The Locator/ID Separation Protocol (LISP) implementation in Cisco IOS 15.1 and 15.2 and NX-OS 4.1 through 6.2 allows remote attackers to cause a denial of service (device reload) via a crafted header in a packet, aka Bug ID CSCuu64279.
Monthly Archives: March 2016
CVE-2016-3119
The process_db_args function in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the LDAP KDB module in kadmind in MIT Kerberos 5 (aka krb5) through 1.13.4 and 1.14.x through 1.14.1 mishandles the DB argument, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted request to modify a principal.
Apache OpenMeetings 3.0.7 Arbitary File Read
When attempting to upload a file via the API using the importFileByInternalUserId or importFile methods in the FileService, it is possible to read arbitrary files from the system. This is due to that Java’s URL class is used without checking what protocol handler is specified in the API call. Apache OpenMeetings versions 1.9.x through 3.0.7 are affected.
Apache OpenMeetings 3.0.7 Cross Site Scripting
When creating an event, it is possible to create clickable URL links in the event description. These links will be present inside the event details once a participant enters the room via the event. It is possible to create a link like “javascript:alert(‘xss’)”, which will execute once the link is clicked. As the link is placed within an tag, the actual link is not visible to the end user which makes it hard to tell if the link is legit or not. Apache OpenMeetings versions 1.9.x through 3.0.7 are affected.
Apache OpenMeetings 3.1.0 MD5 Hashing
The hash generated by the external password reset function is generated by concatenating the user name and the current system time, and then hashing it using MD5. This is highly predictable and can be cracked in seconds by an attacker with knowledge of the user name of an OpenMeetings user. Apache OpenMeetings versions 1.9.x through 3.1.0 are affected.
Red Hat Security Advisory 2016-0514-01
Red Hat Security Advisory 2016-0514-01 – The java-1.8.0-openjdk packages contain the latest version of the Open Java Development Kit, OpenJDK 8. These packages provide a fully compliant implementation of Java SE 8. Security Fix: An improper type safety check was discovered in the Hotspot component. An untrusted Java application or applet could use this flaw to bypass Java Sandbox restrictions.
Ubuntu Security Notice USN-2942-1
Ubuntu Security Notice 2942-1 – A vulnerability was discovered in the JRE related to information disclosure, data integrity, and availability. An attacker could exploit these to cause a denial of service, expose sensitive data over the network, or possibly execute arbitrary code.
HP Security Bulletin HPSBMU03562 2
HP Security Bulletin HPSBMU03562 2 – A vulnerability in Apache Commons Collections for handling Java object deserialization was addressed by HPE Service Manager. The vulnerability could be exploited remotely to allow code execution. Revision 2 of this advisory.
HP Security Bulletin HPSBGN03563 1
HP Security Bulletin HPSBGN03563 1 – Security vulnerabilities in the OpenSSL library could potentially impact HPE IceWall products resulting in local or remote Denial of Service (DoS) and local disclosure of sensitive information. Revision 1 of this advisory.