National Cyber Awareness System:
03/30/2015 09:06 AM EDT
Original release date: March 30, 2015
The US-CERT Cyber Security Bulletin provides a
summary of new vulnerabilities that have been
recorded by the National Institute of
Standards and Technology (NIST) National
Vulnerability Database (NVD) in the past week.
The NVD is sponsored by the Department
of Homeland Security (DHS) National
Cybersecurity and Communications Integration
Center (NCCIC) / United States
Computer Emergency Readiness Team (US-CERT).
For modified or updated entries, please visit the NVD, which contains historical
vulnerability information.
The vulnerabilities are based on the CVE
vulnerability naming standard and are organized
according to severity, determined by the Common Vulnerability Scoring
System (CVSS) standard. The division of high,
medium, and low severities correspond to the
following scores:
-
High
- Vulnerabilities will be labeled High severity
if they have a CVSS base score of 7.0 - 10.0
-
Medium -
Vulnerabilities will be labeled Medium severity
if they have a CVSS base score of 4.0 - 6.9
-
Low
- Vulnerabilities will be labeled Low severity
if they have a CVSS base score of 0.0 - 3.9
Entries may include additional information provided
by organizations and efforts sponsored by US-CERT.
This information may include identifying
information, values, definitions, and related links.
Patch information is provided when available. Please
note that some of the information in the bulletins
is compiled from external, open source reports and
is not a direct result of US-CERT analysis.
High Vulnerabilities
Primary
Vendor -- Product |
Description |
Published |
CVSS Score |
Source
& Patch Info |
arubanetworks
-- arubaos |
The
"RAP console" feature in ArubaOS 5.x through
6.2.x, 6.3.x before 6.3.1.15, and 6.4.x
before 6.4.2.4 on Aruba access points in
Remote Access Point (AP) mode allows remote
attackers to execute arbitrary commands via
unspecified vectors. |
2015-03-24 |
7.2 |
CVE-2015-1388
CONFIRM |
cisco --
ios |
The
Autonomic Networking Infrastructure (ANI)
implementation in Cisco IOS 12.2, 12.4,
15.0, 15.2, 15.3, and 15.4 and IOS XE
3.10.xS through 3.13.xS before 3.13.1S
allows remote attackers to spoof Autonomic
Networking Registration Authority (ANRA)
responses, and consequently bypass intended
device and node access restrictions or cause
a denial of service (disrupted domain
access), via crafted AN messages, aka Bug ID
CSCup62191. |
2015-03-26 |
9.0 |
CVE-2015-0635
CISCO |
cisco --
ios |
The
Autonomic Networking Infrastructure (ANI)
implementation in Cisco IOS 12.2, 12.4,
15.0, 15.2, 15.3, and 15.4 and IOS XE
3.10.xS through 3.13.xS before 3.13.1S
allows remote attackers to cause a denial of
service (disrupted domain access) via
spoofed AN messages that reset a finite
state machine, aka Bug ID CSCup62293. |
2015-03-26 |
7.8 |
CVE-2015-0636
CISCO |
cisco --
ios |
The
Autonomic Networking Infrastructure (ANI)
implementation in Cisco IOS 12.2, 12.4,
15.0, 15.2, 15.3, and 15.4 and IOS XE
3.10.xS through 3.13.xS before 3.13.1S
allows remote attackers to cause a denial of
service (device reload) via spoofed AN
messages, aka Bug ID CSCup62315. |
2015-03-26 |
7.8 |
CVE-2015-0637
CISCO |
cisco --
ios |
Cisco
IOS 12.2, 12.4, 15.0, 15.2, and 15.3, when a
VRF interface is configured, allows remote
attackers to cause a denial of service
(interface queue wedge) via crafted ICMPv4
packets, aka Bug ID CSCsi02145. |
2015-03-26 |
7.1 |
CVE-2015-0638
CISCO |
cisco --
ios_xe |
The
Common Flow Table (CFT) feature in Cisco IOS
XE 3.6 and 3.7 before 3.7.1S, 3.8 before
3.8.0S, 3.9 before 3.9.0S, 3.10 before
3.10.0S, 3.11 before 3.11.0S, 3.12 before
3.12.0S, 3.13 before 3.13.0S, 3.14 before
3.14.0S, and 3.15 before 3.15.0S, when MMON
or NBAR is enabled, allows remote attackers
to cause a denial of service (device reload)
via malformed IPv6 packets with IPv4 UDP
encapsulation, aka Bug ID CSCua79665. |
2015-03-26 |
7.8 |
CVE-2015-0639
CISCO |
cisco --
ios_xe |
The
high-speed logging (HSL) feature in Cisco
IOS XE 2.x and 3.x before 3.10.4S, 3.11
before 3.11.3S, 3.12 before 3.12.1S, 3.13
before 3.13.0S, 3.14 before 3.14.0S, and
3.15 before 3.15.0S allows remote attackers
to cause a denial of service (device reload)
via large IP packets that require NAT and
HSL processing after fragmentation, aka Bug
ID CSCuo25741. |
2015-03-26 |
7.8 |
CVE-2015-0640
CISCO |
cisco --
ios_xe |
Cisco
IOS XE 2.x and 3.x before 3.9.0S, 3.10
before 3.10.0S, 3.11 before 3.11.0S, 3.12
before 3.12.0S, 3.13 before 3.13.0S, 3.14
before 3.14.0S, and 3.15 before 3.15.0S
allows remote attackers to cause a denial of
service (device reload) via crafted IPv6
packets, aka Bug ID CSCub68073. |
2015-03-26 |
7.8 |
CVE-2015-0641
CISCO |
cisco --
ios |
Cisco
IOS 12.2, 12.4, 15.0, 15.1, 15.2, 15.3, and
15.4 and IOS XE 2.5.x, 2.6.x, 3.1.xS through
3.12.xS before 3.12.3S, 3.2.xE through
3.7.xE before 3.7.1E, 3.3.xSG, 3.4.xSG, and
3.13.xS before 3.13.2S allow remote
attackers to cause a denial of service
(device reload) by sending malformed IKEv2
packets over (1) IPv4 or (2) IPv6, aka Bug
ID CSCum36951. |
2015-03-26 |
7.8 |
CVE-2015-0642
CONFIRM
CISCO |
cisco --
ios |
Cisco
IOS 12.2, 12.4, 15.0, 15.1, 15.2, 15.3, and
15.4 and IOS XE 2.5.x, 2.6.x, 3.1.xS through
3.12.xS before 3.12.3S, 3.2.xE through
3.7.xE before 3.7.1E, 3.3.xSG, 3.4.xSG, and
3.13.xS before 3.13.2S allow remote
attackers to cause a denial of service
(memory consumption and device reload) by
sending malformed IKEv2 packets over (1)
IPv4 or (2) IPv6, aka Bug ID CSCuo75572. |
2015-03-26 |
7.8 |
CVE-2015-0643
CONFIRM
CISCO |
cisco --
ios_xe |
AppNav
in Cisco IOS XE 3.8 through 3.10 before
3.10.3S, 3.11 before 3.11.3S, 3.12 before
3.12.1S, 3.13 before 3.13.0S, 3.14 before
3.14.0S, and 3.15 before 3.15.0S allows
remote attackers to execute arbitrary code
or cause a denial of service (device reload)
via a crafted TCP packet, aka Bug ID
CSCuo53622. |
2015-03-26 |
7.8 |
CVE-2015-0644
CISCO |
cisco --
ios_xe |
The
Layer 4 Redirect (L4R) feature in Cisco IOS
XE 2.x and 3.x before 3.10.4S, 3.11 before
3.11.3S, 3.12 before 3.12.2S, 3.13 before
3.13.1S, 3.14 before 3.14.0S, and 3.15
before 3.15.0S allows remote attackers to
cause a denial of service (device reload)
via malformed (1) IPv4 or (2) IPv6 packets,
aka Bug ID CSCuq59131. |
2015-03-26 |
7.8 |
CVE-2015-0645
CISCO |
cisco --
ios |
Memory
leak in the TCP input module in Cisco IOS
12.2, 12.4, 15.0, 15.2, 15.3, and 15.4 and
IOS XE 3.3.xXO, 3.5.xE, 3.6.xE, 3.8.xS
through 3.10.xS before 3.10.5S, and 3.11.xS
and 3.12.xS before 3.12.3S allows remote
attackers to cause a denial of service
(memory consumption or device reload) by
sending crafted TCP packets over (1) IPv4 or
(2) IPv6, aka Bug ID CSCum94811. |
2015-03-26 |
7.8 |
CVE-2015-0646
CISCO |
cisco --
ios |
Cisco
IOS 12.2, 12.4, 15.0, 15.2, and 15.3 allows
remote attackers to cause a denial of
service (device reload) via malformed Common
Industrial Protocol (CIP) UDP packets, aka
Bug ID CSCum98371. |
2015-03-26 |
7.8 |
CVE-2015-0647
CISCO |
cisco --
ios |
Memory
leak in Cisco IOS 12.2, 12.4, 15.0, 15.2,
and 15.3 allows remote attackers to cause a
denial of service (memory consumption) via
crafted Common Industrial Protocol (CIP) TCP
packets, aka Bug ID CSCun49658. |
2015-03-26 |
7.8 |
CVE-2015-0648
CISCO |
cisco --
ios |
Cisco
IOS 12.2, 12.4, 15.0, 15.2, and 15.3 allows
remote attackers to cause a denial of
service (device reload) via malformed Common
Industrial Protocol (CIP) TCP packets, aka
Bug ID CSCun63514. |
2015-03-26 |
7.8 |
CVE-2015-0649
CISCO |
cisco --
ios |
The
Service Discovery Gateway (aka mDNS Gateway)
in Cisco IOS 12.2, 12.4, 15.0, 15.1, 15.2,
15.3, and 15.4 and IOS XE 3.9.xS and 3.10.xS
before 3.10.4S, 3.11.xS before 3.11.3S,
3.12.xS before 3.12.2S, and 3.13.xS before
3.13.1S allows remote attackers to cause a
denial of service (device reload) by sending
malformed mDNS UDP packets over (1) IPv4 or
(2) IPv6, aka Bug ID CSCup70579. |
2015-03-26 |
7.8 |
CVE-2015-0650
CISCO |
citrix
-- command_center |
Citrix
Command Center before 5.1 Build 35.4 and 5.2
before Build 42.7 does not properly restrict
access to the Advent Java Management
Extensions (JMX) Servlet, which allows
remote attackers to execute arbitrary code
via unspecified vectors to
servlets/Jmx_dynamic. |
2015-03-26 |
7.5 |
CVE-2015-2683
MISC
BUGTRAQ
CONFIRM
FULLDISC
MISC |
futomi
-- mp_form_mail_cgi |
futomi
CGI Cafe MP Form Mail CGI eCommerce before
2.0.12 on Windows allows remote attackers to
execute arbitrary Perl code via unspecified
vectors. |
2015-03-20 |
7.5 |
CVE-2015-0898
JVN
CONFIRM
JVNDB
CONFIRM |
genixcms
-- genixcms |
Multiple
SQL injection vulnerabilities in MetalGenix
GeniXCMS before 0.0.2 allow remote attackers
to execute arbitrary SQL commands via the
(1) page parameter to index.php or (2)
username parameter to gxadmin/login.php. |
2015-03-23 |
7.5 |
CVE-2015-2679
CONFIRM
CONFIRM
CONFIRM
MISC
EXPLOIT-DB
MISC
OSVDB
OSVDB
CONFIRM |
ibm --
general_parallel_file_system |
IBM
General Parallel File System (GPFS) 3.4
before 3.4.0.32, 3.5 before 3.5.0.24, and
4.1 before 4.1.0.7 allows local users to
obtain root privileges for program execution
via unspecified vectors. |
2015-03-23 |
7.2 |
CVE-2015-0197
CONFIRM |
ibm --
general_parallel_file_system |
IBM
General Parallel File System (GPFS) 3.4
before 3.4.0.32, 3.5 before 3.5.0.24, and
4.1 before 4.1.0.7 in certain cipherList
configurations allows remote attackers to
bypass authentication and execute arbitrary
programs as root via unspecified vectors. |
2015-03-23 |
10.0 |
CVE-2015-0198
CONFIRM |
linuxfoundation
-- cups-filters |
The
remove_bad_chars function in
utils/cups-browsed.c in cups-filters before
1.0.66 allows remote IPP printers to execute
arbitrary commands via consecutive shell
metacharacters in the (1) model or (2) PDL.
NOTE: this vulnerability exists because of
an incomplete fix for CVE-2014-2707. |
2015-03-24 |
7.5 |
CVE-2015-2265
UBUNTU
CONFIRM
CONFIRM |
mozilla
-- firefox |
Mozilla
Firefox before 36.0.4, Firefox ESR 31.x
before 31.5.3, and SeaMonkey before 2.33.1
allow remote attackers to bypass the Same
Origin Policy and execute arbitrary
JavaScript code with chrome privileges via
vectors involving SVG hash navigation. |
2015-03-23 |
7.5 |
CVE-2015-0818
CONFIRM
UBUNTU
SECTRACK
CONFIRM
DEBIAN
REDHAT
SUSE
SUSE |
sixapart
-- movable_type |
Movable
Type before 5.2.6 does not properly use the
Storable::thaw function, which allows remote
attackers to execute arbitrary code via the
comment_state parameter. |
2015-03-27 |
7.5 |
CVE-2013-2184
MISC
DEBIAN
MLIST
MLIST |
solarwinds
-- firewall_security_manager |
userlogin.jsp
in SolarWinds Firewall Security Manager
(FSM) before 6.6.5 HotFix1 allows remote
attackers to gain privileges and execute
arbitrary code via unspecified vectors,
related to client session handling. |
2015-03-24 |
10.0 |
CVE-2015-2284
MISC |
tcpdump
-- tcpdump |
Integer
signedness error in the mobility_opt_print
function in the IPv6 mobility printer in
tcpdump before 4.7.2 allows remote attackers
to cause a denial of service (out-of-bounds
read and crash) or possibly execute
arbitrary code via a negative length value. |
2015-03-24 |
7.5 |
CVE-2015-0261
CONFIRM
SECTRACK
BUGTRAQ
DEBIAN
MISC |
tcpdump
-- tcpdump |
The
force printer in tcpdump before 4.7.2 allows
remote attackers to cause a denial of
service (crash) and possibly execute
arbitrary code via unspecified vectors. |
2015-03-24 |
7.5 |
CVE-2015-2155
CONFIRM
SECTRACK
BUGTRAQ
DEBIAN
MISC |
vastal
-- phpvid |
SQL
injection vulnerability in groups.php in
Vastal I-Tech phpVID 0.9.9 and 1.2.3 allows
remote attackers to execute arbitrary SQL
commands via the order_by parameter. NOTE:
The cat parameter vector is already covered
by CVE-2008-4157. |
2015-03-20 |
7.5 |
CVE-2015-2563
MISC
FULLDISC
MISC |
web-dorado
-- ecommerce_wd |
Multiple
SQL injection vulnerabilities in the
Web-Dorado ECommerce WD (com_ecommercewd)
component 1.2.5 for Joomla! allow remote
attackers to execute arbitrary SQL commands
via the (1) search_category_id, (2)
sort_order, or (3) filter_manufacturer_ids
in a displayproducts action to index.php. |
2015-03-20 |
7.5 |
CVE-2015-2562
FULLDISC
MISC |
x --
libxfont |
The
bdfReadProperties function in
bitmap/bdfread.c in X.Org libXfont before
1.4.9 and 1.5.x before 1.5.1 allows remote
authenticated users to cause a denial of
service (out-of-bounds write and crash) or
possibly execute arbitrary code via a (1)
negative or (2) large property count in a
BDF font file. |
2015-03-20 |
8.5 |
CVE-2015-1802
MISC
UBUNTU
SECTRACK
DEBIAN
FEDORA
FEDORA |
x --
libxfont |
The
bdfReadCharacters function in
bitmap/bdfread.c in X.Org libXfont before
1.4.9 and 1.5.x before 1.5.1 does not
properly handle character bitmaps it cannot
read, which allows remote authenticated
users to cause a denial of service (NULL
pointer dereference and crash) and possibly
execute arbitrary code via a crafted BDF
font file. |
2015-03-20 |
8.5 |
CVE-2015-1803
MISC
UBUNTU
SECTRACK
DEBIAN
FEDORA
FEDORA |
x --
libxfont |
The
bdfReadCharacters function in
bitmap/bdfread.c in X.Org libXfont before
1.4.9 and 1.5.x before 1.5.1 does not
properly perform type conversion for metrics
values, which allows remote authenticated
users to cause a denial of service
(out-of-bounds memory access) and possibly
execute arbitrary code via a crafted BDF
font file. |
2015-03-20 |
8.5 |
CVE-2015-1804
MISC
UBUNTU
SECTRACK
DEBIAN
FEDORA
FEDORA |
Back to top
Medium Vulnerabilities
Primary
Vendor -- Product |
Description |
Published |
CVSS Score |
Source
& Patch Info |
apache -- batik |
XML
external entity (XXE) vulnerability in the
SVG to (1) PNG and (2) JPG conversion
classes in Apache Batik 1.x before 1.8
allows remote attackers to read arbitrary
files or cause a denial of service via a
crafted SVG file. |
2015-03-24 |
6.4 |
CVE-2015-0250
CONFIRM
UBUNTU
FULLDISC |
apache -- xerces-c |
internal/XMLReader.cpp
in Apache Xerces-C before 3.1.2 allows
remote attackers to cause a denial of
service (segmentation fault and crash) via
crafted XML data. |
2015-03-24 |
5.0 |
CVE-2015-0252
CONFIRM
DEBIAN |
asus -- rt-g32_firmware |
Cross-site
request forgery (CSRF) vulnerability in the
ASUS RT-G32 routers with firmware 2.0.2.6
and 2.0.3.2 allows remote attackers to
hijack the authentication of administrators
for requests that change the administrator
password via a request to start_apply.htm. |
2015-03-23 |
6.8 |
CVE-2015-2676
MISC
FULLDISC
MISC |
asus -- rt-g32_firmware |
Multiple
cross-site scripting (XSS) vulnerabilities
in the ASUS RT-G32 routers with firmware
2.0.2.6 and 2.0.3.2 allow remote attackers
to inject arbitrary web script or HTML via
the (1) next_page, (2) group_id, (3)
action_script, or (4) flag parameter to
start_apply.htm. |
2015-03-23 |
4.3 |
CVE-2015-2681
MISC
FULLDISC
MISC |
cisco -- ios |
The
Autonomic Networking Infrastructure (ANI)
implementation in Cisco IOS 15.4S and
15.4(3)S allows remote attackers to modify
configuration settings or cause a denial of
service (partial service outage) by sending
crafted Autonomic Networking (AN) messages
on an intranet network, aka Bug ID
CSCup62167. |
2015-03-20 |
6.4 |
CVE-2015-0669
SECTRACK
CISCO |
cisco -- spa_301_1_line_ip_phone |
The
default configuration of Cisco Small
Business IP phones SPA 300 7.5.5 and SPA 500
7.5.5 does not properly support
authentication, which allows remote
attackers to read audio-stream data or
originate telephone calls via a crafted XML
request, aka Bug ID CSCuo52482. |
2015-03-20 |
6.4 |
CVE-2015-0670
SECTRACK
CISCO |
cisco -- ios_xr |
The
DHCPv4 server in Cisco IOS XR 5.2.2 on ASR
9000 devices allows remote attackers to
cause a denial of service (service outage)
via a flood of crafted DHCP packets, aka Bug
ID CSCup67822. |
2015-03-26 |
5.0 |
CVE-2015-0672
CISCO |
cisco --
mobility_services_engine |
Cisco
Mobility Services Engine (MSE) 8.0(110.0)
allows remote authenticated users to
discover the passwords of arbitrary users by
(1) reading log files or (2) using an
unspecified GUI feature, aka Bug ID
CSCut24792. |
2015-03-26 |
4.0 |
CVE-2015-0673
CISCO |
citrix -- command_center |
Citrix
Command Center before 5.1 Build 35.4 and 5.2
before Build 42.7 allows remote attackers to
obtain credentials via a direct request to
conf/securitydbData.xml. |
2015-03-26 |
5.0 |
CVE-2015-2682
MISC
CONFIRM
FULLDISC
MISC |
codoforum -- codoforum |
The
sanitize function in Codoforum 2.5.1 does
not properly implement filtering for
directory traversal sequences, which allows
remote attackers to read arbitrary files via
a .. (dot dot) in the path parameter to
index.php. |
2015-03-23 |
5.0 |
CVE-2014-9261
CONFIRM
EXPLOIT-DB
MISC
MISC
OSVDB |
cs-cart -- cs-cart |
Cross-site
request forgery (CSRF) vulnerability in
CS-Cart 4.2.4 allows remote attackers to
hijack the authentication of users for
requests that change a user password via a
request to profiles-update/. |
2015-03-25 |
6.8 |
CVE-2015-2701
EXPLOIT-DB
OSVDB |
digia -- qt |
The
BMP decoder in QtGui in QT before 5.5 does
not properly calculate the masks used to
extract the color components, which allows
remote attackers to cause a denial of
service (divide-by-zero and crash) via a
crafted BMP file. |
2015-03-25 |
5.0 |
CVE-2015-0295
MLIST
SUSE
FEDORA
FEDORA
FEDORA
FEDORA
FEDORA
FEDORA |
djangoproject -- django |
The
utils.html.strip_tags function in Django
1.6.x before 1.6.11, 1.7.x before 1.7.7, and
1.8.x before 1.8c1, when using certain
versions of Python, allows remote attackers
to cause a denial of service (infinite loop)
by increasing the length of the input
string. |
2015-03-25 |
5.0 |
CVE-2015-2316
CONFIRM
UBUNTU |
djangoproject -- django |
The
utils.http.is_safe_url function in Django
before 1.4.20, 1.5.x, 1.6.x before 1.6.11,
1.7.x before 1.7.7, and 1.8.x before 1.8c1
does not properly validate URLs, which
allows remote attackers to conduct
cross-site scripting (XSS) attacks via a
control character in a URL, as demonstrated
by a \x08javascript: URL. |
2015-03-25 |
4.3 |
CVE-2015-2317
CONFIRM
DEBIAN
UBUNTU |
genixcms -- genixcms |
Multiple
cross-site scripting (XSS) vulnerabilities
in MetalGenix GeniXCMS before 0.0.2 allow
remote attackers to inject arbitrary web
script or HTML via the (1) cat parameter in
the categories page to gxadmin/index.php or
(2) page parameter to index.php. |
2015-03-23 |
4.3 |
CVE-2015-2678
MISC
MISC
CONFIRM
MISC
EXPLOIT-DB
MISC
OSVDB |
gluster -- glusterfs |
The
__socket_proto_state_machine function in
GlusterFS 3.5 allows remote attackers to
cause a denial of service (infinite loop)
via a "00000000" fragment header. |
2015-03-27 |
5.0 |
CVE-2014-3619
MISC
CONFIRM
SUSE
SUSE |
gnu -- gnutls |
GnuTLS
before 3.1.0 does not verify that the RSA
PKCS #1 signature algorithm matches the
signature algorithm in the certificate,
which allows remote attackers to conduct
downgrade attacks via unspecified vectors. |
2015-03-24 |
5.0 |
CVE-2015-0282
CONFIRM
DEBIAN |
ibm -- rational_clearquest |
Cross-site
request forgery (CSRF) vulnerability in
ClearQuest Web in IBM Rational ClearQuest
7.1.x before 7.1.2.17, 8.0.0.x before
8.0.0.14, and 8.0.1.x before 8.0.1.7 allows
remote attackers to hijack the
authentication of arbitrary users for
requests that trigger a logout or insert XSS
sequences. |
2015-03-24 |
6.8 |
CVE-2014-8925
CONFIRM |
ibm -- business_process_manager |
Cross-site
scripting (XSS) vulnerability in the Process
Portal in IBM Business Process Manager (BPM)
8.0 through 8.0.1.3, 8.5.0 through 8.5.0.1,
and 8.5.5 through 8.5.5.0 allows remote
attackers to inject arbitrary web script or
HTML via a crafted URL. |
2015-03-23 |
4.3 |
CVE-2015-0105
CONFIRM
AIXAPAR
AIXAPAR |
ibm -- business_process_manager |
Cross-site
scripting (XSS) vulnerability in IBM
Business Process Manager (BPM) 7.5.x through
7.5.1.2, 8.0 through 8.0.1.3, 8.5.0 through
8.5.0.1, and 8.5.5 through 8.5.5.0 and
WebSphere Lombardi Edition (WLE) 7.2.x
through 7.2.0.5 allows remote attackers to
inject arbitrary web script or HTML via a
crafted URL. |
2015-03-23 |
4.3 |
CVE-2015-0106
CONFIRM
AIXAPAR |
ibm -- powervc |
IBM
PowerVC Standard 1.2.0.x before 1.2.0.4 and
1.2.1.x before 1.2.2 validates Hardware
Management Console (HMC) certificates only
during the pre-login stage, which allows
man-in-the-middle attackers to spoof devices
via a crafted certificate. |
2015-03-23 |
4.3 |
CVE-2015-0137
CONFIRM |
ibm -- tivoli_directory_server |
GSKit
in IBM Tivoli Directory Server (ITDS) 6.0
before 6.0.0.73-ISS-ITDS-IF0073, 6.1 before
6.1.0.66-ISS-ITDS-IF0066, 6.2 before
6.2.0.42-ISS-ITDS-IF0042, and 6.3 before
6.3.0.35-ISS-ITDS-IF0035 and IBM Security
Directory Server (ISDS) 6.3.1 before
6.3.1.9-ISS-ISDS-IF0009 does not properly
restrict TLS state transitions, which makes
it easier for remote attackers to conduct
cipher-downgrade attacks to EXPORT_RSA
ciphers via crafted TLS traffic, related to
the "FREAK" issue, a different vulnerability
than CVE-2015-0204. |
2015-03-24 |
4.3 |
CVE-2015-0138
CONFIRM |
ibm -- business_process_manager |
Cross-site
scripting (XSS) vulnerability in the Coach
NG framework in IBM Business Process Manager
(BPM) 8.0 through 8.0.1.3, 8.5.0 through
8.5.0.1, and 8.5.5 through 8.5.5.0 allows
remote attackers to inject arbitrary web
script or HTML via a crafted URL. |
2015-03-23 |
4.3 |
CVE-2015-0158
CONFIRM
SECTRACK
AIXAPAR
AIXAPAR
AIXAPAR |
ibm --
general_parallel_file_system |
The
mmfslinux kernel module in IBM General
Parallel File System (GPFS) 3.4 before
3.4.0.32, 3.5 before 3.5.0.24, and 4.1
before 4.1.0.7 allows local users to cause a
denial of service (memory corruption) via
unspecified character-device ioctl calls. |
2015-03-23 |
4.9 |
CVE-2015-0199
CONFIRM |
inetc_project -- inetc |
The
Inetc plugin for Nullsoft Scriptable Install
System (NSIS), as used in CERT/CC Failure
Observation Engine (FOE) and other products,
does not verify X.509 certificates from SSL
servers, which allows man-in-the-middle
attackers to spoof servers and possibly
execute arbitrary code by sending a crafted
certificate in a download session for
Windows executable files. |
2015-03-21 |
4.3 |
CVE-2015-0941
CERT-VN |
metalgenix -- genixcms |
Cross-site
request forgery (CSRF) vulnerability in
MetalGenix GeniXCMS before 0.0.2 allows
remote attackers to hijack the
authentication of administrators for
requests that add an administrator account
via a request in the users page to
gxadmin/index.php. |
2015-03-23 |
6.8 |
CVE-2015-2680
CONFIRM
CONFIRM
CONFIRM
MISC
EXPLOIT-DB
MISC
OSVDB
CONFIRM |
mozilla -- firefox |
The
asm.js implementation in Mozilla Firefox
before 36.0.3, Firefox ESR 31.x before
31.5.2, and SeaMonkey before 2.33.1 does not
properly determine the cases in which bounds
checking may be safely skipped during JIT
compilation and heap access, which allows
remote attackers to read or write to
unintended memory locations, and
consequently execute arbitrary code, via
crafted JavaScript. |
2015-03-23 |
6.8 |
CVE-2015-0817
CONFIRM
UBUNTU
SECTRACK
CONFIRM
DEBIAN
REDHAT
SUSE
SUSE |
projectsend -- projectsend |
SQL
injection vulnerability in client-edit.php
in ProjectSend (formerly cFTP) r561 allows
remote authenticated users to execute
arbitrary SQL commands via the id parameter
to users-edit.php. |
2015-03-20 |
6.5 |
CVE-2015-2564
BUGTRAQ
MISC
EXPLOIT-DB
FULLDISC
MISC
OSVDB |
redhat -- richfaces |
JBoss
RichFaces before 4.5.4 allows remote
attackers to inject expression language (EL)
expressions and execute arbitrary Java code
via the do parameter. |
2015-03-26 |
6.8 |
CVE-2015-0279
CONFIRM
REDHAT |
tcpdump -- tcpdump |
The
rpki_rtr_pdu_print function in
print-rpki-rtr.c in the TCP printer in
tcpdump before 4.7.2 allows remote attackers
to cause a denial of service (out-of-bounds
read or write and crash) via a crafted
header length in an RPKI-RTR Protocol Data
Unit (PDU). |
2015-03-24 |
5.0 |
CVE-2015-2153
CONFIRM
SECTRACK
BUGTRAQ
DEBIAN
MISC |
tcpdump -- tcpdump |
The
osi_print_cksum function in print-isoclns.c
in the ethernet printer in tcpdump before
4.7.2 allows remote attackers to cause a
denial of service (out-of-bounds read and
crash) via a crafted (1) length, (2) offset,
or (3) base pointer checksum value. |
2015-03-24 |
5.0 |
CVE-2015-2154
CONFIRM
SECTRACK
BUGTRAQ
DEBIAN
MISC |
websense -- triton_ap_web |
Multiple
cross-site scripting (XSS) vulnerabilities
in the Investigative Reports in Websense
TRITON AP-WEB before 8.0.0 and Web Security
and Filter, Web Security Gateway, and Web
Security Gateway Anywhere 7.8.3 before
Hotfix 02 and 7.8.4 before Hotfix 01 allow
remote attackers to inject arbitrary web
script or HTML via the (1) ReportName (Job
Name) parameter to the Explorer report
scheduler
(cgi-bin/WsCgiExplorerSchedule.exe) in the
Job Queue or the col parameter to the (2)
Names or (3) Anonymous
(explorer_wse/explorer_anon.exe) summary
report page. |
2015-03-25 |
4.3 |
CVE-2014-9711
MISC
MISC
CONFIRM
CONFIRM
CONFIRM
BUGTRAQ
BUGTRAQ
FULLDISC
FULLDISC
MISC
MISC |
websense -- triton_ap_data |
Cross-site
scripting (XSS) vulnerability in the Message
Log in the Email Security Gateway in
Websense TRITON AP-EMAIL before 8.0.0 and
V-Series 7.7 appliances allows remote
attackers to inject arbitrary web script or
HTML via the sender address in an email. |
2015-03-25 |
4.3 |
CVE-2015-2702
MISC
CONFIRM
BUGTRAQ
FULLDISC
MISC |
websense -- triton_ap_web |
Multiple
cross-site scripting (XSS) vulnerabilities
in Websense TRITON AP-WEB before 8.0.0 and
V-Series 7.7 appliances allow remote
attackers to inject arbitrary web script or
HTML via the (1) ws-userip in the ws-encdata
parameter to cve-bin/moreBlockInfo.cgi in
the Data Security block page or (2)
admin_msg parameter to
configure/ssl_ui/eva-config/client-cert-import_wsoem.html
in the Content Gateway, which is not
properly handled in an error message. |
2015-03-25 |
4.3 |
CVE-2015-2703
MISC
MISC
CONFIRM
BUGTRAQ
BUGTRAQ
FULLDISC
FULLDISC
MISC
MISC |
websense -- triton |
The
network diagnostics tool
(CommandLineServlet) in the Appliance
Manager command line utility (CLU) in
Websense TRITON 7.8.3 and V-Series
appliances before 7.8.4 Hotfix 02 allows
remote authenticated users to execute
arbitrary commands via shell metacharacters
in the "second" parameter of a command, as
demonstrated by the Destination parameter in
the ping command. |
2015-03-26 |
6.5 |
CVE-2015-2746
MISC
CONFIRM
BUGTRAQ
FULLDISC
MISC |
websense -- triton |
Multiple
cross-site scripting (XSS) vulnerabilities
in the data loss prevention (DLP) incident
Forensics Preview in Websense Triton 7.8.3
and V-Series 7.7 appliances allow remote
attackers to inject arbitrary web script or
HTML via a crafted (1) email or (2) HTTP
request, which triggers a DLP Policy. |
2015-03-26 |
4.3 |
CVE-2015-2747
MISC
BUGTRAQ
FULLDISC
MISC |
websense -- triton_ap_data |
Websense
TRITON AP-WEB before 8.0.0 does not properly
restrict access to files in explorer_wse/,
which allows remote attackers to obtain
sensitive information via a direct request
to a (1) Web Security incident report or the
(2) Explorer configuration (websense.ini)
file. |
2015-03-26 |
5.0 |
CVE-2015-2748
MISC
CONFIRM
BUGTRAQ
FULLDISC
MISC |
Back to top
Low Vulnerabilities
Primary
Vendor -- Product |
Description |
Published |
CVSS Score |
Source
& Patch Info |
drupal -- drupal |
Drupal
6.x before 6.35 and 7.x before 7.35 allows
remote authenticated users to reset the
password of other accounts by leveraging an
account with the same password hash as
another account and a crafted password reset
URL. |
2015-03-25 |
3.5 |
CVE-2015-2559
CONFIRM
DEBIAN |
emc --
xcelerated_management_system |
EMC
Documentum xCelerated Management System
(xMS) 1.1 before P14 stores cleartext
Windows Service credentials in a batch file
during Documentum Platform and xCelerated
Composition Platform (xCP) provisioning,
which allows local users to obtain sensitive
information by reading a file. |
2015-03-23 |
2.1 |
CVE-2015-0527
BUGTRAQ |
greenend -- putty |
The
(1) ssh2_load_userkey and (2)
ssh2_save_userkey functions in PuTTY 0.51
through 0.63 do not properly wipe SSH-2
private keys from memory, which allows local
users to obtain sensitive information by
reading the memory. |
2015-03-27 |
2.1 |
CVE-2015-2157
CONFIRM
CONFIRM
MLIST
MLIST
DEBIAN
SUSE
FEDORA
FEDORA |
ibm -- installation_manager |
IBM
Rational ClearCase 8.0.0 before 8.0.0.14 and
8.0.1 before 8.0.1.7, when Installation
Manager before 1.8.2 is used, retains
cleartext server passwords in process memory
throughout the installation procedure, which
might allow local users to obtain sensitive
information by leveraging access to the
installation account. |
2015-03-24 |
1.2 |
CVE-2014-6134
CONFIRM |
ibm --
security_identity_manager_adapter |
The
(1) IBM Tivoli Identity Manager Active
Directory adapter before 5.1.24 and (2) IBM
Security Identity Manager Active Directory
adapter before 6.0.14 for IBM Security
Identity Manager on Windows, when certain
log and trace levels are configured, store
the cleartext administrator password in a
log file, which allows local users to obtain
sensitive information by reading a file. |
2015-03-24 |
1.9 |
CVE-2014-8923
CONFIRM |
ibm -- business_process_manager |
Multiple
cross-site scripting (XSS) vulnerabilities
in the Process Portal in IBM Business
Process Manager (BPM) 8.0 through 8.0.1.3,
8.5.0 through 8.5.0.1, and 8.5.5 through
8.5.5.0 allow remote authenticated users to
inject arbitrary web script or HTML via
unspecified data fields. |
2015-03-23 |
3.5 |
CVE-2015-0103
CONFIRM
AIXAPAR |
ibm -- powervc |
powervc-iso-import
in IBM PowerVC 1.2.0.x before 1.2.0.4 and
1.2.1.x before 1.2.2 places an access token
on the command line during IVM and PowerKVM
management, which allows local users to
obtain sensitive information by listing the
process. |
2015-03-23 |
2.1 |
CVE-2015-0136
CONFIRM |
ocportal -- ocportal |
Multiple
cross-site scripting (XSS) vulnerabilities
in ocPortal before 9.0.17 allow remote
authenticated users to inject arbitrary web
script or HTML via the (1) title or (2) text
field in the cms_calendar page to
cms/index.php; unspecified fields in (3) the
cms_polls page to cms/index.php or (4) a new
topic in the topics page to forum/index.php;
or (5) a new PT (private topic/private
message) in the topics page to
forum/index.php. |
2015-03-23 |
3.5 |
CVE-2015-2677
CONFIRM
SECTRACK
BUGTRAQ
MISC
CONFIRM |
s9y -- serendipity |
Cross-site
scripting (XSS) vulnerability in
templates/2k11/admin/entries.tpl in
Serendipity before 2.0.1 allows remote
authenticated editors to inject arbitrary
web script or HTML via the
serendipity[cat][name] parameter to
serendipity_admin.php, when creating a new
category. |
2015-03-23 |
3.5 |
CVE-2015-2289
CONFIRM
SECTRACK
BUGTRAQ
MLIST
MISC
CONFIRM |
Back to top
This product is provided subject to this Notification
and this Privacy
& Use policy.
STAY CONNECTED: |
|
This email was
sent to gera...@gmail.com using GovDelivery,
on behalf of: United States Computer Emergency
Readiness Team (US-CERT) · 245 Murray Lane SW
Bldg 410 · Washington, DC 20598 · (888)
282-0870 |
|
|