[SE-2014-02] Errata document for Issue 42 (CVE-2015-4871 affecting Java SE 7)
Monthly Archives: November 2015
Mutliple Vulnerabilities in ZurmoCRM 3.0.5
Posted by NaxoneZ . on Nov 30
Hi,
I found this issues in ZurmoCRM. All issues are reported in their github.
1.- Html Injection
– If you create a Product, list, etc. with this name:
<h1>injection</h1>[image:
Imágenes integradas 1]
– When you go to preview page (in this case products), you can see the
injection: [image: Imágenes integradas 2]
2.- Information Disclosure
When you put %00 in moduleClassName you can see the full path of the…
[Advisory]LibRaw Multi Memory error[CVE-2015-8366 and CVE-2015-8367]
Posted by ChenQin on Nov 30
1. Overview
The LibRaw raw image decoder <= 0.17 has multi vulnerability to cause memory errors,which may cause code execution or
other problems.Problems has been fixed in 0.17.1(www.libraw.org/news/libraw-0-17-1).
2.Descryption
Case CVE-2015-8366,Libraw smal_decode_segment function do not handle index carefully,which may cause index overflow.
Case CVE-2015-8367,Libraw phase_one_correct function do not handle memory object’s…
Brocade Fabric OS v6.3.1b Multiple Vulnerabilities
Posted by Karn Ganeshen on Nov 30
# Title: [Brocade Fabric OS v6.3.1b – Multiple vulnerabilities]
# Discovered by: Karn Ganeshen
# Vendor Homepage: [www.brocade.com]
# Versions Reported: Kernel 2.6.14.2 + FabOS v6.3.1b + BootProm 1.0.9
Kernel: 2.6.14.2
Fabric OS: v6.3.1b
BootProm: 1.0.9
1 *Default diagnostic accounts*
root and factory with default passwords documented in respective admin
guides. By default, both these users are not restricted and can SSH /
telnet in to…
USN-2821-1: GnuTLS vulnerability
Ubuntu Security Notice USN-2821-1
30th November, 2015
gnutls26 vulnerability
A security issue affects these releases of Ubuntu and its
derivatives:
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary
GnuTLS could be made to expose sensitive information over the network.
Software description
- gnutls26
– GNU TLS library
Details
It was discovered that GnuTLS incorrectly validated the first byte of
padding in CBC modes. A remote attacker could possibly use this issue to
perform a padding oracle attack.
Update instructions
The problem can be corrected by updating your system to the following
package version:
- Ubuntu 14.04 LTS:
-
libgnutls26
2.12.23-12ubuntu2.3
- Ubuntu 12.04 LTS:
-
libgnutls26
2.12.14-5ubuntu3.10
To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.
In general, a standard system update will make all the necessary changes.
References
Embedded Devices Share, Reuse Private SSH Keys, HTTPs Certificates
Thousands of embedded devices share cryptographic keys and certificates, exposing millions of connections to man-in-the-middle attacks.
SE-2014-02 Oracle Errata
In their original report, Security Explorations indicated that Issue 42 in SE-2014-02 had its origin in klassItable::initialize_itable_for_interface method’s implementation of Java SE 7 HotSpot VM. They have recently learned that their initial analysis regarding the root cause of Issue 42 was incorrect. This report contains more detailed information about the actual cause of Issue 42, the reasoning that has mislead them into concluding it was caused by an improper initialization of non-public interface method slots and some additional findings regarding this issue.
Red Hat Security Advisory 2015-2522-01
Red Hat Security Advisory 2015-2522-01 – The Apache Commons Collections library provides new interfaces, implementations, and utilities to extend the features of the Java Collections Framework. It was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library. With this update, deserialization of certain classes in the commons-collections library is no longer allowed. Applications that require those classes to be deserialized can use the system property “org.apache.commons.collections.enableUnsafeSerialization” to re-enable their deserialization.
Red Hat Security Advisory 2015-2523-01
Red Hat Security Advisory 2015-2523-01 – The Apache Commons Collections library provides new interfaces, implementations, and utilities to extend the features of the Java Collections Framework. It was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library. With this update, deserialization of certain classes in the commons-collections library is no longer allowed. Applications that require those classes to be deserialized can use the system property “org.apache.commons.collections.enableUnsafeSerialization” to re-enable their deserialization.
Red Hat Security Advisory 2015-2521-01
Red Hat Security Advisory 2015-2521-01 – The Jakarta/Apache Commons Collections library provides new interfaces, implementations, and utilities to extend the features of the Java Collections Framework. It was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library. With this update, deserialization of certain classes in the commons-collections library is no longer allowed. Applications that require those classes to be deserialized can use the system property “org.apache.commons.collections.enableUnsafeSerialization” to re-enable their deserialization.