CVE-2015-3812 – wireshark: X11 memory leak (wnpa-sec-2015-15)
https://notcve.org/view.php?id=CVE-2015-3812
Multiple memory leaks in the x11_init_protocol function in epan/dissectors/packet-x11.c in the X11 dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 allow remote attackers to cause a denial of service (memory consumption) via a crafted packet. Múltiples fugas de memoria en la función x11_init_protocol en epan/dissectors/packet-x11.c en el disector X11 en Wireshark 1.10.x anterior a 1.10.14 y 1.12.x anterior a 1.12.5 permiten a atacantes remotos causar una denegación de servicio (consumo de memoria) a través de un paquete manipulado. A flaw was found in X11 dissector of wireshark of which an attacker could make wireshark consume excessive CPU resources which could make system unresponsive by injecting specially crafted packet onto the wire or by convincing wireshark user to read malformed packet trace file. • http://rhn.redhat.com/errata/RHSA-2017-0631.html http://www.debian.org/security/2015/dsa-3277 http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html http://www.securityfocus.com/bid/74637 http://www.wireshark.org/security/wnpa-sec-2015-15.html https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11088 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=b8ccc2a6add29823a • CWE-399: Resource Management Errors CWE-401: Missing Release of Memory after Effective Lifetime •
CVE-2015-3988 – python-django-horizon: persistent XSS in Horizon metadata dashboard
https://notcve.org/view.php?id=CVE-2015-3988
Multiple cross-site scripting (XSS) vulnerabilities in OpenStack Dashboard (Horizon) 2015.1.0 allow remote authenticated users to inject arbitrary web script or HTML via the metadata to a (1) Glance image, (2) Nova flavor or (3) Host Aggregate. Múltiples vulnerabilidades de XSS en OpenStack Dashboard (Horizon) 2015.1.0 permiten a usuarios remotos autenticados inyectar secuencias de comandos web arbitrarios o HTML a través de los metadatos en (1) una imagen Glance, (2) un sabor Nova o (3) Host Aggregate. A flaw was discovered in the OpenStack dashboard (horizon) handling of metadata. Potentially untrusted data was displayed from OpenStack Image service (glance) images, OpenStack Compute (nova) flavors, or host aggregates without correct sanitization. The flaw could be used by an authenticated user to conduct an XSS attack. • http://rhn.redhat.com/errata/RHSA-2015-1679.html http://www.openwall.com/lists/oss-security/2015/05/12/9 http://www.openwall.com/lists/oss-security/2015/05/14/14 http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html http://www.securityfocus.com/bid/74666 https://security.openstack.org/ossa/OSSA-2015-009.html https://access.redhat.com/security/cve/CVE-2015-3988 https://bugzilla.redhat.com/show_bug.cgi?id=1222871 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2015-3646
https://notcve.org/view.php?id=CVE-2015-3646
OpenStack Identity (Keystone) before 2014.1.5 and 2014.2.x before 2014.2.4 logs the backend_argument configuration option content, which allows remote authenticated users to obtain passwords and other sensitive backend information by reading the Keystone logs. OpenStack Identity (Keystone) anterior a 2014.1.5 y 2014.2.x anterior a 2014.2.4 registra el contenido de la opción de configuración backend_argument, lo que permite a usuarios remotos autenticados obtener contraseñas y otra información sensible de backends mediante la lectura de los registros Keystone. • http://lists.openstack.org/pipermail/openstack-announce/2015-May/000356.html http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html http://www.securityfocus.com/bid/74456 https://bugs.launchpad.net/keystone/+bug/1443598 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2015-3455 – squid: incorrect X509 server certificate validation (SQUID-2015:1)
https://notcve.org/view.php?id=CVE-2015-3455
Squid 3.2.x before 3.2.14, 3.3.x before 3.3.14, 3.4.x before 3.4.13, and 3.5.x before 3.5.4, when configured with client-first SSL-bump, do not properly validate the domain or hostname fields of X.509 certificates, which allows man-in-the-middle attackers to spoof SSL servers via a valid certificate. Squid 3.2.x en versiones anteriores a 3.2.14, 3.3.x en versiones anteriores a 3.3.14, 3.4.x en versiones anteriores a 3.4.13 y 3.5.x en versiones anteriores a 3.5.4, cuando el primer cliente está configurado mediante SSL-bump, no valida adecuadamente el dominio o campos de nombre de host de certificados X.509, lo que permite a atacantes man-in-the-middle suplantar servidores SSL a través de un certificado válido. It was found that Squid configured with client-first SSL-bump did not correctly validate X.509 server certificate host name fields. A man-in-the-middle attacker could use this flaw to spoof a Squid server using a specially crafted X.509 certificate. • http://advisories.mageia.org/MGASA-2015-0191.html http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183598.html http://lists.opensuse.org/opensuse-updates/2015-09/msg00016.html http://lists.opensuse.org/opensuse-updates/2016-08/msg00069.html http://rhn.redhat.com/errata/RHSA-2015-2378.html http://www.mandriva.com/security/advisories?name=MDVSA-2015:230 http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html http://www.oracle.com/technetwork/topics/security • CWE-20: Improper Input Validation CWE-297: Improper Validation of Certificate with Host Mismatch •
CVE-2015-3294
https://notcve.org/view.php?id=CVE-2015-3294
The tcp_request function in Dnsmasq before 2.73rc4 does not properly handle the return value of the setup_reply function, which allows remote attackers to read process memory and cause a denial of service (out-of-bounds read and crash) via a malformed DNS request. La función tcp_request en Dnsmasq anterior a 2.73rc4 no maneja correctamente el valor de retorno de la función setup_reply, lo que permite a atacantes remotos leer la memoria de procesos y causar una denegación de servicio (lectura fuera de rango y caída) a través de una solicitud DNS malformada. • http://lists.opensuse.org/opensuse-updates/2015-05/msg00013.html http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2015q2/009382.html http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2015q2/009387.html http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commitdiff%3Bh=ad4a8ff7d9097008d7623df8543df435bfddeac8 http://www.debian.org/security/2015/dsa-3251 http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html http://www.securityfocus.com/archive/1/535354/100/1100/threaded • CWE-19: Data Processing Errors •