Red Hat Security Advisory 2014-1872-01 – The kernel packages contain the Linux kernel, the core of any Linux operating system. A NULL pointer dereference flaw was found in the way the Linux kernel’s Stream Control Transmission Protocol implementation handled simultaneous connections between the same hosts. A remote attacker could use this flaw to crash the system. This update fixes several race conditions between PCI error recovery callbacks and potential calls of the ifup and ifdown commands in the tg3 driver. When triggered, these race conditions could cause a kernel crash.
Monthly Archives: November 2014
Red Hat Security Advisory 2014-1873-01
Red Hat Security Advisory 2014-1873-01 – The libvirt library is a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. An out-of-bounds read flaw was found in the way libvirt’s qemuDomainGetBlockIoTune() function looked up the disk index in a non-persistent disk configuration while a persistent disk configuration was being indexed. A remote attacker able to establish a read-only connection to libvirtd could use this flaw to crash libvirtd or, potentially, leak memory from the libvirtd process.
CVE-2014-4817
The server in IBM Tivoli Storage Manager (TSM) 5.x and 6.x before 6.3.5.10 and 7.x before 7.1.1.100 allows remote attackers to bypass intended access restrictions and replace file backups by using a certain backup option in conjunction with a filename that matches a previously used filename.
CVE-2014-6324
The Kerberos Key Distribution Center (KDC) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote authenticated domain users to obtain domain administrator privileges via a forged signature in a ticket, as exploited in the wild in November 2014, aka “Kerberos Checksum Vulnerability.”
CVE-2014-7829
Directory traversal vulnerability in actionpack/lib/action_dispatch/middleware/static.rb in Action Pack in Ruby on Rails 3.x before 3.2.21, 4.0.x before 4.0.12, 4.1.x before 4.1.8, and 4.2.x before 4.2.0.beta4, when serve_static_assets is enabled, allows remote attackers to determine the existence of files outside the application root via vectors involving a (backslash) character, a similar issue to CVE-2014-7818.
CVE-2014-7996
Cross-site request forgery (CSRF) vulnerability in the web framework in Cisco Integrated Management Controller in Cisco Unified Computing System allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuq45477.
PHPFox XSS AdminCP
Posted by Wesley Henrique on Nov 18
CNA primary
MITRE Corporation ( cve-assign [ \**NOSPAM\ ] mitre \NOSPAM\ org )
Software Vendors
http://moxi9.com/phpfox
Product: PhpFox
Version: ALL
Research
Wesley Henrique Leite ( wesleyhenrique [\NOSPAM**] gmail \NOSPAM// com )
[+] INFORMATION
Vendor Notified : 2014-10-22
Vendor Homepage : http://moxi9.com/phpfox
Response Vendor: fixed 2014-10-23 (to v4 Beta)
[+] DESCRIPTION
The system stores…
CVE-2014-8767 tcpdump denial of service in verbose mode using malformed OLSR payload
Posted by Steffen Bauch on Nov 18
CVE-2014-8767 tcpdump denial of service in verbose mode using malformed
OLSR payload
1. Background
tcpdump is a powerful command-line packet analyzer. It allows the user
to intercept and display TCP/IP and other packets being transmitted or
received over a network to which the computer is attached.
2. Summary Information
It was found out that malformed network traffic (OLSR-based) can lead to
an application crash (denial of service) if…
CVE-2014-8768 tcpdump denial of service in verbose mode using malformed Geonet payload
Posted by Steffen Bauch on Nov 18
CVE-2014-8768 tcpdump denial of service in verbose mode using malformed
Geonet payload
1. Background
tcpdump is a powerful command-line packet analyzer. It allows the user
to intercept and display TCP/IP and other packets being transmitted or
received over a network to which the computer is attached.
2. Summary Information
It was found out that malformed network traffic (Geonet-based) can lead
to an application crash (denial of service)…
CVE-2014-8769 tcpdump unreliable output using malformed AOVD payload
Posted by Steffen Bauch on Nov 18
CVE-2014-8769 tcpdump unreliable output using malformed AOVD payload
1. Background
tcpdump is a powerful command-line packet analyzer. It allows the user
to intercept and display TCP/IP and other packets being transmitted or
received over a network to which the computer is attached.
2. Summary Information
It was found out that malformed network traffic (AOVD-based) can lead to
an abnormal behaviour if verbose output of tcpdump monitoring…