could use this vulnerability to bypass the authentication mechanism and gain access to the affected device
| VAR-201311-0378 | CVE-2013-6706 | Cisco IOS XE of Cisco Express Forwarding Service disruption in processing modules (DoS) Vulnerabilities |
CVSS V2: 5.4 CVSS V3: - Severity: MEDIUM |
The Cisco Express Forwarding processing module in Cisco IOS XE allows remote attackers to cause a denial of service (device reload) via crafted MPLS packets that are not properly handled during IP header validation, aka Bug ID CSCuj23992. Cisco IOS is the interconnected network operating system used on most Cisco system routers and network switches. The module has an error in handling the IP header in MPLS. When some additional functions are configured (\"ip cef accounting\" and \"tcp adjust-mss\"), the attacker can send MPLS as the IP packet to pass and leave. The device can trigger this vulnerability, which can cause a device overload to cause a denial of service attack. Cisco IOS XE is prone to a remote denial-of-service vulnerability.
This issue is being tracked by Cisco Bug ID CSCuj23992
| VAR-201311-0235 | CVE-2013-6700 | Cisco IOS XR of SNMP Service disruption in modules (DoS) Vulnerabilities |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
The SNMP module in Cisco IOS XR allows remote attackers to cause a denial of service (process reload) via a request for an unspecified MIB, aka Bug ID CSCuh43144. Vendors have confirmed this vulnerability Bug CSCuh43144 It is released as.Unspecified by a third party MIB Service disruption through requests for ( Reload process ) There is a possibility of being put into a state. Cisco IOS XR is a member of the Cisco IOS Software family that uses a microkernel-based operating system architecture.
This issue is being tracked by Cisco Bug ID CSCuh43144
| VAR-201311-0379 | CVE-2013-6712 | PHP of ext/date/lib/parse_iso_intervals.c of scan Service disruption in functions (DoS) Vulnerabilities |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
The scan function in ext/date/lib/parse_iso_intervals.c in PHP through 5.5.6 does not properly restrict creation of DateInterval objects, which might allow remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted interval specification. PHP is prone to a denial-of-service vulnerability due to a heap-based buffer over-read error.
Successful exploits will allow attackers to cause a denial of service condition. Due to the nature of this issue, arbitrary code execution may be possible; this has not been confirmed. PHP (PHP: Hypertext Preprocessor, PHP: Hypertext Preprocessor) is an open source general-purpose computer scripting language jointly maintained by the PHP Group and the open source community. The language is mainly used for Web development and supports a variety of databases and operating systems. There is a security vulnerability in the 'scan' function in the ext/date/lib/parse_iso_intervals.c file in PHP 5.5.6 and earlier versions. The vulnerability is caused by the program not properly restricting the creation of DateInterval objects. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201408-11
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: High
Title: PHP: Multiple vulnerabilities
Date: August 29, 2014
Bugs: #459904, #472204, #472558, #474656, #476570, #481004,
#483212, #485252, #492784, #493982, #501312, #503630,
#503670, #505172, #505712, #509132, #512288, #512492,
#513032, #516994, #519932, #520134, #520438
ID: 201408-11
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been discovered in PHP, the worst of
which could lead to remote execution of arbitrary code.
Background
==========
PHP is a widely-used general-purpose scripting language that is
especially suited for Web development and can be embedded into HTML.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-lang/php < 5.5.16 >= 5.5.16
*>= 5.4.32
*>= 5.3.29
Description
===========
Multiple vulnerabilities have been discovered in PHP. Please review the
CVE identifiers referenced below for details.
Impact
======
A context-dependent attacker can cause arbitrary code execution, create
a Denial of Service condition, read or write arbitrary files,
impersonate other servers, hijack a web session, or have other
unspecified impact. Additionally, a local attacker could gain escalated
privileges.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All PHP 5.5 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-lang/php-5.5.16"
All PHP 5.4 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-lang/php-5.4.32"
All PHP 5.3 users should upgrade to the latest version. This release
marks the end of life of the PHP 5.3 series. Future releases of this
series are not planned. All PHP 5.3 users are encouraged to upgrade to
the current stable version of PHP 5.5 or previous stable version of PHP
5.4, which are supported till at least 2016 and 2015 respectively.
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-lang/php-5.3.29"
References
==========
[ 1 ] CVE-2011-4718
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4718
[ 2 ] CVE-2013-1635
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1635
[ 3 ] CVE-2013-1643
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1643
[ 4 ] CVE-2013-1824
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1824
[ 5 ] CVE-2013-2110
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2110
[ 6 ] CVE-2013-3735
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3735
[ 7 ] CVE-2013-4113
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4113
[ 8 ] CVE-2013-4248
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4248
[ 9 ] CVE-2013-4635
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4635
[ 10 ] CVE-2013-4636
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4636
[ 11 ] CVE-2013-6420
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6420
[ 12 ] CVE-2013-6712
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6712
[ 13 ] CVE-2013-7226
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-7226
[ 14 ] CVE-2013-7327
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-7327
[ 15 ] CVE-2013-7345
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-7345
[ 16 ] CVE-2014-0185
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0185
[ 17 ] CVE-2014-0237
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0237
[ 18 ] CVE-2014-0238
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0238
[ 19 ] CVE-2014-1943
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1943
[ 20 ] CVE-2014-2270
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2270
[ 21 ] CVE-2014-2497
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2497
[ 22 ] CVE-2014-3597
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3597
[ 23 ] CVE-2014-3981
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3981
[ 24 ] CVE-2014-4049
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-4049
[ 25 ] CVE-2014-4670
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-4670
[ 26 ] CVE-2014-5120
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-5120
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201408-11.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2014 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2014:014
http://www.mandriva.com/en/support/security/
_______________________________________________________________________
Package : php
Date : January 21, 2014
Affected: Business Server 1.0
_______________________________________________________________________
Problem Description:
Multiple vulnerabilities has been discovered and corrected in php:
The openssl_x509_parse function in openssl.c in the OpenSSL module in
PHP before 5.4.18 and 5.5.x before 5.5.2 does not properly handle a
'\0' character in a domain name in the Subject Alternative Name field
of an X.509 certificate, which allows man-in-the-middle attackers
to spoof arbitrary SSL servers via a crafted certificate issued by a
legitimate Certification Authority, a related issue to CVE-2009-2408
(CVE-2013-4248).
Additionally, the PECL packages which requires so has been rebuilt
for php-5.5.8 and some has been upgraded to their latest versions.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4248
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6420
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6712
http://www.php.net/ChangeLog-5.php#5.5.8
_______________________________________________________________________
Updated Packages:
Mandriva Business Server 1/X86_64:
6cbe3c3e54feb911f830a84798cba59b mbs1/x86_64/apache-mod_php-5.5.8-1.mbs1.x86_64.rpm
a10aeb6dd4d85ab4c45b7acb3a080bf1 mbs1/x86_64/lib64json2-0.11-1.mbs1.x86_64.rpm
e661a00b2ea0b360f73c32c633a5665b mbs1/x86_64/lib64json-devel-0.11-1.mbs1.x86_64.rpm
b7938d352e62b7679b55c874e06fbe33 mbs1/x86_64/lib64mbfl1-1.2.0-1.mbs1.x86_64.rpm
9b84b48d9b2a18e048e1c40c786fc3d5 mbs1/x86_64/lib64mbfl-devel-1.2.0-1.mbs1.x86_64.rpm
7d4766a2eb0dd7048917eec2e1f9461f mbs1/x86_64/lib64php5_common5-5.5.8-1.mbs1.x86_64.rpm
a6a17628ec5c2528b42d0308b44b8602 mbs1/x86_64/php-amf-0.9.2-10.1.mbs1.x86_64.rpm
f47775a96d510872e93af788c942eb0d mbs1/x86_64/php-apacheaccessor-1.0.1-1.mbs1.x86_64.rpm
61c55f41ddc362a27b0d622fd72f832b mbs1/x86_64/php-apc-3.1.15-1.2.mbs1.x86_64.rpm
23e851dddb7a7e036eab0bbe753d22fc mbs1/x86_64/php-apc-admin-3.1.15-1.2.mbs1.x86_64.rpm
59f6774136e76c82ea13566c73ff5579 mbs1/x86_64/php-apm-1.1.0-1RC2.mbs1.x86_64.rpm
41f2071c87dc54edd1b35eb3b050523d mbs1/x86_64/php-archive-0.2-22.1.mbs1.x86_64.rpm
6eea5350fd29e56ab3c6530fd4a8eb2d mbs1/x86_64/php-auth_nds-2.2.6-28.1.mbs1.x86_64.rpm
09769fd2f27af4498679488463d4f0d0 mbs1/x86_64/php-bbcode-1.0.3-0.0.b1.5.mbs1.x86_64.rpm
046aade243a8dfbb4ae5235333404450 mbs1/x86_64/php-bcmath-5.5.8-1.mbs1.x86_64.rpm
d41522e2a71180202c9ea965ab8bb87d mbs1/x86_64/php-bcompiler-1.0.2-3.1.mbs1.x86_64.rpm
22108d55173d81e808601cac8da19528 mbs1/x86_64/php-bitset-2.0-1.mbs1.x86_64.rpm
60a5774e783dc9410a3abecd25567242 mbs1/x86_64/php-bloomy-0.1.0-11.1.mbs1.x86_64.rpm
bf678b9a204be1b978643122de681fa8 mbs1/x86_64/php-braille-0.1.1-1.mbs1.x86_64.rpm
bb70b7e885f18b80db1ee6738ce3be50 mbs1/x86_64/php-bz2-5.5.8-1.mbs1.x86_64.rpm
6d44169948606477f69f70f7ad578f53 mbs1/x86_64/php-cairo-0.3.2-1.mbs1.x86_64.rpm
163f88e5a8527945410c21717dc0c523 mbs1/x86_64/php-cairo_wrapper-0.2.4-12.1.mbs1.x86_64.rpm
bbfb9602746185c2ccee545bda5cea1b mbs1/x86_64/php-calendar-5.5.8-1.mbs1.x86_64.rpm
6cd3f73d40196e91b3d5b0d115fd2781 mbs1/x86_64/php-cgi-5.5.8-1.mbs1.x86_64.rpm
303f2b6bd21379576c64e9babe78b5a4 mbs1/x86_64/php-cli-5.5.8-1.mbs1.x86_64.rpm
1b986fc42ec86b34203557515332cbcb mbs1/x86_64/php-courierauth-0.1.0-26.1.mbs1.x86_64.rpm
a451399cac0d1eb96c02b82c3682bacb mbs1/x86_64/php-ctype-5.5.8-1.mbs1.x86_64.rpm
fff5e8e41e8d91ba8f45dc2c2e09de3e mbs1/x86_64/php-curl-5.5.8-1.mbs1.x86_64.rpm
9d8d29b7e05ecdb5b209c5f3e9ea11ef mbs1/x86_64/php-cyrus-1.0-30.1.mbs1.x86_64.rpm
be02c96797fe3505035103a28a646650 mbs1/x86_64/php-dav-1.2-4.1.mbs1.x86_64.rpm
b1d13d3740cd6d6c80b4ea9f6deccb1f mbs1/x86_64/php-dba-5.5.8-1.mbs1.x86_64.rpm
0c1f23ac85aa3da6731cb50877f4933e mbs1/x86_64/php-dbase-5.0.1-3.1.mbs1.x86_64.rpm
90a56987be11920d4bd5e435e92dd07e mbs1/x86_64/php-dbx-1.1.2-3.1.mbs1.x86_64.rpm
f2924a0354eb16c217b5f7ae073df1e7 mbs1/x86_64/php-devel-5.5.8-1.mbs1.x86_64.rpm
92a8332882a805d53823f0c950de0d95 mbs1/x86_64/php-dio-0.0.7-1.mbs1.x86_64.rpm
18e14cc713ce4e782d3378a6b50739d7 mbs1/x86_64/php-doc-5.5.8-1.mbs1.noarch.rpm
19fe234353968902a9095dac4fd4914b mbs1/x86_64/php-dom-5.5.8-1.mbs1.x86_64.rpm
3f86006633057b7819cb7ff0109d8bc3 mbs1/x86_64/php-doublemetaphone-1.0.0-1.mbs1.x86_64.rpm
1c9d18a83bb590cc398de98529619fbe mbs1/x86_64/php-drizzle-0.4.2-8.1.mbs1.x86_64.rpm
681f9d0f04e86b10bcdab85e8ab46646 mbs1/x86_64/php-enchant-5.5.8-1.mbs1.x86_64.rpm
86a0fd5715e93fe2ad3af8af9c762f5e mbs1/x86_64/php-event-1.8.1-1.mbs1.x86_64.rpm
e885e3a1aa38a84f3a91a2f3adfdd9ed mbs1/x86_64/php-exif-5.5.8-1.mbs1.x86_64.rpm
28cbec3693e2ec299ae14f4d3aee2bab mbs1/x86_64/php-expect-0.3.1-3.1.mbs1.x86_64.rpm
1f6e495022af41702d958c5e4c5a7a0c mbs1/x86_64/php-fam-5.0.1-21.1.mbs1.x86_64.rpm
dcc659581a3370b6152a0be1c3d4330a mbs1/x86_64/php-fileinfo-5.5.8-1.mbs1.x86_64.rpm
51361ea120255c19051acce2f7c52373 mbs1/x86_64/php-filepro-5.1.6-31.1.mbs1.x86_64.rpm
57ffefd27baab8189b77ec065f6c25fb mbs1/x86_64/php-filter-5.5.8-1.mbs1.x86_64.rpm
40ef3b1acf64c3dbbec30ed053faf91d mbs1/x86_64/php-fpm-5.5.8-1.mbs1.x86_64.rpm
585a27ca37d6e425e33ebffda8d4a3c5 mbs1/x86_64/php-ftp-5.5.8-1.mbs1.x86_64.rpm
f7e17547d06d727435d842566711bd1f mbs1/x86_64/php-gd-5.5.8-1.mbs1.x86_64.rpm
424413861017a0d960ec25799f7e6d96 mbs1/x86_64/php-gender-1.0.0-1.mbs1.x86_64.rpm
326ce65eb182fa95338b4950bf2902d8 mbs1/x86_64/php-geoip-1.0.8-3.1.mbs1.x86_64.rpm
e8e5d68ccd220fa1411538c887a9b033 mbs1/x86_64/php-gettext-5.5.8-1.mbs1.x86_64.rpm
e52ebf9fbb468cc480ff89b16746ac32 mbs1/x86_64/php-gmp-5.5.8-1.mbs1.x86_64.rpm
705599e093ed673401b92dcc55d7f7af mbs1/x86_64/php-gnupg-1.3.2-8.1.mbs1.x86_64.rpm
e3acb8961bcb47b82eae4f2d1f0a5533 mbs1/x86_64/php-gnutls-0.3-0.rc1.25.mbs1.x86_64.rpm
63cace0435e5165bb99868f0b77fd0fb mbs1/x86_64/php-gtk2-2.0.3-0.git20130225.1.1.mbs1.x86_64.rpm
d24ba27252b2d03b1ac45de414ace8f4 mbs1/x86_64/php-haru-1.0.4-1.mbs1.x86_64.rpm
69dcad6cd94a553145fc7170eb92b9ab mbs1/x86_64/php-hash-5.5.8-1.mbs1.x86_64.rpm
011ee7e7c17f420f6fdddb73f07e2689 mbs1/x86_64/php-hidef-0.1.13-1.mbs1.x86_64.rpm
5be11ca2acde72985150182165690a1e mbs1/x86_64/php-htscanner-1.0.1-1.mbs1.x86_64.rpm
1ef360e88e9e53f426b6128b352d4498 mbs1/x86_64/php-iconv-5.5.8-1.mbs1.x86_64.rpm
241adb52708e8152bbd264477d2c6685 mbs1/x86_64/php-id3-0.2-33.1.mbs1.x86_64.rpm
18a9444caba90afd57ac9d349de79592 mbs1/x86_64/php-imagick-3.1.2-1.mbs1.x86_64.rpm
fb435f0e0c06838e6ba4b8e55edb65da mbs1/x86_64/php-imap-5.5.8-1.mbs1.x86_64.rpm
e3d4b8b1a34ee2fff2514799d39d6c83 mbs1/x86_64/php-inclued-0.1.3-1.mbs1.x86_64.rpm
9a62365f025a6cd92a5649800f94e392 mbs1/x86_64/php-ini-5.5.8-1.mbs1.x86_64.rpm
cc0fa3dfabc021d0a6f97de624c72451 mbs1/x86_64/php-inotify-0.1.6-1.mbs1.x86_64.rpm
f7c954f5f7a8c3497244dab0ac9cc874 mbs1/x86_64/php-intl-5.5.8-1.mbs1.x86_64.rpm
72104e0ea01d0b8d7025ae3de961d950 mbs1/x86_64/php-json-5.5.8-1.mbs1.x86_64.rpm
788d244d7832eca94dc694ec2642c24b mbs1/x86_64/php-ldap-5.5.8-1.mbs1.x86_64.rpm
ef1754adb00601ab1c4c29bb1fd1ef59 mbs1/x86_64/php-libevent-0.1.0-1.mbs1.x86_64.rpm
b300a580ba667f6898875fc41d19116f mbs1/x86_64/php-mbstring-5.5.8-1.mbs1.x86_64.rpm
bb5fecd25651248b7d4731b1aea2b31e mbs1/x86_64/php-mcrypt-5.5.8-1.mbs1.x86_64.rpm
299d7d44e160c8b4e5b7f30644c65a67 mbs1/x86_64/php-mcve-7.0.3-11.1.mbs1.x86_64.rpm
db5be0ea33960859e4f31dc1d8e6c5af mbs1/x86_64/php-memcache-3.0.8-1.mbs1.x86_64.rpm
bc238ba372583c19c57f658ff4225518 mbs1/x86_64/php-memcached-2.1.0-1.mbs1.x86_64.rpm
fbd5ebb29764a11aa742e77fde63ec03 mbs1/x86_64/php-mnogosearch-1.96-35.1.mbs1.x86_64.rpm
2c0d85ca48d9b1f22f0f8445364f97e5 mbs1/x86_64/php-mongo-1.4.5-1.mbs1.x86_64.rpm
a87d1de22d52d2e51bb3977a87afb715 mbs1/x86_64/php-mssql-5.5.8-1.mbs1.x86_64.rpm
c2c1b538550758102b8b456a0db9c18f mbs1/x86_64/php-mysql-5.5.8-1.mbs1.x86_64.rpm
c09aef537da221b4eebbaad7a893e195 mbs1/x86_64/php-mysqli-5.5.8-1.mbs1.x86_64.rpm
f50cb148d81ecf786c80661e19714893 mbs1/x86_64/php-mysqlnd-5.5.8-1.mbs1.x86_64.rpm
25ca5ff7bb6a4bb39e17bef527a4daec mbs1/x86_64/php-newt-1.2.8-1.mbs1.x86_64.rpm
823b8d9b36c8b34b5f80f3f478d5be7d mbs1/x86_64/php-odbc-5.5.8-1.mbs1.x86_64.rpm
821f30096996e971be059dcc617beeb4 mbs1/x86_64/php-oggvorbis-0.2-33.1.mbs1.x86_64.rpm
ec2c830033979609b85d19722079ad45 mbs1/x86_64/php-opcache-5.5.8-1.mbs1.x86_64.rpm
0e66afe941f83d77128a0326fea38368 mbs1/x86_64/php-openssl-5.5.8-1.mbs1.x86_64.rpm
e8b0808df1e75e9eee987d1c38d0de41 mbs1/x86_64/php-pam-1.0.3-10.1.mbs1.x86_64.rpm
c9772947df6039925dc89ed495c5eea0 mbs1/x86_64/php-pcntl-5.5.8-1.mbs1.x86_64.rpm
2d6f78b753dce6b022f0f495e5894bfe mbs1/x86_64/php-pdo-5.5.8-1.mbs1.x86_64.rpm
27dd4d459d9c50a3fa5ee81d988e6c4e mbs1/x86_64/php-pdo_dblib-5.5.8-1.mbs1.x86_64.rpm
060ad327a9a83ef417f9b0bdd60b7529 mbs1/x86_64/php-pdo_mysql-5.5.8-1.mbs1.x86_64.rpm
f42d6c75dcd550e902bdda0672407f17 mbs1/x86_64/php-pdo_odbc-5.5.8-1.mbs1.x86_64.rpm
0e3764c821f508322e40a779a6694d36 mbs1/x86_64/php-pdo_pgsql-5.5.8-1.mbs1.x86_64.rpm
af7cc29beea4f7a1aa87f81cc0f42e4d mbs1/x86_64/php-pdo_sqlite-5.5.8-1.mbs1.x86_64.rpm
6dc688c04f4a9617f5d9f179d5bffad3 mbs1/x86_64/php-pgsql-5.5.8-1.mbs1.x86_64.rpm
e9e88947d413f78a0de370b45cd1e581 mbs1/x86_64/php-phar-5.5.8-1.mbs1.x86_64.rpm
c4cbe315a3897b156de8d8b1ebee2454 mbs1/x86_64/php-posix-5.5.8-1.mbs1.x86_64.rpm
a22a1d86311d97a6e74f41d4c5cee58a mbs1/x86_64/php-proctitle-0.1.2-1.mbs1.x86_64.rpm
1a642e05f7e4acbc0574700d39277f68 mbs1/x86_64/php-radius-1.2.7-1.1.mbs1.x86_64.rpm
364d5f30ed13942441cc6728af41f3ce mbs1/x86_64/php-readline-5.5.8-1.mbs1.x86_64.rpm
8e09378518bf4efca20b146d2ad3ae18 mbs1/x86_64/php-recode-5.5.8-1.mbs1.x86_64.rpm
aca1fc497f23bebd1b261a91b4453c83 mbs1/x86_64/php-rrdtool-0-35.1.mbs1.x86_64.rpm
b7ff902ed02d70049b9fdfa86c82c2bd mbs1/x86_64/php-sasl-0.1.0-36.1.mbs1.x86_64.rpm
f28d198a8148aa993accca677f3921ce mbs1/x86_64/php-session-5.5.8-1.mbs1.x86_64.rpm
9ac8db465023197ca4a3f3358865d6c4 mbs1/x86_64/php-shmop-5.5.8-1.mbs1.x86_64.rpm
994c1f4ef6fdbb46a1217a0b4679b540 mbs1/x86_64/php-snmp-5.5.8-1.mbs1.x86_64.rpm
122de98493f51dad25fad1bd6490b14d mbs1/x86_64/php-soap-5.5.8-1.mbs1.x86_64.rpm
26cb96e64938013375ff2720787dbce3 mbs1/x86_64/php-sockets-5.5.8-1.mbs1.x86_64.rpm
c03f6d3524750a11a26984a5680b6e31 mbs1/x86_64/php-sqlite-1.0.3-1.mbs1.x86_64.rpm
cf9b1e1845c4df39e65c721b5ebe1ecd mbs1/x86_64/php-sqlite3-5.5.8-1.mbs1.x86_64.rpm
3692df1b43da42070fb2245ba85736d7 mbs1/x86_64/php-ssh2-0.12-1.mbs1.x86_64.rpm
46b107eaf4753b6f3e5b1d1c01014ac4 mbs1/x86_64/php-suhosin-0.9.33-7.2.mbs1.x86_64.rpm
648fa01ef7b191c206881bc81fc91cae mbs1/x86_64/php-svn-1.0.2-1.mbs1.x86_64.rpm
4f76f8fdc2c3b96130b50693f44fb82d mbs1/x86_64/php-swish-0.5.0-1.mbs1.x86_64.rpm
dcda9398908f302d916e16ac23edc864 mbs1/x86_64/php-sybase_ct-5.5.8-1.mbs1.x86_64.rpm
05c262004a13838b354818605091d375 mbs1/x86_64/php-syck-0.9.3-17.1.mbs1.x86_64.rpm
911002b84d2ccf6632ab78148eeaa836 mbs1/x86_64/php-sysvmsg-5.5.8-1.mbs1.x86_64.rpm
64ee1ae53811450f47ced3dfc180cd3b mbs1/x86_64/php-sysvsem-5.5.8-1.mbs1.x86_64.rpm
8822eff6601523af2aec8a4b40278d5c mbs1/x86_64/php-sysvshm-5.5.8-1.mbs1.x86_64.rpm
cb7122e7b2b81860304578978b20fae4 mbs1/x86_64/php-tcpwrap-1.1.3-18.1.mbs1.x86_64.rpm
dd20d26681b253ca10d226b576cd9da7 mbs1/x86_64/php-tdb-1.0.0-18.1.mbs1.x86_64.rpm
89ca00e2d6b8a0655161caf3d975a29c mbs1/x86_64/php-tidy-5.5.8-1.mbs1.x86_64.rpm
63e583090b7d6e86679d9cf4dadd13b8 mbs1/x86_64/php-timezonedb-2013.9-1.1.mbs1.x86_64.rpm
51abf076f5d22b0393f94d74bf384502 mbs1/x86_64/php-tk-0.1.1-29.1.mbs1.x86_64.rpm
a2a8c303e251afdfd6b6eb84307f95cd mbs1/x86_64/php-tokenizer-5.5.8-1.mbs1.x86_64.rpm
2d6a9a2ee9034ca19c81914f10dbaaf1 mbs1/x86_64/php-txforward-1.0.7-3.1.mbs1.x86_64.rpm
a91cc0a9f98d6be93242c761722c3363 mbs1/x86_64/php-uploadprogress-1.0.3.1-3.1.mbs1.x86_64.rpm
4cad056354849adc02de0899481f2c0e mbs1/x86_64/php-uuid-1.0.3-1.mbs1.x86_64.rpm
269b8bdd1a21e7f7688a60cb6d4e66c9 mbs1/x86_64/php-wbxml-1.0.3-14.1.mbs1.x86_64.rpm
3c324e3865d37e40e0c44d703e6af971 mbs1/x86_64/php-wddx-5.5.8-1.mbs1.x86_64.rpm
272928a998127f03fa7b466bdae5625b mbs1/x86_64/php-xattr-1.2.0-1.mbs1.x86_64.rpm
1a36dc739e5b59e1a7234c20252bb30c mbs1/x86_64/php-xdiff-1.5.2-1.mbs1.x86_64.rpm
e21b93c47fc09d426b1e9873d922c9b6 mbs1/x86_64/php-xml-5.5.8-1.mbs1.x86_64.rpm
18b1f4b35359ef4803840b6a59023662 mbs1/x86_64/php-xmlreader-5.5.8-1.mbs1.x86_64.rpm
32cac8722f385bd6c889c7998708f896 mbs1/x86_64/php-xmlrpc-5.5.8-1.mbs1.x86_64.rpm
17741808a8ab423b918e15d791a470a0 mbs1/x86_64/php-xmlwriter-5.5.8-1.mbs1.x86_64.rpm
c4ca4a667ea3d67c2a5f41be43e275ef mbs1/x86_64/php-xsl-5.5.8-1.mbs1.x86_64.rpm
26c7a4cb6e3a349f184cb151b3e66bbe mbs1/x86_64/php-xslcache-0.7.2-1.mbs1.x86_64.rpm
2ec0a54234ba1f9408a1dfc312ce15bb mbs1/x86_64/php-yaml-1.1.1-1.mbs1.x86_64.rpm
d8d867f694f761e0c1fbb42f37671246 mbs1/x86_64/php-yaz-1.1.6-1.mbs1.x86_64.rpm
d3a22538565c0e70823ab006a918b599 mbs1/x86_64/php-yp-5.2.3-25.1.mbs1.x86_64.rpm
e8a6f6b750a57d30cab05f43ed0d2826 mbs1/x86_64/php-zip-5.5.8-1.mbs1.x86_64.rpm
85fc2115c2d73651c13b7e7d579035c2 mbs1/x86_64/php-zlib-5.5.8-1.mbs1.x86_64.rpm
dffedeb2bc9dbcf09a08c5b8ee085241 mbs1/SRPMS/json-c-0.11-1.mbs1.src.rpm
af6e8a771ad6e82cc4890d017a282a54 mbs1/SRPMS/libmbfl-1.2.0-1.mbs1.src.rpm
208cadf784cf7e5d87473a66b1ad9dec mbs1/SRPMS/php-5.5.8-1.mbs1.src.rpm
569fe67ccfe844b44d66cd5801c87029 mbs1/SRPMS/php-amf-0.9.2-10.1.mbs1.src.rpm
18c40965301ed883fdc24604257cd1e5 mbs1/SRPMS/php-apacheaccessor-1.0.1-1.mbs1.src.rpm
f7450092f00a1271e4c767317739caf9 mbs1/SRPMS/php-apc-3.1.15-1.2.mbs1.src.rpm
05ac57db5fca564a1056dfbaffb98a5e mbs1/SRPMS/php-apm-1.1.0-1RC2.mbs1.src.rpm
92d6548693ee63aa19a50bf8662db4b1 mbs1/SRPMS/php-archive-0.2-22.1.mbs1.src.rpm
937fe1748c3a85337d74d9d25a5f64b2 mbs1/SRPMS/php-auth_nds-2.2.6-28.1.mbs1.src.rpm
73b13a0ed1ef4c11411c8482d924346a mbs1/SRPMS/php-bbcode-1.0.3-0.0.b1.5.mbs1.src.rpm
2e6d69003f3b782b4dd304a7fb7838d6 mbs1/SRPMS/php-bcompiler-1.0.2-3.1.mbs1.src.rpm
0514e5ace4b598d1f2f380eee232d906 mbs1/SRPMS/php-bitset-2.0-1.mbs1.src.rpm
f681295764f84a253a17a6f8f0de66f3 mbs1/SRPMS/php-bloomy-0.1.0-11.1.mbs1.src.rpm
f099bc978799afff5ed4ab35cde70633 mbs1/SRPMS/php-braille-0.1.1-1.mbs1.src.rpm
522cd2c8a16f78acdc7dc5f80fff34e4 mbs1/SRPMS/php-cairo-0.3.2-1.mbs1.src.rpm
56436636c2f04d70a96d6cb571abcf03 mbs1/SRPMS/php-cairo_wrapper-0.2.4-12.1.mbs1.src.rpm
16e205bc0339a90acb9560df409be2f7 mbs1/SRPMS/php-courierauth-0.1.0-26.1.mbs1.src.rpm
fc4f8967c11cc4b2080193ea11439f10 mbs1/SRPMS/php-cyrus-1.0-30.1.mbs1.src.rpm
028cd11a27d1caf3fa0bfb7ccba72dff mbs1/SRPMS/php-dav-1.2-4.1.mbs1.src.rpm
6e7fa7b114c2262288d12b16b67f9398 mbs1/SRPMS/php-dbase-5.0.1-3.1.mbs1.src.rpm
f5a32e8c86e6d8a37ea49f6edcc8f2eb mbs1/SRPMS/php-dbx-1.1.2-3.1.mbs1.src.rpm
28361b8014ef86de714370ed2f9c8523 mbs1/SRPMS/php-dio-0.0.7-1.mbs1.src.rpm
46cd6b2052a284a5e4b6cd2e9ce0f35b mbs1/SRPMS/php-doublemetaphone-1.0.0-1.mbs1.src.rpm
216f54099506165d92e2fa5eb5fa895b mbs1/SRPMS/php-drizzle-0.4.2-8.1.mbs1.src.rpm
8103618186a8263b5aa140ac2604a377 mbs1/SRPMS/php-event-1.8.1-1.mbs1.src.rpm
117870df2707a9f7f743e0d5e006f01c mbs1/SRPMS/php-expect-0.3.1-3.1.mbs1.src.rpm
1e9571e84f5c216436346ba4f0ef7e01 mbs1/SRPMS/php-fam-5.0.1-21.1.mbs1.src.rpm
12ab1fab99d150362d41a2462432616f mbs1/SRPMS/php-filepro-5.1.6-31.1.mbs1.src.rpm
b8f3eeac43f32ffab74d3a6a2e1a95a9 mbs1/SRPMS/php-gender-1.0.0-1.mbs1.src.rpm
f4b01e4ea76567f29b6302a94de0187e mbs1/SRPMS/php-geoip-1.0.8-3.1.mbs1.src.rpm
ad38f3ef3e39a2cc1ff974fb6fee5f27 mbs1/SRPMS/php-gnupg-1.3.2-8.1.mbs1.src.rpm
7993893485eed60a687dd9072e58ceb7 mbs1/SRPMS/php-gnutls-0.3-0.rc1.25.mbs1.src.rpm
93667de0345b12d30fd9a90850ccfa64 mbs1/SRPMS/php-gtk2-2.0.3-0.git20130225.1.1.mbs1.src.rpm
05bf2145f513bfa34f36e60032d752c1 mbs1/SRPMS/php-haru-1.0.4-1.mbs1.src.rpm
efc0bfbf4490ea6bf61464fcc397661e mbs1/SRPMS/php-hidef-0.1.13-1.mbs1.src.rpm
4c4dcf9335bab8530c2b5a8f5d07fdf5 mbs1/SRPMS/php-htscanner-1.0.1-1.mbs1.src.rpm
4d39a950797e8df46762c5c73e170179 mbs1/SRPMS/php-id3-0.2-33.1.mbs1.src.rpm
1a756001cd773cdc7ca5f797e7171660 mbs1/SRPMS/php-imagick-3.1.2-1.mbs1.src.rpm
7fd6af5d9de5290b131e9624ec67b6bc mbs1/SRPMS/php-inclued-0.1.3-1.mbs1.src.rpm
57ca03ec85af8be4d4db50843d7adeb4 mbs1/SRPMS/php-inotify-0.1.6-1.mbs1.src.rpm
58c4db8af664a6790e382575b8b39151 mbs1/SRPMS/php-libevent-0.1.0-1.mbs1.src.rpm
fde733df58d1daf042d0948be090e961 mbs1/SRPMS/php-mcve-7.0.3-11.1.mbs1.src.rpm
9340b22c4c7b2c5071c197c8fe22aa02 mbs1/SRPMS/php-memcache-3.0.8-1.mbs1.src.rpm
a9c5cbd1eeab91714ec8ce69106e1a20 mbs1/SRPMS/php-memcached-2.1.0-1.mbs1.src.rpm
6cd241db51c9f1e51bc81e2dfecb485b mbs1/SRPMS/php-mnogosearch-1.96-35.1.mbs1.src.rpm
98d85dfb93b0a0c269a9a2d3f6f0eede mbs1/SRPMS/php-mongo-1.4.5-1.mbs1.src.rpm
2524e31d5a61e1352dce360526149544 mbs1/SRPMS/php-newt-1.2.8-1.mbs1.src.rpm
b117d574a2eb07efbeef7e68eb3dbf38 mbs1/SRPMS/php-oggvorbis-0.2-33.1.mbs1.src.rpm
25eef544c81b44775441da1a9d4a5f8e mbs1/SRPMS/php-pam-1.0.3-10.1.mbs1.src.rpm
e4812e2fb71334c1470855047d33ff92 mbs1/SRPMS/php-proctitle-0.1.2-1.mbs1.src.rpm
b34e461b5688ed89bcde35f46d34615a mbs1/SRPMS/php-radius-1.2.7-1.1.mbs1.src.rpm
40dbef246efb480f12286479828f0172 mbs1/SRPMS/php-rrdtool-0-35.1.mbs1.src.rpm
60701f0629317b0bec9f1bdd43354e19 mbs1/SRPMS/php-sasl-0.1.0-36.1.mbs1.src.rpm
5a75e8c81e606385c707b714b6282e5a mbs1/SRPMS/php-sqlite-1.0.3-1.mbs1.src.rpm
ca0c2cf7daea363b6dbe0b1ef89982c1 mbs1/SRPMS/php-ssh2-0.12-1.mbs1.src.rpm
2df05fb13a6318aa63d52b58018aaac9 mbs1/SRPMS/php-suhosin-0.9.33-7.2.mbs1.src.rpm
9a9ab66c2049d3b901a1a29cb41866fc mbs1/SRPMS/php-svn-1.0.2-1.mbs1.src.rpm
62182c75a65d16872febeb225d345f40 mbs1/SRPMS/php-swish-0.5.0-1.mbs1.src.rpm
fdb525c5d728fb5058edc0bde32f8207 mbs1/SRPMS/php-syck-0.9.3-17.1.mbs1.src.rpm
fdc70578239b8ad71a29d2164346b2e3 mbs1/SRPMS/php-tcpwrap-1.1.3-18.1.mbs1.src.rpm
7eca5e164fe2c13313d24fa2d9192b2f mbs1/SRPMS/php-tdb-1.0.0-18.1.mbs1.src.rpm
d9b8b9498a693a047250431b387d1a38 mbs1/SRPMS/php-timezonedb-2013.9-1.1.mbs1.src.rpm
05f98d011308f8e5b93678bc6f8131de mbs1/SRPMS/php-tk-0.1.1-29.1.mbs1.src.rpm
cf608a75bbbaea51c1ce0b04719ce746 mbs1/SRPMS/php-txforward-1.0.7-3.1.mbs1.src.rpm
4a1bae8e064b076164b81d5e79bd5e4b mbs1/SRPMS/php-uploadprogress-1.0.3.1-3.1.mbs1.src.rpm
23a9cf1fa7db9dc8843c9262795a1eb1 mbs1/SRPMS/php-uuid-1.0.3-1.mbs1.src.rpm
f1c54907e7c544dfd95764da8175f749 mbs1/SRPMS/php-wbxml-1.0.3-14.1.mbs1.src.rpm
2c57275de2451e91cbfc271ae14595dc mbs1/SRPMS/php-xattr-1.2.0-1.mbs1.src.rpm
82d034516dcfe4fbaf68640ccd017a1f mbs1/SRPMS/php-xdiff-1.5.2-1.mbs1.src.rpm
c19da5f5199dbc4d58a2c1d9b7de5bff mbs1/SRPMS/php-xslcache-0.7.2-1.mbs1.src.rpm
b05fbb9a7a6ca882fcb7ed4cab1c3886 mbs1/SRPMS/php-yaml-1.1.1-1.mbs1.src.rpm
b2859baaf205be29a938df103529659d mbs1/SRPMS/php-yaz-1.1.6-1.mbs1.src.rpm
8544a9059f4099bc17bdd31cb2218aee mbs1/SRPMS/php-yp-5.2.3-25.1.mbs1.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. ============================================================================
Ubuntu Security Notice USN-2055-1
December 12, 2013
php5 vulnerabilities
============================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 13.10
- Ubuntu 13.04
- Ubuntu 12.10
- Ubuntu 12.04 LTS
- Ubuntu 10.04 LTS
Summary:
Several security issues were fixed in PHP. (CVE-2013-6420)
It was discovered that PHP incorrectly handled DateInterval objects. (CVE-2013-6712)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 13.10:
libapache2-mod-php5 5.5.3+dfsg-1ubuntu2.1
php5-cgi 5.5.3+dfsg-1ubuntu2.1
php5-cli 5.5.3+dfsg-1ubuntu2.1
Ubuntu 13.04:
libapache2-mod-php5 5.4.9-4ubuntu2.4
php5-cgi 5.4.9-4ubuntu2.4
php5-cli 5.4.9-4ubuntu2.4
Ubuntu 12.10:
libapache2-mod-php5 5.4.6-1ubuntu1.5
php5-cgi 5.4.6-1ubuntu1.5
php5-cli 5.4.6-1ubuntu1.5
Ubuntu 12.04 LTS:
libapache2-mod-php5 5.3.10-1ubuntu3.9
php5-cgi 5.3.10-1ubuntu3.9
php5-cli 5.3.10-1ubuntu3.9
Ubuntu 10.04 LTS:
libapache2-mod-php5 5.3.2-1ubuntu4.22
php5-cgi 5.3.2-1ubuntu4.22
php5-cli 5.3.2-1ubuntu4.22
In general, a standard system update will make all the necessary changes.
Release Date: 2014-09-30
Last Updated: 2014-09-30
Potential Security Impact: Cross-site scripting (XSS), Cross-site Request
Forgery (CSRF), unauthorized disclosure of information, Denial of Service
(DoS), and Clickjacking
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY
Potential security vulnerabilities have been identified with HP System
Management Homepage (SMH) on Linux and Windows. The vulnerabilities could be
exploited remotely resulting in Cross-site Scripting (XSS), Cross-site
Request Forgery (CSRF), unauthorized disclosure of information, Denial of
Service (DoS), and Clickjacking.
References:
CVE-2013-4545 Unauthorized modification
CVE-2013-6420 (SSRT101447) Unauthorized disclosure of information
CVE-2013-6422 Unauthorized disclosure of information
CVE-2013-6712 (SSRT101447) Denial of Service (DoS)
CVE-2014-2640 (SSRT101633, SSRT101438) Cross-site Scripting (XSS)
CVE-2014-2641 (SSRT101438) Cross-site Request Forgery (CSRF)
CVE-2014-2642 (SSRT101701) Clickjacking
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
HP System Management Homepage (SMH) for Linux and Windows prior to version
7.4
BACKGROUND
CVSS 2.0 Base Metrics
===========================================================
Reference Base Vector Base Score
CVE-2013-4545 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3
CVE-2013-6420 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5
CVE-2013-6422 (AV:N/AC:H/Au:N/C:P/I:P/A:N) 4.0
CVE-2013-6712 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0
CVE-2014-2640 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3
CVE-2014-2641 (AV:N/AC:M/Au:S/C:P/I:P/A:P) 6.0
CVE-2014-2642 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3
===========================================================
Information on CVSS is documented
in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has made the following software updates available to resolve the
vulnerabilities for the impacted versions of HP System Management Homepage
(SMH) for Linux and Windows:
http://h18013.www1.hp.com/products/servers/management/agents/
HISTORY
Version:1 (rev.1) - 30 September 2014 Initial release
Third Party Security Patches: Third party security patches that are to be
installed on systems running HP software products should be applied in
accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security
Bulletin, contact normal HP Services support channel. For other issues about
the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported
product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin
alerts via Email:
http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is
available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in
the title by the two characters following HPSB.
3C = 3COM
3P = 3rd Party Software
GN = HP General Software
HF = HP Hardware and Firmware
MP = MPE/iX
MU = Multi-Platform Software
NS = NonStop Servers
OV = OpenVMS
PI = Printing and Imaging
PV = ProCurve
ST = Storage Software
TU = Tru64 UNIX
UX = HP-UX
Copyright 2014 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors
or omissions contained herein. The information provided is provided "as is"
without warranty of any kind. To the extent permitted by law, neither HP or
its affiliates, subcontractors or suppliers will be liable for
incidental,special or consequential damages including downtime cost; lost
profits; damages relating to the procurement of substitute products or
services; or damages for loss of data, or software restoration. The
information in this document is subject to change without notice.
Hewlett-Packard Company and the names of Hewlett-Packard products referenced
herein are trademarks of Hewlett-Packard Company in the United States and
other countries. Other product and company names mentioned herein may be
trademarks of their respective owners. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Moderate: php53 and php security update
Advisory ID: RHSA-2014:1012-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-1012.html
Issue date: 2014-08-06
CVE Names: CVE-2012-1571 CVE-2013-6712 CVE-2014-0237
CVE-2014-0238 CVE-2014-1943 CVE-2014-2270
CVE-2014-3479 CVE-2014-3480 CVE-2014-3515
CVE-2014-4049 CVE-2014-4721
=====================================================================
1. Summary:
Updated php53 and php packages that fix multiple security issues are now
available for Red Hat Enterprise Linux 5 and 6 respectively.
The Red Hat Security Response Team has rated this update as having Moderate
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64
Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64
Red Hat Enterprise Linux Desktop Workstation (v. 5 client) - i386, x86_64
Red Hat Enterprise Linux HPC Node (v. 6) - x86_64
Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64
Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64
3. Description:
PHP is an HTML-embedded scripting language commonly used with the Apache
HTTP Server. PHP's fileinfo module provides functions used to identify a
particular file according to the type of data contained by the file.
Multiple denial of service flaws were found in the way the File Information
(fileinfo) extension parsed certain Composite Document Format (CDF) files.
A remote attacker could use either of these flaws to crash a PHP
application using fileinfo via a specially crafted CDF file.
(CVE-2014-0237, CVE-2014-0238, CVE-2014-3479, CVE-2014-3480, CVE-2012-1571)
Two denial of service flaws were found in the way the File Information
(fileinfo) extension handled indirect and search rules. A remote attacker
could use either of these flaws to cause a PHP application using fileinfo
to crash or consume an excessive amount of CPU. (CVE-2014-1943,
CVE-2014-2270)
A heap-based buffer overflow flaw was found in the way PHP parsed DNS TXT
records. A malicious DNS server or a man-in-the-middle attacker could
possibly use this flaw to execute arbitrary code as the PHP interpreter if
a PHP application used the dns_get_record() function to perform a DNS
query. (CVE-2014-4049)
A type confusion issue was found in PHP's phpinfo() function. A malicious
script author could possibly use this flaw to disclose certain portions of
server memory. (CVE-2014-4721)
A buffer over-read flaw was found in the way the DateInterval class parsed
interval specifications. An attacker able to make a PHP application parse a
specially crafted specification using DateInterval could possibly cause the
PHP interpreter to crash. (CVE-2013-6712)
A type confusion issue was found in the SPL ArrayObject and
SPLObjectStorage classes' unserialize() method. A remote attacker able to
submit specially crafted input to a PHP application, which would then
unserialize this input using one of the aforementioned methods, could use
this flaw to execute arbitrary code with the privileges of the user running
that PHP application. (CVE-2014-3515)
The CVE-2014-0237, CVE-2014-0238, CVE-2014-3479, and CVE-2014-3480 issues
were discovered by Francisco Alonso of Red Hat Product Security.
All php53 and php users are advised to upgrade to these updated packages,
which contain backported patches to correct these issues.
4. Solution:
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the
Red Hat Network to apply this update are available at
https://access.redhat.com/articles/11258
5. Bugs fixed (https://bugzilla.redhat.com/):
805197 - CVE-2012-1571 file: out of bounds read in CDF parser
1035670 - CVE-2013-6712 php: heap-based buffer over-read in DateInterval
1065836 - CVE-2014-1943 file: unrestricted recursion in handling of indirect type rules
1072220 - CVE-2014-2270 file: out-of-bounds access in search rules with offsets from input file
1098155 - CVE-2014-0238 file: CDF property info parsing nelements infinite loop
1098193 - CVE-2014-0237 file: cdf_unpack_summary_info() excessive looping DoS
1104858 - CVE-2014-3480 file: cdf_count_chain insufficient boundary check
1104869 - CVE-2014-3479 file: cdf_check_stream_offset insufficient boundary check
1108447 - CVE-2014-4049 php: heap-based buffer overflow in DNS TXT record parsing
1112154 - CVE-2014-3515 php: unserialize() SPL ArrayObject / SPLObjectStorage type confusion flaw
1116662 - CVE-2014-4721 php: type confusion issue in phpinfo() leading to information leak
6. Package List:
Red Hat Enterprise Linux Desktop Workstation (v. 5 client):
Source:
php53-5.3.3-23.el5_10.src.rpm
i386:
php53-5.3.3-23.el5_10.i386.rpm
php53-bcmath-5.3.3-23.el5_10.i386.rpm
php53-cli-5.3.3-23.el5_10.i386.rpm
php53-common-5.3.3-23.el5_10.i386.rpm
php53-dba-5.3.3-23.el5_10.i386.rpm
php53-debuginfo-5.3.3-23.el5_10.i386.rpm
php53-devel-5.3.3-23.el5_10.i386.rpm
php53-gd-5.3.3-23.el5_10.i386.rpm
php53-imap-5.3.3-23.el5_10.i386.rpm
php53-intl-5.3.3-23.el5_10.i386.rpm
php53-ldap-5.3.3-23.el5_10.i386.rpm
php53-mbstring-5.3.3-23.el5_10.i386.rpm
php53-mysql-5.3.3-23.el5_10.i386.rpm
php53-odbc-5.3.3-23.el5_10.i386.rpm
php53-pdo-5.3.3-23.el5_10.i386.rpm
php53-pgsql-5.3.3-23.el5_10.i386.rpm
php53-process-5.3.3-23.el5_10.i386.rpm
php53-pspell-5.3.3-23.el5_10.i386.rpm
php53-snmp-5.3.3-23.el5_10.i386.rpm
php53-soap-5.3.3-23.el5_10.i386.rpm
php53-xml-5.3.3-23.el5_10.i386.rpm
php53-xmlrpc-5.3.3-23.el5_10.i386.rpm
x86_64:
php53-5.3.3-23.el5_10.x86_64.rpm
php53-bcmath-5.3.3-23.el5_10.x86_64.rpm
php53-cli-5.3.3-23.el5_10.x86_64.rpm
php53-common-5.3.3-23.el5_10.x86_64.rpm
php53-dba-5.3.3-23.el5_10.x86_64.rpm
php53-debuginfo-5.3.3-23.el5_10.x86_64.rpm
php53-devel-5.3.3-23.el5_10.x86_64.rpm
php53-gd-5.3.3-23.el5_10.x86_64.rpm
php53-imap-5.3.3-23.el5_10.x86_64.rpm
php53-intl-5.3.3-23.el5_10.x86_64.rpm
php53-ldap-5.3.3-23.el5_10.x86_64.rpm
php53-mbstring-5.3.3-23.el5_10.x86_64.rpm
php53-mysql-5.3.3-23.el5_10.x86_64.rpm
php53-odbc-5.3.3-23.el5_10.x86_64.rpm
php53-pdo-5.3.3-23.el5_10.x86_64.rpm
php53-pgsql-5.3.3-23.el5_10.x86_64.rpm
php53-process-5.3.3-23.el5_10.x86_64.rpm
php53-pspell-5.3.3-23.el5_10.x86_64.rpm
php53-snmp-5.3.3-23.el5_10.x86_64.rpm
php53-soap-5.3.3-23.el5_10.x86_64.rpm
php53-xml-5.3.3-23.el5_10.x86_64.rpm
php53-xmlrpc-5.3.3-23.el5_10.x86_64.rpm
Red Hat Enterprise Linux (v. 5 server):
Source:
php53-5.3.3-23.el5_10.src.rpm
i386:
php53-5.3.3-23.el5_10.i386.rpm
php53-bcmath-5.3.3-23.el5_10.i386.rpm
php53-cli-5.3.3-23.el5_10.i386.rpm
php53-common-5.3.3-23.el5_10.i386.rpm
php53-dba-5.3.3-23.el5_10.i386.rpm
php53-debuginfo-5.3.3-23.el5_10.i386.rpm
php53-devel-5.3.3-23.el5_10.i386.rpm
php53-gd-5.3.3-23.el5_10.i386.rpm
php53-imap-5.3.3-23.el5_10.i386.rpm
php53-intl-5.3.3-23.el5_10.i386.rpm
php53-ldap-5.3.3-23.el5_10.i386.rpm
php53-mbstring-5.3.3-23.el5_10.i386.rpm
php53-mysql-5.3.3-23.el5_10.i386.rpm
php53-odbc-5.3.3-23.el5_10.i386.rpm
php53-pdo-5.3.3-23.el5_10.i386.rpm
php53-pgsql-5.3.3-23.el5_10.i386.rpm
php53-process-5.3.3-23.el5_10.i386.rpm
php53-pspell-5.3.3-23.el5_10.i386.rpm
php53-snmp-5.3.3-23.el5_10.i386.rpm
php53-soap-5.3.3-23.el5_10.i386.rpm
php53-xml-5.3.3-23.el5_10.i386.rpm
php53-xmlrpc-5.3.3-23.el5_10.i386.rpm
ia64:
php53-5.3.3-23.el5_10.ia64.rpm
php53-bcmath-5.3.3-23.el5_10.ia64.rpm
php53-cli-5.3.3-23.el5_10.ia64.rpm
php53-common-5.3.3-23.el5_10.ia64.rpm
php53-dba-5.3.3-23.el5_10.ia64.rpm
php53-debuginfo-5.3.3-23.el5_10.ia64.rpm
php53-devel-5.3.3-23.el5_10.ia64.rpm
php53-gd-5.3.3-23.el5_10.ia64.rpm
php53-imap-5.3.3-23.el5_10.ia64.rpm
php53-intl-5.3.3-23.el5_10.ia64.rpm
php53-ldap-5.3.3-23.el5_10.ia64.rpm
php53-mbstring-5.3.3-23.el5_10.ia64.rpm
php53-mysql-5.3.3-23.el5_10.ia64.rpm
php53-odbc-5.3.3-23.el5_10.ia64.rpm
php53-pdo-5.3.3-23.el5_10.ia64.rpm
php53-pgsql-5.3.3-23.el5_10.ia64.rpm
php53-process-5.3.3-23.el5_10.ia64.rpm
php53-pspell-5.3.3-23.el5_10.ia64.rpm
php53-snmp-5.3.3-23.el5_10.ia64.rpm
php53-soap-5.3.3-23.el5_10.ia64.rpm
php53-xml-5.3.3-23.el5_10.ia64.rpm
php53-xmlrpc-5.3.3-23.el5_10.ia64.rpm
ppc:
php53-5.3.3-23.el5_10.ppc.rpm
php53-bcmath-5.3.3-23.el5_10.ppc.rpm
php53-cli-5.3.3-23.el5_10.ppc.rpm
php53-common-5.3.3-23.el5_10.ppc.rpm
php53-dba-5.3.3-23.el5_10.ppc.rpm
php53-debuginfo-5.3.3-23.el5_10.ppc.rpm
php53-devel-5.3.3-23.el5_10.ppc.rpm
php53-gd-5.3.3-23.el5_10.ppc.rpm
php53-imap-5.3.3-23.el5_10.ppc.rpm
php53-intl-5.3.3-23.el5_10.ppc.rpm
php53-ldap-5.3.3-23.el5_10.ppc.rpm
php53-mbstring-5.3.3-23.el5_10.ppc.rpm
php53-mysql-5.3.3-23.el5_10.ppc.rpm
php53-odbc-5.3.3-23.el5_10.ppc.rpm
php53-pdo-5.3.3-23.el5_10.ppc.rpm
php53-pgsql-5.3.3-23.el5_10.ppc.rpm
php53-process-5.3.3-23.el5_10.ppc.rpm
php53-pspell-5.3.3-23.el5_10.ppc.rpm
php53-snmp-5.3.3-23.el5_10.ppc.rpm
php53-soap-5.3.3-23.el5_10.ppc.rpm
php53-xml-5.3.3-23.el5_10.ppc.rpm
php53-xmlrpc-5.3.3-23.el5_10.ppc.rpm
s390x:
php53-5.3.3-23.el5_10.s390x.rpm
php53-bcmath-5.3.3-23.el5_10.s390x.rpm
php53-cli-5.3.3-23.el5_10.s390x.rpm
php53-common-5.3.3-23.el5_10.s390x.rpm
php53-dba-5.3.3-23.el5_10.s390x.rpm
php53-debuginfo-5.3.3-23.el5_10.s390x.rpm
php53-devel-5.3.3-23.el5_10.s390x.rpm
php53-gd-5.3.3-23.el5_10.s390x.rpm
php53-imap-5.3.3-23.el5_10.s390x.rpm
php53-intl-5.3.3-23.el5_10.s390x.rpm
php53-ldap-5.3.3-23.el5_10.s390x.rpm
php53-mbstring-5.3.3-23.el5_10.s390x.rpm
php53-mysql-5.3.3-23.el5_10.s390x.rpm
php53-odbc-5.3.3-23.el5_10.s390x.rpm
php53-pdo-5.3.3-23.el5_10.s390x.rpm
php53-pgsql-5.3.3-23.el5_10.s390x.rpm
php53-process-5.3.3-23.el5_10.s390x.rpm
php53-pspell-5.3.3-23.el5_10.s390x.rpm
php53-snmp-5.3.3-23.el5_10.s390x.rpm
php53-soap-5.3.3-23.el5_10.s390x.rpm
php53-xml-5.3.3-23.el5_10.s390x.rpm
php53-xmlrpc-5.3.3-23.el5_10.s390x.rpm
x86_64:
php53-5.3.3-23.el5_10.x86_64.rpm
php53-bcmath-5.3.3-23.el5_10.x86_64.rpm
php53-cli-5.3.3-23.el5_10.x86_64.rpm
php53-common-5.3.3-23.el5_10.x86_64.rpm
php53-dba-5.3.3-23.el5_10.x86_64.rpm
php53-debuginfo-5.3.3-23.el5_10.x86_64.rpm
php53-devel-5.3.3-23.el5_10.x86_64.rpm
php53-gd-5.3.3-23.el5_10.x86_64.rpm
php53-imap-5.3.3-23.el5_10.x86_64.rpm
php53-intl-5.3.3-23.el5_10.x86_64.rpm
php53-ldap-5.3.3-23.el5_10.x86_64.rpm
php53-mbstring-5.3.3-23.el5_10.x86_64.rpm
php53-mysql-5.3.3-23.el5_10.x86_64.rpm
php53-odbc-5.3.3-23.el5_10.x86_64.rpm
php53-pdo-5.3.3-23.el5_10.x86_64.rpm
php53-pgsql-5.3.3-23.el5_10.x86_64.rpm
php53-process-5.3.3-23.el5_10.x86_64.rpm
php53-pspell-5.3.3-23.el5_10.x86_64.rpm
php53-snmp-5.3.3-23.el5_10.x86_64.rpm
php53-soap-5.3.3-23.el5_10.x86_64.rpm
php53-xml-5.3.3-23.el5_10.x86_64.rpm
php53-xmlrpc-5.3.3-23.el5_10.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
Source:
php-5.3.3-27.el6_5.1.src.rpm
i386:
php-5.3.3-27.el6_5.1.i686.rpm
php-bcmath-5.3.3-27.el6_5.1.i686.rpm
php-cli-5.3.3-27.el6_5.1.i686.rpm
php-common-5.3.3-27.el6_5.1.i686.rpm
php-dba-5.3.3-27.el6_5.1.i686.rpm
php-debuginfo-5.3.3-27.el6_5.1.i686.rpm
php-devel-5.3.3-27.el6_5.1.i686.rpm
php-embedded-5.3.3-27.el6_5.1.i686.rpm
php-enchant-5.3.3-27.el6_5.1.i686.rpm
php-fpm-5.3.3-27.el6_5.1.i686.rpm
php-gd-5.3.3-27.el6_5.1.i686.rpm
php-imap-5.3.3-27.el6_5.1.i686.rpm
php-intl-5.3.3-27.el6_5.1.i686.rpm
php-ldap-5.3.3-27.el6_5.1.i686.rpm
php-mbstring-5.3.3-27.el6_5.1.i686.rpm
php-mysql-5.3.3-27.el6_5.1.i686.rpm
php-odbc-5.3.3-27.el6_5.1.i686.rpm
php-pdo-5.3.3-27.el6_5.1.i686.rpm
php-pgsql-5.3.3-27.el6_5.1.i686.rpm
php-process-5.3.3-27.el6_5.1.i686.rpm
php-pspell-5.3.3-27.el6_5.1.i686.rpm
php-recode-5.3.3-27.el6_5.1.i686.rpm
php-snmp-5.3.3-27.el6_5.1.i686.rpm
php-soap-5.3.3-27.el6_5.1.i686.rpm
php-tidy-5.3.3-27.el6_5.1.i686.rpm
php-xml-5.3.3-27.el6_5.1.i686.rpm
php-xmlrpc-5.3.3-27.el6_5.1.i686.rpm
php-zts-5.3.3-27.el6_5.1.i686.rpm
x86_64:
php-5.3.3-27.el6_5.1.x86_64.rpm
php-bcmath-5.3.3-27.el6_5.1.x86_64.rpm
php-cli-5.3.3-27.el6_5.1.x86_64.rpm
php-common-5.3.3-27.el6_5.1.x86_64.rpm
php-dba-5.3.3-27.el6_5.1.x86_64.rpm
php-debuginfo-5.3.3-27.el6_5.1.x86_64.rpm
php-devel-5.3.3-27.el6_5.1.x86_64.rpm
php-embedded-5.3.3-27.el6_5.1.x86_64.rpm
php-enchant-5.3.3-27.el6_5.1.x86_64.rpm
php-fpm-5.3.3-27.el6_5.1.x86_64.rpm
php-gd-5.3.3-27.el6_5.1.x86_64.rpm
php-imap-5.3.3-27.el6_5.1.x86_64.rpm
php-intl-5.3.3-27.el6_5.1.x86_64.rpm
php-ldap-5.3.3-27.el6_5.1.x86_64.rpm
php-mbstring-5.3.3-27.el6_5.1.x86_64.rpm
php-mysql-5.3.3-27.el6_5.1.x86_64.rpm
php-odbc-5.3.3-27.el6_5.1.x86_64.rpm
php-pdo-5.3.3-27.el6_5.1.x86_64.rpm
php-pgsql-5.3.3-27.el6_5.1.x86_64.rpm
php-process-5.3.3-27.el6_5.1.x86_64.rpm
php-pspell-5.3.3-27.el6_5.1.x86_64.rpm
php-recode-5.3.3-27.el6_5.1.x86_64.rpm
php-snmp-5.3.3-27.el6_5.1.x86_64.rpm
php-soap-5.3.3-27.el6_5.1.x86_64.rpm
php-tidy-5.3.3-27.el6_5.1.x86_64.rpm
php-xml-5.3.3-27.el6_5.1.x86_64.rpm
php-xmlrpc-5.3.3-27.el6_5.1.x86_64.rpm
php-zts-5.3.3-27.el6_5.1.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source:
php-5.3.3-27.el6_5.1.src.rpm
x86_64:
php-cli-5.3.3-27.el6_5.1.x86_64.rpm
php-common-5.3.3-27.el6_5.1.x86_64.rpm
php-debuginfo-5.3.3-27.el6_5.1.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
Source:
php-5.3.3-27.el6_5.1.src.rpm
x86_64:
php-5.3.3-27.el6_5.1.x86_64.rpm
php-bcmath-5.3.3-27.el6_5.1.x86_64.rpm
php-dba-5.3.3-27.el6_5.1.x86_64.rpm
php-debuginfo-5.3.3-27.el6_5.1.x86_64.rpm
php-devel-5.3.3-27.el6_5.1.x86_64.rpm
php-embedded-5.3.3-27.el6_5.1.x86_64.rpm
php-enchant-5.3.3-27.el6_5.1.x86_64.rpm
php-fpm-5.3.3-27.el6_5.1.x86_64.rpm
php-gd-5.3.3-27.el6_5.1.x86_64.rpm
php-imap-5.3.3-27.el6_5.1.x86_64.rpm
php-intl-5.3.3-27.el6_5.1.x86_64.rpm
php-ldap-5.3.3-27.el6_5.1.x86_64.rpm
php-mbstring-5.3.3-27.el6_5.1.x86_64.rpm
php-mysql-5.3.3-27.el6_5.1.x86_64.rpm
php-odbc-5.3.3-27.el6_5.1.x86_64.rpm
php-pdo-5.3.3-27.el6_5.1.x86_64.rpm
php-pgsql-5.3.3-27.el6_5.1.x86_64.rpm
php-process-5.3.3-27.el6_5.1.x86_64.rpm
php-pspell-5.3.3-27.el6_5.1.x86_64.rpm
php-recode-5.3.3-27.el6_5.1.x86_64.rpm
php-snmp-5.3.3-27.el6_5.1.x86_64.rpm
php-soap-5.3.3-27.el6_5.1.x86_64.rpm
php-tidy-5.3.3-27.el6_5.1.x86_64.rpm
php-xml-5.3.3-27.el6_5.1.x86_64.rpm
php-xmlrpc-5.3.3-27.el6_5.1.x86_64.rpm
php-zts-5.3.3-27.el6_5.1.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source:
php-5.3.3-27.el6_5.1.src.rpm
i386:
php-5.3.3-27.el6_5.1.i686.rpm
php-cli-5.3.3-27.el6_5.1.i686.rpm
php-common-5.3.3-27.el6_5.1.i686.rpm
php-debuginfo-5.3.3-27.el6_5.1.i686.rpm
php-debuginfo-5.3.3-27.el6_5.1.i686.rpm
php-gd-5.3.3-27.el6_5.1.i686.rpm
php-gd-5.3.3-27.el6_5.1.i686.rpm
php-ldap-5.3.3-27.el6_5.1.i686.rpm
php-mysql-5.3.3-27.el6_5.1.i686.rpm
php-mysql-5.3.3-27.el6_5.1.i686.rpm
php-odbc-5.3.3-27.el6_5.1.i686.rpm
php-odbc-5.3.3-27.el6_5.1.i686.rpm
php-pdo-5.3.3-27.el6_5.1.i686.rpm
php-pgsql-5.3.3-27.el6_5.1.i686.rpm
php-soap-5.3.3-27.el6_5.1.i686.rpm
php-xml-5.3.3-27.el6_5.1.i686.rpm
php-xml-5.3.3-27.el6_5.1.i686.rpm
php-xmlrpc-5.3.3-27.el6_5.1.i686.rpm
ppc64:
php-5.3.3-27.el6_5.1.ppc64.rpm
php-cli-5.3.3-27.el6_5.1.ppc64.rpm
php-common-5.3.3-27.el6_5.1.ppc64.rpm
php-debuginfo-5.3.3-27.el6_5.1.ppc64.rpm
php-debuginfo-5.3.3-27.el6_5.1.ppc64.rpm
php-gd-5.3.3-27.el6_5.1.ppc64.rpm
php-gd-5.3.3-27.el6_5.1.ppc64.rpm
php-ldap-5.3.3-27.el6_5.1.ppc64.rpm
php-mysql-5.3.3-27.el6_5.1.ppc64.rpm
php-mysql-5.3.3-27.el6_5.1.ppc64.rpm
php-odbc-5.3.3-27.el6_5.1.ppc64.rpm
php-odbc-5.3.3-27.el6_5.1.ppc64.rpm
php-pdo-5.3.3-27.el6_5.1.ppc64.rpm
php-pgsql-5.3.3-27.el6_5.1.ppc64.rpm
php-soap-5.3.3-27.el6_5.1.ppc64.rpm
php-xml-5.3.3-27.el6_5.1.ppc64.rpm
php-xml-5.3.3-27.el6_5.1.ppc64.rpm
php-xmlrpc-5.3.3-27.el6_5.1.ppc64.rpm
s390x:
php-5.3.3-27.el6_5.1.s390x.rpm
php-cli-5.3.3-27.el6_5.1.s390x.rpm
php-common-5.3.3-27.el6_5.1.s390x.rpm
php-debuginfo-5.3.3-27.el6_5.1.s390x.rpm
php-debuginfo-5.3.3-27.el6_5.1.s390x.rpm
php-gd-5.3.3-27.el6_5.1.s390x.rpm
php-gd-5.3.3-27.el6_5.1.s390x.rpm
php-ldap-5.3.3-27.el6_5.1.s390x.rpm
php-mysql-5.3.3-27.el6_5.1.s390x.rpm
php-mysql-5.3.3-27.el6_5.1.s390x.rpm
php-odbc-5.3.3-27.el6_5.1.s390x.rpm
php-odbc-5.3.3-27.el6_5.1.s390x.rpm
php-pdo-5.3.3-27.el6_5.1.s390x.rpm
php-pgsql-5.3.3-27.el6_5.1.s390x.rpm
php-soap-5.3.3-27.el6_5.1.s390x.rpm
php-xml-5.3.3-27.el6_5.1.s390x.rpm
php-xmlrpc-5.3.3-27.el6_5.1.s390x.rpm
x86_64:
php-5.3.3-27.el6_5.1.x86_64.rpm
php-cli-5.3.3-27.el6_5.1.x86_64.rpm
php-common-5.3.3-27.el6_5.1.x86_64.rpm
php-debuginfo-5.3.3-27.el6_5.1.x86_64.rpm
php-debuginfo-5.3.3-27.el6_5.1.x86_64.rpm
php-gd-5.3.3-27.el6_5.1.x86_64.rpm
php-gd-5.3.3-27.el6_5.1.x86_64.rpm
php-ldap-5.3.3-27.el6_5.1.x86_64.rpm
php-mysql-5.3.3-27.el6_5.1.x86_64.rpm
php-mysql-5.3.3-27.el6_5.1.x86_64.rpm
php-odbc-5.3.3-27.el6_5.1.x86_64.rpm
php-odbc-5.3.3-27.el6_5.1.x86_64.rpm
php-pdo-5.3.3-27.el6_5.1.x86_64.rpm
php-pgsql-5.3.3-27.el6_5.1.x86_64.rpm
php-soap-5.3.3-27.el6_5.1.x86_64.rpm
php-xml-5.3.3-27.el6_5.1.x86_64.rpm
php-xml-5.3.3-27.el6_5.1.x86_64.rpm
php-xmlrpc-5.3.3-27.el6_5.1.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
Source:
php-5.3.3-27.el6_5.1.src.rpm
i386:
php-bcmath-5.3.3-27.el6_5.1.i686.rpm
php-dba-5.3.3-27.el6_5.1.i686.rpm
php-debuginfo-5.3.3-27.el6_5.1.i686.rpm
php-devel-5.3.3-27.el6_5.1.i686.rpm
php-embedded-5.3.3-27.el6_5.1.i686.rpm
php-enchant-5.3.3-27.el6_5.1.i686.rpm
php-fpm-5.3.3-27.el6_5.1.i686.rpm
php-imap-5.3.3-27.el6_5.1.i686.rpm
php-intl-5.3.3-27.el6_5.1.i686.rpm
php-mbstring-5.3.3-27.el6_5.1.i686.rpm
php-process-5.3.3-27.el6_5.1.i686.rpm
php-pspell-5.3.3-27.el6_5.1.i686.rpm
php-recode-5.3.3-27.el6_5.1.i686.rpm
php-snmp-5.3.3-27.el6_5.1.i686.rpm
php-tidy-5.3.3-27.el6_5.1.i686.rpm
php-zts-5.3.3-27.el6_5.1.i686.rpm
ppc64:
php-bcmath-5.3.3-27.el6_5.1.ppc64.rpm
php-dba-5.3.3-27.el6_5.1.ppc64.rpm
php-debuginfo-5.3.3-27.el6_5.1.ppc64.rpm
php-devel-5.3.3-27.el6_5.1.ppc64.rpm
php-embedded-5.3.3-27.el6_5.1.ppc64.rpm
php-enchant-5.3.3-27.el6_5.1.ppc64.rpm
php-fpm-5.3.3-27.el6_5.1.ppc64.rpm
php-imap-5.3.3-27.el6_5.1.ppc64.rpm
php-intl-5.3.3-27.el6_5.1.ppc64.rpm
php-mbstring-5.3.3-27.el6_5.1.ppc64.rpm
php-process-5.3.3-27.el6_5.1.ppc64.rpm
php-pspell-5.3.3-27.el6_5.1.ppc64.rpm
php-recode-5.3.3-27.el6_5.1.ppc64.rpm
php-snmp-5.3.3-27.el6_5.1.ppc64.rpm
php-tidy-5.3.3-27.el6_5.1.ppc64.rpm
php-zts-5.3.3-27.el6_5.1.ppc64.rpm
s390x:
php-bcmath-5.3.3-27.el6_5.1.s390x.rpm
php-dba-5.3.3-27.el6_5.1.s390x.rpm
php-debuginfo-5.3.3-27.el6_5.1.s390x.rpm
php-devel-5.3.3-27.el6_5.1.s390x.rpm
php-embedded-5.3.3-27.el6_5.1.s390x.rpm
php-enchant-5.3.3-27.el6_5.1.s390x.rpm
php-fpm-5.3.3-27.el6_5.1.s390x.rpm
php-imap-5.3.3-27.el6_5.1.s390x.rpm
php-intl-5.3.3-27.el6_5.1.s390x.rpm
php-mbstring-5.3.3-27.el6_5.1.s390x.rpm
php-process-5.3.3-27.el6_5.1.s390x.rpm
php-pspell-5.3.3-27.el6_5.1.s390x.rpm
php-recode-5.3.3-27.el6_5.1.s390x.rpm
php-snmp-5.3.3-27.el6_5.1.s390x.rpm
php-tidy-5.3.3-27.el6_5.1.s390x.rpm
php-zts-5.3.3-27.el6_5.1.s390x.rpm
x86_64:
php-bcmath-5.3.3-27.el6_5.1.x86_64.rpm
php-dba-5.3.3-27.el6_5.1.x86_64.rpm
php-debuginfo-5.3.3-27.el6_5.1.x86_64.rpm
php-devel-5.3.3-27.el6_5.1.x86_64.rpm
php-embedded-5.3.3-27.el6_5.1.x86_64.rpm
php-enchant-5.3.3-27.el6_5.1.x86_64.rpm
php-fpm-5.3.3-27.el6_5.1.x86_64.rpm
php-imap-5.3.3-27.el6_5.1.x86_64.rpm
php-intl-5.3.3-27.el6_5.1.x86_64.rpm
php-mbstring-5.3.3-27.el6_5.1.x86_64.rpm
php-process-5.3.3-27.el6_5.1.x86_64.rpm
php-pspell-5.3.3-27.el6_5.1.x86_64.rpm
php-recode-5.3.3-27.el6_5.1.x86_64.rpm
php-snmp-5.3.3-27.el6_5.1.x86_64.rpm
php-tidy-5.3.3-27.el6_5.1.x86_64.rpm
php-zts-5.3.3-27.el6_5.1.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source:
php-5.3.3-27.el6_5.1.src.rpm
i386:
php-5.3.3-27.el6_5.1.i686.rpm
php-cli-5.3.3-27.el6_5.1.i686.rpm
php-common-5.3.3-27.el6_5.1.i686.rpm
php-debuginfo-5.3.3-27.el6_5.1.i686.rpm
php-gd-5.3.3-27.el6_5.1.i686.rpm
php-ldap-5.3.3-27.el6_5.1.i686.rpm
php-mysql-5.3.3-27.el6_5.1.i686.rpm
php-odbc-5.3.3-27.el6_5.1.i686.rpm
php-pdo-5.3.3-27.el6_5.1.i686.rpm
php-pgsql-5.3.3-27.el6_5.1.i686.rpm
php-soap-5.3.3-27.el6_5.1.i686.rpm
php-xml-5.3.3-27.el6_5.1.i686.rpm
php-xmlrpc-5.3.3-27.el6_5.1.i686.rpm
x86_64:
php-5.3.3-27.el6_5.1.x86_64.rpm
php-cli-5.3.3-27.el6_5.1.x86_64.rpm
php-common-5.3.3-27.el6_5.1.x86_64.rpm
php-debuginfo-5.3.3-27.el6_5.1.x86_64.rpm
php-gd-5.3.3-27.el6_5.1.x86_64.rpm
php-ldap-5.3.3-27.el6_5.1.x86_64.rpm
php-mysql-5.3.3-27.el6_5.1.x86_64.rpm
php-odbc-5.3.3-27.el6_5.1.x86_64.rpm
php-pdo-5.3.3-27.el6_5.1.x86_64.rpm
php-pgsql-5.3.3-27.el6_5.1.x86_64.rpm
php-soap-5.3.3-27.el6_5.1.x86_64.rpm
php-xml-5.3.3-27.el6_5.1.x86_64.rpm
php-xmlrpc-5.3.3-27.el6_5.1.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
Source:
php-5.3.3-27.el6_5.1.src.rpm
i386:
php-bcmath-5.3.3-27.el6_5.1.i686.rpm
php-dba-5.3.3-27.el6_5.1.i686.rpm
php-debuginfo-5.3.3-27.el6_5.1.i686.rpm
php-devel-5.3.3-27.el6_5.1.i686.rpm
php-embedded-5.3.3-27.el6_5.1.i686.rpm
php-enchant-5.3.3-27.el6_5.1.i686.rpm
php-fpm-5.3.3-27.el6_5.1.i686.rpm
php-imap-5.3.3-27.el6_5.1.i686.rpm
php-intl-5.3.3-27.el6_5.1.i686.rpm
php-mbstring-5.3.3-27.el6_5.1.i686.rpm
php-process-5.3.3-27.el6_5.1.i686.rpm
php-pspell-5.3.3-27.el6_5.1.i686.rpm
php-recode-5.3.3-27.el6_5.1.i686.rpm
php-snmp-5.3.3-27.el6_5.1.i686.rpm
php-tidy-5.3.3-27.el6_5.1.i686.rpm
php-zts-5.3.3-27.el6_5.1.i686.rpm
x86_64:
php-bcmath-5.3.3-27.el6_5.1.x86_64.rpm
php-dba-5.3.3-27.el6_5.1.x86_64.rpm
php-debuginfo-5.3.3-27.el6_5.1.x86_64.rpm
php-devel-5.3.3-27.el6_5.1.x86_64.rpm
php-embedded-5.3.3-27.el6_5.1.x86_64.rpm
php-enchant-5.3.3-27.el6_5.1.x86_64.rpm
php-fpm-5.3.3-27.el6_5.1.x86_64.rpm
php-imap-5.3.3-27.el6_5.1.x86_64.rpm
php-intl-5.3.3-27.el6_5.1.x86_64.rpm
php-mbstring-5.3.3-27.el6_5.1.x86_64.rpm
php-process-5.3.3-27.el6_5.1.x86_64.rpm
php-pspell-5.3.3-27.el6_5.1.x86_64.rpm
php-recode-5.3.3-27.el6_5.1.x86_64.rpm
php-snmp-5.3.3-27.el6_5.1.x86_64.rpm
php-tidy-5.3.3-27.el6_5.1.x86_64.rpm
php-zts-5.3.3-27.el6_5.1.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package
7. References:
https://www.redhat.com/security/data/cve/CVE-2012-1571.html
https://www.redhat.com/security/data/cve/CVE-2013-6712.html
https://www.redhat.com/security/data/cve/CVE-2014-0237.html
https://www.redhat.com/security/data/cve/CVE-2014-0238.html
https://www.redhat.com/security/data/cve/CVE-2014-1943.html
https://www.redhat.com/security/data/cve/CVE-2014-2270.html
https://www.redhat.com/security/data/cve/CVE-2014-3479.html
https://www.redhat.com/security/data/cve/CVE-2014-3480.html
https://www.redhat.com/security/data/cve/CVE-2014-3515.html
https://www.redhat.com/security/data/cve/CVE-2014-4049.html
https://www.redhat.com/security/data/cve/CVE-2014-4721.html
https://access.redhat.com/security/updates/classification/#moderate
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2014 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iD8DBQFT4bujXlSAg2UNWIIRAjupAJ48N95gPfI5/pzaIYdf4przuZNdmwCgjE/L
x544JALirz19qNQAHQ4sjzQ=
=t3Ft
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
APPLE-SA-2015-04-08-2 OS X 10.10.3 and Security Update 2015-004
OS X Yosemite 10.10.3 and Security Update 2015-004 are now available
and address the following:
Admin Framework
Available for: OS X Yosemite v10.10 to v10.10.2
Impact: A process may gain admin privileges without properly
authenticating
Description: An issue existed when checking XPC entitlements. This
issue was addressed with improved entitlement checking.
CVE-ID
CVE-2015-1130 : Emil Kvarnhammar at TrueSec
apache
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,
OS X Yosemite v10.10 to v10.10.2
Impact: Multiple vulnerabilities in Apache
Description: Multiple vulnerabilities existed in Apache versions
prior to 2.4.10 and 2.2.29, including one that may allow a remote
attacker to execute arbitrary code. These issues were addressed by
updating Apache to versions 2.4.10 and 2.2.29
CVE-ID
CVE-2013-0118
CVE-2013-5704
CVE-2013-6438
CVE-2014-0098
CVE-2014-0117
CVE-2014-0118
CVE-2014-0226
CVE-2014-0231
CVE-2014-3523
ATS
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,
OS X Yosemite v10.10 to v10.10.2
Impact: A local user may be able to execute arbitrary code with
system privileges
Description: Multiple input validation issues existed in fontd.
These issues were addressed through improved input validation.
CVE-ID
CVE-2015-1131 : Ian Beer of Google Project Zero
CVE-2015-1132 : Ian Beer of Google Project Zero
CVE-2015-1133 : Ian Beer of Google Project Zero
CVE-2015-1134 : Ian Beer of Google Project Zero
CVE-2015-1135 : Ian Beer of Google Project Zero
Certificate Trust Policy
Impact: Update to the certificate trust policy
Description: The certificate trust policy was updated. The complete
list of certificates may be viewed at https://support.apple.com/en-
us/HT202858.
CFNetwork HTTPProtocol
Available for: OS X Yosemite v10.10 to v10.10.2
Impact: Cookies belonging to one origin may be sent to another
origin
Description: A cross-domain cookie issue existed in redirect
handling. Cookies set in a redirect response could be passed on to a
redirect target belonging to another origin. The issue was address
through improved handling of redirects.
CVE-ID
CVE-2015-1089 : Niklas Keller
CFNetwork Session
Available for: OS X Yosemite v10.10 to v10.10.2
Impact: Authentication credentials may be sent to a server on
another origin
Description: A cross-domain HTTP request headers issue existed in
redirect handling. HTTP request headers sent in a redirect response
could be passed on to another origin. The issue was addressed through
improved handling of redirects.
CVE-ID
CVE-2015-1091 : Diego Torres (http://dtorres.me)
CFURL
Available for: OS X Yosemite v10.10 to v10.10.2
Impact: Visiting a maliciously crafted website may lead to arbitrary
code execution
Description: An input validation issue existed within URL
processing. This issue was addressed through improved URL validation.
CVE-ID
CVE-2015-1088 : Luigi Galli
CoreAnimation
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,
OS X Yosemite v10.10 to v10.10.2
Impact: Visiting a maliciously crafted website may lead to arbitrary
code execution
Description: A use-after-free issue existed in CoreAnimation. This
issue was addressed through improved mutex management.
CVE-ID
CVE-2015-1136 : Apple
FontParser
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,
OS X Yosemite v10.10 to v10.10.2
Impact: Processing a maliciously crafted font file may lead to
arbitrary code execution
Description: Multiple memory corruption issues existed in the
processing of font files. These issues were addressed through
improved bounds checking.
CVE-ID
CVE-2015-1093 : Marc Schoenefeld
Graphics Driver
Available for: OS X Mavericks v10.9.5,
OS X Yosemite v10.10 to v10.10.2
Impact: A local user may be able to execute arbitrary code with
system privileges
Description: A NULL pointer dereference existed in NVIDIA graphics
driver's handling of certain IOService userclient types. This issue
was addressed through additional context validation.
CVE-ID
CVE-2015-1137 :
Frank Graziano and John Villamil of the Yahoo Pentest Team
Hypervisor
Available for: OS X Yosemite v10.10 to v10.10.2
Impact: A local application may be able to cause a denial of service
Description: An input validation issue existed in the hypervisor
framework. This issue was addressed through improved input
validation.
CVE-ID
CVE-2015-1138 : Izik Eidus and Alex Fishman
ImageIO
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,
OS X Yosemite v10.10 to v10.10.2
Impact: Processing a maliciously crafted .sgi file may lead to
arbitrary code execution
Description: A memory corruption issue existed in the handling of
.sgi files. This issue was addressed through improved bounds
checking.
CVE-ID
CVE-2015-1139 : Apple
IOHIDFamily
Available for: OS X Yosemite v10.10 to v10.10.2
Impact: A malicious HID device may be able to cause arbitrary code
execution
Description: A memory corruption issue existed in an IOHIDFamily
API. This issue was addressed through improved memory handling.
CVE-ID
CVE-2015-1095 : Andrew Church
IOHIDFamily
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,
OS X Yosemite v10.10 to v10.10.2
Impact: A local user may be able to execute arbitrary code with
system privileges
Description: A buffer overflow issue existed in IOHIDFamily. This
issue was addressed through improved memory handling.
CVE-ID
CVE-2015-1140 : lokihardt@ASRT working with HP's Zero Day Initiative,
Luca Todesco
IOHIDFamily
Available for: OS X Yosemite v10.10 to v10.10.2
Impact: A local user may be able to determine kernel memory layout
Description: An issue existed in IOHIDFamily that led to the
disclosure of kernel memory content. This issue was addressed through
improved bounds checking.
CVE-ID
CVE-2015-1096 : Ilja van Sprundel of IOActive
IOHIDFamily
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5
Impact: A malicious application may be able to execute arbitrary
code with system privileges
Description: A heap buffer overflow existed in IOHIDFamily's
handling of key-mapping properties. This issue was addressed through
improved bounds checking.
CVE-ID
CVE-2014-4404 : Ian Beer of Google Project Zero
IOHIDFamily
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5
Impact: A malicious application may be able to execute arbitrary
code with system privileges
Description: A null pointer dereference existed in IOHIDFamily's
handling of key-mapping properties. This issue was addressed through
improved validation of IOHIDFamily key-mapping properties.
CVE-ID
CVE-2014-4405 : Ian Beer of Google Project Zero
IOHIDFamily
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5
Impact: A user may be able to execute arbitrary code with system
privileges
Description: An out-of-bounds write issue exited in the IOHIDFamily
driver. The issue was addressed through improved input validation.
CVE-ID
CVE-2014-4380 : cunzhang from Adlab of Venustech
Kernel
Available for: OS X Yosemite v10.10 to v10.10.2
Impact: A local user may be able to cause unexpected system shutdown
Description: An issue existed in the handling of virtual memory
operations within the kernel. The issue is fixed through improved
handling of the mach_vm_read operation.
CVE-ID
CVE-2015-1141 : Ole Andre Vadla Ravnas of www.frida.re
Kernel
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,
OS X Yosemite v10.10 to v10.10.2
Impact: A local user may be able to cause a system denial of service
Description: A race condition existed in the kernel's setreuid
system call. This issue was addressed through improved state
management.
CVE-ID
CVE-2015-1099 : Mark Mentovai of Google Inc.
Kernel
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,
OS X Yosemite v10.10 to v10.10.2
Impact: A local application may escalate privileges using a
compromised service intended to run with reduced privileges
Description: setreuid and setregid system calls failed to drop
privileges permanently. This issue was addressed by correctly
dropping privileges.
CVE-ID
CVE-2015-1117 : Mark Mentovai of Google Inc.
Kernel
Available for: OS X Yosemite v10.10 to v10.10.2
Impact: An attacker with a privileged network position may be able
to redirect user traffic to arbitrary hosts
Description: ICMP redirects were enabled by default on OS X. This
issue was addressed by disabling ICMP redirects.
CVE-ID
CVE-2015-1103 : Zimperium Mobile Security Labs
Kernel
Available for: OS X Yosemite v10.10 to v10.10.2
Impact: An attacker with a privileged network position may be able
to cause a denial of service
Description: A state inconsistency existed in the processing of TCP
headers. This issue was addressed through improved state handling.
CVE-ID
CVE-2015-1102 : Andrey Khudyakov and Maxim Zhuravlev of Kaspersky Lab
Kernel
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,
OS X Yosemite v10.10 to v10.10.2
Impact: A local user may be able to cause unexpected system
termination or read kernel memory
Description: A out of bounds memory access issue existed in the
kernel. This issue was addressed through improved memory handling.
CVE-ID
CVE-2015-1100 : Maxime Villard of m00nbsd
Kernel
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,
OS X Yosemite v10.10 to v10.10.2
Impact: A remote attacker may be able to bypass network filters
Description: The system would treat some IPv6 packets from remote
network interfaces as local packets. The issue was addressed by
rejecting these packets.
CVE-ID
CVE-2015-1104 : Stephen Roettger of the Google Security Team
Kernel
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,
OS X Yosemite v10.10 to v10.10.2
Impact: A local user may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue existed in the kernel. This
issue was addressed through improved memory handling.
CVE-ID
CVE-2015-1101 : lokihardt@ASRT working with HP's Zero Day Initiative
Kernel
Available for: OS X Yosemite v10.10 to v10.10.2
Impact: A remote attacker may be able to cause a denial of service
Description: A state inconsistency issue existed in the handling of
TCP out of band data. This issue was addressed through improved state
management.
CVE-ID
CVE-2015-1105 : Kenton Varda of Sandstorm.io
LaunchServices
Available for: OS X Yosemite v10.10 to v10.10.2
Impact: A local user may be able to cause the Finder to crash
Description: An input validation issue existed in LaunchServices's
handling of application localization data. This issue was addressed
through improved validation of localization data.
CVE-ID
CVE-2015-1142
LaunchServices
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,
OS X Yosemite v10.10 to v10.10.2
Impact: A local user may be able to execute arbitrary code with
system privileges
Description: A type confusion issue existed in LaunchServices's
handling of localized strings. This issue was addressed through
additional bounds checking.
CVE-ID
CVE-2015-1143 : Apple
libnetcore
Available for: OS X Yosemite v10.10 to v10.10.2
Impact: Processing a maliciously crafted configuration profile may
lead to unexpected application termination
Description: A memory corruption issue existed in the handling of
configuration profiles. This issue was addressed through improved
bounds checking.
CVE-ID
CVE-2015-1118 : Zhaofeng Chen, Hui Xue, Yulong Zhang, and Tao Wei of
FireEye, Inc.
ntp
Available for: OS X Yosemite v10.10 to v10.10.2
Impact: A remote attacker may brute force ntpd authentication keys
Description: The config_auth function in ntpd generated a weak key
when an authentication key was not configured. This issue was
addressed by improved key generation.
CVE-ID
CVE-2014-9298
OpenLDAP
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,
OS X Yosemite v10.10 to v10.10.2
Impact: A remote unauthenticated client may be able to cause a
denial of service
Description: Multiple input validation issues existed in OpenLDAP.
These issues were addressed by improved input validation.
CVE-ID
CVE-2015-1545 : Ryan Tandy
CVE-2015-1546 : Ryan Tandy
OpenSSL
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,
OS X Yosemite v10.10 to v10.10.2
Impact: Multiple vulnerabilities in OpenSSL
Description: Multiple vulnerabilities existed in OpenSSL 0.9.8zc,
including one that may allow an attacker to intercept connections to
a server that supports export-grade ciphers. These issues were
addressed by updating OpenSSL to version 0.9.8zd.
CVE-ID
CVE-2014-3569
CVE-2014-3570
CVE-2014-3571
CVE-2014-3572
CVE-2014-8275
CVE-2015-0204
Open Directory Client
Available for: OS X Mavericks v10.9.5,
OS X Yosemite v10.10 to v10.10.2
Impact: A password might be sent unencrypted over the network when
using Open Directory from OS X Server
Description: If an Open Directory client was bound to an OS X Server
but did not install the certificates of the OS X Server, and then a
user on that client changed their password, the password change
request was sent over the network without encryption. This issue was
addressed by having the client require encryption for this case.
CVE-ID
CVE-2015-1147 : Apple
PHP
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,
OS X Yosemite v10.10 to v10.10.2
Impact: Multiple vulnerabilities in PHP
Description: Multiple vulnerabilities existed in PHP versions prior
to 5.3.29, 5.4.38, and 5.5.20, including one which may have led to
arbitrary code execution. This update addresses the issues by
updating PHP to versions 5.3.29, 5.4.38, and 5.5.20.
CVE-ID
CVE-2013-6712
CVE-2014-0207
CVE-2014-0237
CVE-2014-0238
CVE-2014-2497
CVE-2014-3478
CVE-2014-3479
CVE-2014-3480
CVE-2014-3487
CVE-2014-3538
CVE-2014-3587
CVE-2014-3597
CVE-2014-3668
CVE-2014-3669
CVE-2014-3670
CVE-2014-3710
CVE-2014-3981
CVE-2014-4049
CVE-2014-4670
CVE-2014-4698
CVE-2014-5120
QuickLook
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,
OS X Yosemite v10.10 to v10.10.2
Impact: Opening a maliciously crafted iWork file may lead to
arbitrary code execution
Description: A memory corruption issue existed in the handling of
iWork files. This issue was addressed through improved memory
handling.
CVE-ID
CVE-2015-1098 : Christopher Hickstein
SceneKit
Available for: OS X Mountain Lion v10.8.5
Impact: Viewing a maliciously crafted Collada file may lead to
arbitrary code execution
Description: A heap buffer overflow existed in SceneKit's handling
of Collada files. This issue was addressed through
improved validation of accessor elements.
CVE-ID
CVE-2014-8830 : Jose Duart of Google Security Team
Screen Sharing
Available for: OS X Yosemite v10.10 to v10.10.2
Impact: A user's password may be logged to a local file
Description: In some circumstances, Screen Sharing may log a user's
password that is not readable by other users on the system. This
issue was addressed by removing logging of credential.
CVE-ID
CVE-2015-1148 : Apple
Security - Code Signing
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,
OS X Yosemite v10.10 to v10.10.2
Impact: Tampered applications may not be prevented from launching
Description: Applications containing specially crafted bundles may
have been able to launch without a completely valid signature. This
issue was addressed by adding additional checks.
CVE-ID
CVE-2015-1145
CVE-2015-1146
UniformTypeIdentifiers
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,
OS X Yosemite v10.10 to v10.10.2
Impact: A local user may be able to execute arbitrary code with
system privileges
Description: A buffer overflow existed in the way Uniform Type
Identifiers were handled. This issue was addressed with improved
bounds checking.
CVE-ID
CVE-2015-1144 : Apple
WebKit
Available for: OS X Yosemite v10.10 to v10.10.2
Impact: Visiting a maliciously crafted website may lead to arbitrary
code execution
Description: A memory corruption issue existed in WebKit. This
issues was addressed through improved memory handling.
CVE-ID
CVE-2015-1069 : lokihardt@ASRT working with HP's Zero Day Initiative
Security Update 2015-004 (available for OS X Mountain Lion v10.8.5
and OS X Mavericks v10.9.5) also addresses an issue caused by the fix
for CVE-2015-1067 in Security Update 2015-002. This issue prevented
Remote Apple Events clients on any version from connecting to the
Remote Apple Events server. In default configurations, Remote Apple
Events is not enabled.
OS X Yosemite 10.10.3 includes the security content of Safari 8.0.5.
https://support.apple.com/en-us/HT204658
OS X Yosemite 10.10.3 and Security Update 2015-004 may be obtained
from the Mac App Store or Apple's Software Downloads web site:
http://www.apple.com/support/downloads/
Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
Comment: GPGTools - http://gpgtools.org
iQIcBAEBAgAGBQJVJKj2AAoJEBcWfLTuOo7tDh4QAK0LxfwMRKcdOXOKpXsRz6lg
lhZ+CLVcSepq8qBkFQ74f3B5CuhxD0IGQPaAuSXl51tWYdfN+92tkbmyZ9k8901l
+I0vw6upeE+oqRnGtSRzq68UhcARbdV8V1+C0Xl3IIuuHc+xlEgvklDhF9Pc8XM6
DudGiVNqt6MOqd5Oc4s4FFF0nnpnyG9+UJem3mi4Ee88PwI4x1Hev7utPPmaPDzj
cjkVeislko3QArNJxtBpkYudErA4eR5OX8Tdf12jAmPTtjrXUb3VigEf78Nna0RW
kHTOGdB5EZ+YFZ8KlyIQlENBjTtI8CGdCF4/S/2xDN83NTRsimd5Y7LSjdd0uANo
pqxAc3Gzn5xngWF1Qbb6V+XZBfz5NoeTq5BXBB5OHz4PSGaQuMsBA2RYFMzNLqWv
D/T5U1JtzRLALt0lYAz63B0OhW7KXeLI9oer1Vo4wWF9O9cUFyuSI4JU5uYLQpJX
kEpSFt4YPFFxMnlzCLzLkmVGax4w9M/tRHYeSKAnRlnsoPBtIGFItlNZE2RduD/R
5n2APoJa3banQ8miycGORYP3WsktDRZzBy+2QPWuz8sE3AvAkO9xWp8PrQBkqf/b
6CIG5UkCYITG2uzBXqnGbfDiEDvBLNN1Yq0ZZI23iYRxrdW0I0pv1CHio354q12G
vVE37tYUU4PnLfwlcazq
=MOsT
-----END PGP SIGNATURE-----
| VAR-201312-0318 | CVE-2013-7105 | Buffer Overflow Vulnerability in the log function of Interstage HTTP Server |
CVSS V2: 10.0 CVSS V3: - Severity: HIGH |
Buffer overflow in the Interstage HTTP Server log functionality, as used in Fujitsu Interstage Application Server 9.0.0, 9.1.0, 9.2.0, 9.3.1, and 10.0.0; and Interstage Studio 9.0.0, 9.1.0, 9.2.0, and 10.0.0, has unspecified impact and attack vectors related to "ihsrlog/rotatelogs.". An attacker could execute arbitrary code. Fujitsu Interstage is a modular software component for enterprise business operations management. Multiple Fujitsu Interstage Products are prone to an unspecified buffer-overflow vulnerability because it fails to properly bounds check data. Failed attempts will likely cause a denial-of-service condition
| VAR-201402-0418 | CVE-2013-7320 | D-Link DAP-2553 Access Point Cross-site request forgery vulnerability in some firmware |
CVSS V2: 6.8 CVSS V3: - Severity: MEDIUM |
Cross-site request forgery (CSRF) vulnerability in D-Link DAP-2253 Access Point (Rev. A1) with firmware before 1.30 allows remote attackers to hijack the authentication of administrators for requests that modify configuration settings via unspecified vectors. D-Link DAP-2253 is a router device of D-Link. Attackers can use these vulnerabilities to execute arbitrary script code in the context browser of the affected site, steal cookie-based authentication, perform unauthorized operations, leak or modify sensitive information, and there may be other forms of attacks.
Attackers may exploit these issues to gain unauthorized access to restricted content by bypassing intended security restrictions or to obtain sensitive information that may aid in launching further attacks. Other attacks may also be possible.
D-Link DAP-2253 running firmware 1.26rc55 and prior are vulnerable. D-Link DAP-2253 Access Point is a wireless access point product of D-Link. A1) with firmware 1.26rc55 and earlier
| VAR-201311-0073 | CVE-2013-3394 | Cisco Prime Network Registrar of Web Interface cross-site scripting vulnerability |
CVSS V2: 4.3 CVSS V3: - Severity: MEDIUM |
Cross-site scripting (XSS) vulnerability in the web interface in Cisco Prime Network Registrar 8.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted field, aka Bug ID CSCuh41429.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
This issue is being tracked by Cisco Bug ID CSCuh41429. The product provides services such as Dynamic Host Configuration Protocol (DHCP), Domain Name System (DNS) and IP Address Management (IPAM)
| VAR-201402-0419 | CVE-2013-7321 | D-Link DAP-2553 Access Point Firmware cross-site scripting vulnerability |
CVSS V2: 4.3 CVSS V3: - Severity: MEDIUM |
Cross-site scripting (XSS) vulnerability in D-Link DAP-2253 Access Point (Rev. A1) with firmware before 1.30 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. D-Link DAP-2253 is a router device of D-Link.
Cross-site scripting and cross-site request forgery vulnerabilities exist in D-Link DAP-2253 routers using firmware 1.26rc55 and earlier. Attackers can use these vulnerabilities to execute arbitrary script code in the context browser of the affected site, steal cookie-based authentication, perform unauthorized operations, leak or modify sensitive information, and there may be other forms of attacks.
Attackers may exploit these issues to gain unauthorized access to restricted content by bypassing intended security restrictions or to obtain sensitive information that may aid in launching further attacks. Other attacks may also be possible.
D-Link DAP-2253 running firmware 1.26rc55 and prior are vulnerable. D-Link DAP-2553 Access Point is a wireless access point product of D-Link. A1) with firmware 1.26rc55 and earlier
| VAR-201401-0526 | CVE-2013-7293 | ASUS Wireless Router products contain a static DNS entry |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
The ASUS WL-330NUL router has a configuration process that relies on accessing the 192.168.1.1 IP address, but the documentation advises users to instead access a DNS hostname that does not always resolve to 192.168.1.1, which makes it easier for remote attackers to hijack the configuration traffic by controlling the server associated with that hostname. ASUS Wireless provided by LAN The router has a static DNS There is a problem with the record being registered. ASUS Wireless provided by LAN Static on the router DNS Record is registered (192.168.1.1 / www.asusnetwork .net) . When the user is not connected to the device network www.asusnetwork .net If you access the URL with a web browser, you may connect to an unintended website.It may lead to malicious websites containing malware. The documentation recommends that users use www.asusnetwork.net to configure the device. Mutiple ASUS Wireless Router is prone to a remote URL-redirection vulnerability.
An attacker can leverage this issue by constructing a URI that includes a malicious site redirection. When an unsuspecting victim follows the URI, they may be redirected to an attacker-controlled site; this may aid in phishing attacks
| VAR-201911-1529 | CVE-2013-6811 |
D-Link DSL-6740U Cross-Site Request Forgery Vulnerability
Related entries in the VARIoT exploits database: VAR-E-201311-0397 |
CVSS V2: 6.8 CVSS V3: 8.8 Severity: HIGH |
Multiple cross-site request forgery (CSRF) vulnerabilities in the D-Link DSL-6740U gateway (Rev. H1) allow remote attackers to hijack the authentication of administrators for requests that change administrator credentials or enable remote management services to (1) Custom Services in Port Forwarding, (2) Port Triggering Entries, (3) URL Filters in Parental Control, (4) Print Server settings, (5) QoS Queue Setup, or (6) QoS Classification Entries. D-Link DSL-6740U Gateway contains a cross-site request forgery vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The D-Link DSL-6740U is a broadband router device. The D-Link DSL-6740U has a cross-site request forgery vulnerability that allows remote attackers to build malicious URIs, entice users to resolve, and perform malicious actions in the target user context. Such as changing the administrator password or enabling remote management services. D-Link DSL-6740U is prone to a cross-site request-forgery vulnerability.
Exploiting this issue may allow a remote attacker to perform certain administrative actions and gain unauthorized access to the affected device. Other attacks are also possible
| VAR-201312-0310 | CVE-2013-7093 | SAP Network Interface Router Vulnerabilities that bypass authentication |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
SAP Network Interface Router (SAProuter) 39.3 SP4 allows remote attackers to bypass authentication and modify the configuration via unspecified vectors. SAProuter is prone to an authentication-bypass vulnerability. SAP Network Interface Router (SAProuter) is a network connection program between SAP systems of Germany's SAP (SAP). There is an authorization problem vulnerability in SAProuter 39.3 SP4 version
| VAR-201311-0451 | No CVE | ABB MicroSCADA Stack Corruption Remote Code Execution Vulnerability |
CVSS V2: 7.5 CVSS V3: - Severity: HIGH |
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of ABB MicroSCADA Wserver. Authentication is not required to exploit this vulnerability.The specific flaw exists within the wserver.exe component which listens on TCP port 12221. This component performs insufficient bounds checking on user-supplied data which results in stack corruption. An attacker can leverage this situation to execute code under the context of the user running the application. ABB MicroSCADA wserver.exe incorrectly filters user-submitted input, allowing remote attackers to exploit vulnerabilities to send specially crafted requests to TCP port 12221 to trigger a stack-based buffer overflow that can crash an application or execute arbitrary code. ABB MicroSCADA is a set of substation monitoring software developed by ABB in Switzerland for power transmission and distribution systems. The software includes a human-machine interface (MMI) and flexible application engineering tools, and provides functions such as monitoring, event alarms, and trend graph statistics.
There is a code execution vulnerability in ABB MicroSCADA, which is caused by the program not performing boundary checks on user-submitted input