Red Hat Security Advisory 2014-1312-01 - The GNU Bourne Again shell is a shell and command language interpreter compatible with the Bourne shell. Bash is the default shell for Red Hat Enterprise Linux. Shift_JIS, also known as "SJIS", is a character encoding for the Japanese language. This package provides bash support for the Shift_JIS encoding. It was found that the fix for CVE-2014-6271 was incomplete, and Bash still allowed certain characters to be injected into other environments via specially crafted environment variables. An attacker could potentially use this flaw to override or bypass environment restrictions to execute shell commands. Certain services and applications allow remote unauthenticated attackers to provide environment variables, allowing them to exploit this issue.
5a5179213e1d426ae806025b6835b14b2c5fc4fe0f9d07f38418998fd760d0e6Red Hat Security Advisory 2014-1311-01 - The GNU Bourne Again shell is a shell and command language interpreter compatible with the Bourne shell. Bash is the default shell for Red Hat Enterprise Linux. It was found that the fix for CVE-2014-6271 was incomplete, and Bash still allowed certain characters to be injected into other environments via specially crafted environment variables. An attacker could potentially use this flaw to override or bypass environment restrictions to execute shell commands. Certain services and applications allow remote unauthenticated attackers to provide environment variables, allowing them to exploit this issue.
2e88505af0a92784844daf9fe3c6fa50a2e04ca48111c2400b827bb859d59a0aCisco Security Advisory - On September 24, 2014, a vulnerability in the Bash shell was publicly announced. The vulnerability is related to the way in which shell functions are passed though environment variables. The vulnerability may allow an attacker to inject commands into a Bash shell, depending on how the shell is invoked. The Bash shell may be invoked by a number of processes including, but not limited to, telnet, SSH, DHCP, and scripts hosted on web servers. All versions of GNU Bash starting with version 1.14 are affected by this vulnerability and the specific impact is determined by the characteristics of the process using the Bash shell. In the worst case, an unauthenticated remote attacker would be able to execute commands on an affected server. However, in most cases involving Cisco products, exploitation of the vulnerability results in an authenticated attacker having the ability to execute commands for which they are not authorized. A number of Cisco products ship with or leverage an affected version of the Bash shell. This advisory will be updated as additional information becomes available. Cisco may release free software updates that address this vulnerability if a product is determined to be affected by this vulnerability.
67983763ce5d1b5e462159463c83b03085fadbe2fc6b45584c12b6e1e3959da5Red Hat Security Advisory 2014-1307-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. A flaw was found in the way NSS parsed ASN.1 input from certain RSA signatures. A remote attacker could use this flaw to forge RSA certificates by providing a specially crafted signature to an application using NSS.
08a1d6314655253f277428022a1688098423cb33c9f35cce58d396cb4045d729Ubuntu Security Notice 2363-2 - USN-2363-1 fixed a vulnerability in Bash. Due to a build issue, the patch for CVE-2014-7169 didn't get properly applied in the Ubuntu 14.04 LTS package. This update fixes the problem. Tavis Ormandy discovered that the security fix for Bash included in USN-2362-1 was incomplete. An attacker could use this issue to bypass certain environment restrictions. Various other issues were also addressed.
3e18a143d3f887e0e17c89d032327a608ab2beec642f3e1e91e5bfef9721dfccRed Hat Security Advisory 2014-1306-01 - The GNU Bourne Again shell is a shell and command language interpreter compatible with the Bourne shell. Bash is the default shell for Red Hat Enterprise Linux. It was found that the fix for CVE-2014-6271 was incomplete, and Bash still allowed certain characters to be injected into other environments via specially crafted environment variables. An attacker could potentially use this flaw to override or bypass environment restrictions to execute shell commands. Certain services and applications allow remote unauthenticated attackers to provide environment variables, allowing them to exploit this issue.
88d35c967bdafa1462b50e6b3d195bb62db44e287d9df7085810180afa4b143fUbuntu Security Notice 2363-1 - Tavis Ormandy discovered that the security fix for Bash included in USN-2362-1 was incomplete. An attacker could use this issue to bypass certain environment restrictions.
f5f456c7e48c7214e00ff053cd9387307f5241a9d083c936d0541e007cdceb1aMandriva Linux Security Advisory 2014-190 - It was found that the fix for was incomplete, and Bash still allowed certain characters to be injected into other environments via specially crafted environment variables. An attacker could potentially use this flaw to override or bypass environment restrictions to execute shell commands. Certain services and applications allow remote unauthenticated attackers to provide environment variables, allowing them to exploit this issue. Additionally bash has been updated from patch level 37 to 48 using the upstream patches at ftp://ftp.gnu.org/gnu/bash/bash-4.2-patches/ which resolves various bugs.
ae4a2ddbddcc61c6966f4694c639082e3489b84bee7732ae063725dab98b2b3cSlackware Security Advisory - New bash packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix a security issue.
ef15a9f5d74abb68daa1dd4cfbf2c7875ecd047088315d90b16cfabda7880efdDebian Linux Security Advisory 3036-1 - It was discovered that MediaWiki, a wiki engine, did not sufficiently filter CSS in uploaded SVG files, allowing for cross site scripting.
031db5fef5a40b83c3d7dbe498d63b05566f4feaddd502aa306ab324b04e7cc6Debian Linux Security Advisory 3035-1 - Tavis Ormandy discovered that the patch applied to fix CVE-2014-6271 released in DSA-3032-1 for bash, the GNU Bourne-Again Shell, was incomplete and could still allow some characters to be injected into another environment (CVE-2014-7169). With this update prefix and suffix for environment variable names which contain shell functions are added as hardening measure.
c9152f57044050f4b25ba7c86fda6196e8a06bf2e8ec64116ec765e8c2243201Slackware Security Advisory - New bash packages are available for Slackware 13.0 to fix a security issue.
c5aa03ec719896cf77ac684a412556993a10649e75080a6763d5b213ed7066daLibVNCServer versions 0.9.9 and below suffer from memory management handling, buffer overflow, and denial of service vulnerabilities.
7119467df020792576889e8a01b9e775d65a326b0070c018b47a7524af569c5bCisco Security Advisory - A vulnerability in the Network Address Translation (NAT) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper translation of IP version 4 (IPv4) packets. Cisco has released free software updates that address this vulnerability.
63ec1698c6f3c1763eb3e90238c8c14bb13ab2307119a50dc21da378dde9e0b4Cisco Security Advisory - A vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device. To exploit this vulnerability, affected devices must be configured to process SIP messages. Cisco has released free software updates that address this vulnerability. There are no workarounds for devices that must run SIP; however, mitigations are available to limit exposure to this vulnerability.
f38f520a86845654ee88d37dbd04daa74d66c5fde6e5c1c88e6b483ec7217fadCisco Security Advisory - A vulnerability in the DHCP version 6 (DHCPv6) server implementation of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to improper parsing of malformed DHCPv6 packets. An attacker could exploit this vulnerability by sending malformed DHCPv6 packets to be processed by an affected device. An exploit could allow the attacker to cause a memory leak and eventual reload of an affected device.
e93171093b995dcfbce411a598dfdb3fd5744117c4e5f800cdb73e8f76d5a63cCisco Security Advisory - The Cisco IOS Software implementation of the multicast Domain Name System (mDNS) feature contains multiple vulnerabilities when processing mDNS packets that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.
dc4f1b039a8cc220f77322e33bf032ed370e94d2f117b6a264bed10e06e22b92Cisco Security Advisory - Two vulnerabilities in the metadata flow feature of Cisco IOS Software could allow an unauthenticated, remote attacker to reload a vulnerable device. The vulnerabilities are due to improper handling of transit RSVP packets that need to be processed by the metadata infrastructure. An attacker could exploit these vulnerabilities by sending malformed RSVP packets to an affected device. A successful exploit could allow the attacker to cause an extended denial of service (DoS) condition. Cisco has released free software updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are not available.
86c86ce647dd4d86d2f4e897f5eaf3298c3d789c2a636de21ab0d0483a2c8e91Cisco Security Advisory - A vulnerability in the implementation of the Resource Reservation Protocol (RSVP) in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker cause the device to reload. This vulnerability could be exploited repeatedly to ca use an extended denial of service (DoS) condition. Cisco has released free software updates that address this vulnerability.
122e365c878707d3cce528bd30d26500785e493a4517236096ff2341779bcca7Telerik ASP.NET AJAX RadEditor Control versions 2014.1.403.35 and 2009.3.1208.20 suffer from a persistent cross site scripting vulnerability.
c00ca1a36468d8069de3d09b942cd140f1aa6d4e521b6cead6b21e7289d8edeaHP Security Bulletin HPSBST03103 - A potential security vulnerability has been identified with HP Storage Enterprise Virtual Array (EVA) Command View Suite. The vulnerability could be exploited to allow remote unauthorized access and disclosure of information. This OpenSSL vulnerability was detected in specific OpenSSL versions. OpenSSL is a 3rd party product that is embedded with some HP Software products. This bulletin notifies HP Software customers about products affected by the OpenSSL vulnerabilities. Note: OpenSSL vulnerabilities are vulnerabilities found in the OpenSSL product cryptographic software library product. This weakness potentially allows a Man in the Middle (MITM) attack where the attacker can decrypt and modify traffic from the attacked client and server. The impacted products appear in the list below are vulnerable due to embedding of OpenSSL standard release software. Revision 1 of this advisory.
882f09e4ae66f5476a8646fa21caa2060ff6252423c643fc39c47a7720edd173Mandriva Linux Security Advisory 2014-182 - Robert Scheck reported that Zarafa's WebAccess stored session information, including login credentials, on-disk in PHP session files. This session file would contain a user's username and password to the Zarafa IMAP server. Robert Scheck discovered that the Zarafa Collaboration Platform has multiple incorrect default permissions.
b2f5fd7e47dd9bc8959074a0564d784d915215f47c511bbd8081ec1d31fa3bacMandriva Linux Security Advisory 2014-181 - An integer overflow in liblzo before 2.07 allows attackers to cause a denial of service or possibly code execution in applications using performing LZO decompression on a compressed payload from the attacker. The dump package is built with a bundled copy of minilzo, which is a part of liblzo containing the vulnerable code.
0f75b6891aae24693a8f4e99262c27b89e7e8729e07fcfea36107cd8471f1867Mandriva Linux Security Advisory 2014-185 - Libgadu before 1.12.0 was found to not be performing SSL certificate validation.
4b4385736d1070ac345613dce34804ddc6711899bec6f7f9e55d94b56fe3dd51Mandriva Linux Security Advisory 2014-183 - In phpMyAdmin before 4.2.9, by deceiving a logged-in user to click on a crafted URL, it is possible to perform remote code execution and in some cases, create a root account due to a DOM based XSS vulnerability in the micro history feature.
1696f1ee65496e52f68751a5547aaee9e1f92d935118a6c145b08acaa2b51116
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed