Executive Summary
Informations | |||
---|---|---|---|
Name | MDVSA-2014:244 | First vendor Publication | 2014-12-14 |
Vendor | Mandriva | Last vendor Modification | 2014-12-14 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:S/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 6.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 8 | Authentication | Requires single instance |
Calculate full CVSS 2.0 Vectors scores |
Detail
Multiple vulnerabilities has been found and corrected in openafs: Buffer overflow in certain client utilities in OpenAFS before 1.6.2 allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a long fileserver ACL entry (CVE-2013-1794). Integer overflow in ptserver in OpenAFS before 1.6.2 allows remote attackers to cause a denial of service (crash) via a large list from the IdToName RPC, which triggers a heap-based buffer overflow (CVE-2013-1795). OpenAFS before 1.4.15, 1.6.x before 1.6.5, and 1.7.x before 1.7.26 uses weak encryption (DES) for Kerberos keys, which makes it easier for remote attackers to obtain the service key (CVE-2013-4134). The vos command in OpenAFS 1.6.x before 1.6.5, when using the -encrypt option, only enables integrity protection and sends data in cleartext, which allows remote attackers to obtain sensitive information by sniffing the network (CVE-2013-4135). Buffer overflow in the GetStatistics64 remote procedure call (RPC) in OpenAFS 1.4.8 before 1.6.7 allows remote attackers to cause a denial of service (crash) via a crafted statsVersion argument (CVE-2014-0159). A denial of service flaw was found in libxml2, a library providing support to read, modify and write XML and HTML files. A remote attacker could provide a specially crafted XML file that, when processed by an application using libxml2, would lead to excessive CPU consumption (denial of service) based on excessive entity substitutions, even if entity substitution was disabled, which is the parser default behavior (CVE-2014-3660). The updated packages have been upgraded to the 1.4.15 version and patched to correct these issues. |
Original Source
Url : http://www.mandriva.com/security/advisories?name=MDVSA-2014:244 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
40 % | CWE-310 | Cryptographic Issues |
40 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
20 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:18580 | |||
Oval ID: | oval:org.mitre.oval:def:18580 | ||
Title: | DSA-2729-1 openafs - several | ||
Description: | OpenAFS, the implementation of the distributed filesystem AFS, has been updated to no longer use DES for the encryption of tickets. Additional migration steps are needed to fully set the update into effect. For more information please see the upstream advisory: <a href="http://www.openafs.org/security/OPENAFS-SA-2013-003.txt">OPENAFS-SA-2013-003</a> | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2729-1 CVE-2013-4134 CVE-2013-4135 | Version: | 8 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/Linux 7 Debian GNU/kFreeBSD 6.0 Debian GNU/kFreeBSD 7 | Product(s): | openafs |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19563 | |||
Oval ID: | oval:org.mitre.oval:def:19563 | ||
Title: | DSA-2638-1 openafs - buffer overflow | ||
Description: | Multiple buffer overflows were discovered in OpenAFS, the implementation of the distributed filesystem AFS, which might result in denial of service or the execution of arbitrary code. Further information is available at <a href="http://www.openafs.org/security">http://www.openafs.org/security</a>. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2638-1 CVE-2013-1794 CVE-2013-1795 | Version: | 5 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | openafs |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:27021 | |||
Oval ID: | oval:org.mitre.oval:def:27021 | ||
Title: | DSA-3057-1 libxml2 - security update | ||
Description: | Sogeti found a denial of service flaw in libxml2, a library providing support to read, modify and write XML and HTML files. A remote attacker could provide a specially crafted XML file that, when processed by an application using libxml2, would lead to excessive CPU consumption (denial of service) based on excessive entity substitutions, even if entity substitution was disabled, which is the parser default behavior. (<a href="https://security-tracker.debian.org/tracker/CVE-2014-3660">CVE-2014-3660</a>) | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-3057-1 CVE-2014-3660 | Version: | 3 |
Platform(s): | Debian GNU/Linux 7.0 Debian GNU/kFreeBSD 7.0 | Product(s): | libxml2 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27098 | |||
Oval ID: | oval:org.mitre.oval:def:27098 | ||
Title: | ELSA-2014-1655 -- libxml2 security update | ||
Description: | [2.9.1-5.0.1.el7_0.1] - Update doc/redhat.gif in tarball - Add libxml2-oracle-enterprise.patch and update logos in tarball [2.9.1-5.1] - CVE-2014-3660 denial of service via recursive entity expansion (rhbz#1149087) | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2014-1655 CVE-2014-3660 | Version: | 4 |
Platform(s): | Oracle Linux 7 | Product(s): | libxml2 libxml2-devel libxml2-python libxml2-static |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:27149 | |||
Oval ID: | oval:org.mitre.oval:def:27149 | ||
Title: | RHSA-2014:1655: libxml2 security update (Moderate) | ||
Description: | The libxml2 library is a development toolbox providing the implementation of various XML standards. A denial of service flaw was found in libxml2, a library providing support to read, modify and write XML and HTML files. A remote attacker could provide a specially crafted XML file that, when processed by an application using libxml2, would lead to excessive CPU consumption (denial of service) based on excessive entity substitutions, even if entity substitution was disabled, which is the parser default behavior. (CVE-2014-3660) All libxml2 users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. The desktop must be restarted (log out, then log back in) for this update to take effect. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2014:1655-00 CVE-2014-3660 CESA-2014:1655-CentOS 7 CESA-2014:1655-CentOS 6 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 7 Red Hat Enterprise Linux 6 CentOS Linux 7 CentOS Linux 6 | Product(s): | libxml2 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27531 | |||
Oval ID: | oval:org.mitre.oval:def:27531 | ||
Title: | USN-2389-1 -- libxml2 vulnerability | ||
Description: | It was discovered that libxml2 would incorrectly perform entity substitution even when requested not to. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause resource consumption, resulting in a denial of service. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-2389-1 CVE-2014-3660 | Version: | 3 |
Platform(s): | Ubuntu 14.04 Ubuntu 12.04 Ubuntu 10.04 | Product(s): | libxml2 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27707 | |||
Oval ID: | oval:org.mitre.oval:def:27707 | ||
Title: | RHSA-2014:1885 -- libxml2 security update (Moderate) | ||
Description: | The libxml2 library is a development toolbox providing the implementation of various XML standards. A denial of service flaw was found in libxml2, a library providing support to read, modify and write XML and HTML files. A remote attacker could provide a specially crafted XML file that, when processed by an application using libxml2, would lead to excessive CPU consumption (denial of service) based on excessive entity substitutions, even if entity substitution was disabled, which is the parser default behavior. (CVE-2014-3660) All libxml2 users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. The desktop must be restarted (log out, then log back in) for this update to take effect. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2014:1885 CESA-2014:1885 CVE-2014-3660 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | libxml2 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27924 | |||
Oval ID: | oval:org.mitre.oval:def:27924 | ||
Title: | SUSE-SU-2014:1440-1 -- Security update for libxml2 (moderate) | ||
Description: | This update fixes a denial of service via recursive entity expansion. (CVE-2014-3660) Security Issues: * CVE-2014-3660 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3660> | ||
Family: | unix | Class: | patch |
Reference(s): | SUSE-SU-2014:1440-1 CVE-2014-3660 | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Desktop 11 | Product(s): | libxml2 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:28050 | |||
Oval ID: | oval:org.mitre.oval:def:28050 | ||
Title: | ELSA-2014-1885 -- libxml2 security update (moderate) | ||
Description: | [2.6.26-2.1.25.0.1.el5_11] - Add libxml2-enterprise.patch - Replaced doc/redhat.gif in tarball with updated image [2.6.26-2.1.25.el5] - CVE-2014-3660 denial of service via recursive entity expansion (rhbz#1161841) [2.6.26-2.1.24.el5] - fixed one regexp bug and added a (rhbz#922450) - Another small change on the algorithm for the elimination of epsilon (rhbz#922450) [2.6.26-2.1.23.el5] - detect and stop excessive entities expansion upon replacement (rhbz#912573) [2.6.26-2.1.22.el5] - fix validation issues with some XSD (rhbz#877348) - xmlDOMWrapCloneNode discards namespace of the node parameter (rhbz#884707) | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2014-1885 CVE-2014-3660 | Version: | 3 |
Platform(s): | Oracle Linux 5 | Product(s): | libxml2 |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2015-08-20 | IAVM : 2015-A-0199 - Multiple Vulnerabilities in Apple Mac OS X Severity : Category I - VMSKEY : V0061337 |
2015-02-05 | IAVM : 2015-B-0014 - Multiple Vulnerabilities in VMware ESXi 5.5 Severity : Category I - VMSKEY : V0058513 |
2015-02-05 | IAVM : 2015-B-0013 - Multiple Vulnerabilities in VMware ESXi 5.1 Severity : Category I - VMSKEY : V0058515 |
Snort® IPS/IDS
Date | Description |
---|---|
2014-11-16 | OpenAFS GetStatistics buffer overflow attempt RuleID : 31338 - Revision : 3 - Type : SERVER-OTHER |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2016-06-22 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2016-0063.nasl - Type : ACT_GATHER_INFO |
2016-04-04 | Name : The remote device is affected by multiple vulnerabilities. File : appletv_7_2_1.nasl - Type : ACT_GATHER_INFO |
2016-02-16 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL61570943.nasl - Type : ACT_GATHER_INFO |
2015-12-29 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2015-959.nasl - Type : ACT_GATHER_INFO |
2015-08-17 | Name : The remote host is missing a Mac OS X update that fixes multiple security vul... File : macosx_SecUpd2015-006.nasl - Type : ACT_GATHER_INFO |
2015-08-17 | Name : The remote host is missing a Mac OS X update that fixes multiple security vul... File : macosx_10_10_5.nasl - Type : ACT_GATHER_INFO |
2015-07-31 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2015-0097.nasl - Type : ACT_GATHER_INFO |
2015-05-27 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-0003-1.nasl - Type : ACT_GATHER_INFO |
2015-04-13 | Name : The remote Fedora host is missing a security update. File : fedora_2015-4719.nasl - Type : ACT_GATHER_INFO |
2015-04-08 | Name : The remote Fedora host is missing a security update. File : fedora_2015-4658.nasl - Type : ACT_GATHER_INFO |
2015-03-30 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2015-111.nasl - Type : ACT_GATHER_INFO |
2015-03-26 | Name : The remote Debian host is missing a security update. File : debian_DLA-80.nasl - Type : ACT_GATHER_INFO |
2015-03-26 | Name : The remote Debian host is missing a security update. File : debian_DLA-151.nasl - Type : ACT_GATHER_INFO |
2015-01-29 | Name : The remote VMware ESXi 5.5 host is affected by multiple vulnerabilities. File : vmware_esxi_5_5_build_2352327_remote.nasl - Type : ACT_GATHER_INFO |
2015-01-29 | Name : The remote VMware ESXi host is missing one or more security-related patches. File : vmware_VMSA-2015-0001.nasl - Type : ACT_GATHER_INFO |
2014-12-15 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-244.nasl - Type : ACT_GATHER_INFO |
2014-12-15 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201412-06.nasl - Type : ACT_GATHER_INFO |
2014-12-05 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL15872.nasl - Type : ACT_GATHER_INFO |
2014-11-26 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2014-0031.nasl - Type : ACT_GATHER_INFO |
2014-11-24 | Name : The remote Fedora host is missing a security update. File : fedora_2014-13047.nasl - Type : ACT_GATHER_INFO |
2014-11-21 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-1885.nasl - Type : ACT_GATHER_INFO |
2014-11-21 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20141120_libxml2_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2014-11-21 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1885.nasl - Type : ACT_GATHER_INFO |
2014-11-21 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-1885.nasl - Type : ACT_GATHER_INFO |
2014-11-18 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_libxml2-141020.nasl - Type : ACT_GATHER_INFO |
2014-11-18 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2014-444.nasl - Type : ACT_GATHER_INFO |
2014-11-03 | Name : The remote Fedora host is missing a security update. File : fedora_2014-12915.nasl - Type : ACT_GATHER_INFO |
2014-10-30 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-606.nasl - Type : ACT_GATHER_INFO |
2014-10-28 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2389-1.nasl - Type : ACT_GATHER_INFO |
2014-10-28 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-3057.nasl - Type : ACT_GATHER_INFO |
2014-10-24 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-204.nasl - Type : ACT_GATHER_INFO |
2014-10-23 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20141016_libxml2_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2014-10-22 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-1655.nasl - Type : ACT_GATHER_INFO |
2014-10-20 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_0642b06456c411e48b87bcaec565249c.nasl - Type : ACT_GATHER_INFO |
2014-10-20 | Name : The remote Fedora host is missing a security update. File : fedora_2014-12995.nasl - Type : ACT_GATHER_INFO |
2014-10-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1655.nasl - Type : ACT_GATHER_INFO |
2014-10-17 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-1655.nasl - Type : ACT_GATHER_INFO |
2014-04-16 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_09f47c51c1a611e3a5ac001b21614864.nasl - Type : ACT_GATHER_INFO |
2014-04-10 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20140411_openafs_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2014-04-10 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_c0c31b27bff311e39d09000c2980a9f3.nasl - Type : ACT_GATHER_INFO |
2014-04-10 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2899.nasl - Type : ACT_GATHER_INFO |
2014-04-08 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201404-05.nasl - Type : ACT_GATHER_INFO |
2013-07-30 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2729.nasl - Type : ACT_GATHER_INFO |
2013-07-26 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130724_openafs_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2013-07-26 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_c4d412c8f4d111e2b86c000c295229d5.nasl - Type : ACT_GATHER_INFO |
2013-06-03 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_0bf376b7cc6b11e2a42414dae938ec40.nasl - Type : ACT_GATHER_INFO |
2013-03-05 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2638.nasl - Type : ACT_GATHER_INFO |
2013-03-05 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130304_openafs_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2015-11-17 00:22:47 |
|
2014-12-16 13:25:49 |
|
2014-12-14 17:21:56 |
|