VAR-201501-0737
Vulnerability from variot - Updated: 2025-12-22 22:06Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka "GHOST.". This vulnerability has been assigned CVE-2015-0235, and is referred to in the media by the name "GHOST". -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
APPLE-SA-2015-10-21-4 OS X El Capitan 10.11.1 and Security Update 2015-007
OS X El Capitan 10.11.1 and Security Update 2015-007 are now available and address the following:
Accelerate Framework Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11 Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: A memory corruption issue existed in the Accelerate Framework in multi-threading mode. This issue was addressed through improved accessor element validation and improved object locking. CVE-ID CVE-2015-5940 : Apple
apache_mod_php Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11 Impact: Multiple vulnerabilities in PHP Description: Multiple vulnerabilities existed in PHP versions prior to 5.5.29 and 5.4.45. These were addressed by updating PHP to versions 5.5.29 and 5.4.45. CVE-ID CVE-2015-0235 CVE-2015-0273 CVE-2015-6834 CVE-2015-6835 CVE-2015-6836 CVE-2015-6837 CVE-2015-6838
ATS Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11 Impact: Visiting a maliciously crafted webpage may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in ATS. This issue was addressed through improved memory handling. CVE-ID CVE-2015-6985 : John Villamil (@day6reak), Yahoo Pentest Team
Audio Available for: OS X El Capitan 10.11 Impact: A malicious application may be able to execute arbitrary code Description: An uninitialized memory issue existed in coreaudiod. This issue was addressed through improved memory initialization. CVE-ID CVE-2015-7003 : Mark Brand of Google Project Zero
Audio Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11 Impact: Playing a malicious audio file may lead to arbitrary code execution Description: Multiple memory corruption issues existed in the handling of audio files. These issues were addressed through improved memory handling. CVE-ID CVE-2015-5933 : Apple CVE-2015-5934 : Apple
Bom Available for: OS X El Capitan 10.11 Impact: Unpacking a maliciously crafted archive may lead to arbitrary code execution Description: A file traversal vulnerability existed in the handling of CPIO archives. This issue was addressed through improved validation of metadata. CVE-ID CVE-2015-7006 : Mark Dowd of Azimuth Security
CFNetwork Available for: OS X El Capitan 10.11 Impact: Visiting a maliciously crafted website may lead to cookies being overwritten Description: A parsing issue existed when handling cookies with different letter casing. This issue was addressed through improved parsing. CVE-ID CVE-2015-7023 : Marvin Scholz; Xiaofeng Zheng and Jinjin Liang of Tsinghua University, Jian Jiang of University of California, Berkeley, Haixin Duan of Tsinghua University and International Computer Science Institute, Shuo Chen of Microsoft Research Redmond, Tao Wan of Huawei Canada, Nicholas Weaver of International Computer Science Institute and University of California, Berkeley, coordinated via CERT/CC
configd Available for: OS X El Capitan 10.11 Impact: A malicious application may be able to elevate privileges Description: A heap based buffer overflow issue existed in the DNS client library. A malicious application with the ability to spoof responses from the local configd service may have been able to cause arbitrary code execution in DNS clients. CVE-ID CVE-2015-7015 : PanguTeam
CoreGraphics Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11 Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: Multiple memory corruption issues existed in CoreGraphics. These issues were addressed through improved memory handling. CVE-ID CVE-2015-5925 : Apple CVE-2015-5926 : Apple
CoreText Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11 Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: Multiple memory corruption issues existed in the handling of font files. These issues were addressed through improved bounds checking. CVE-ID CVE-2015-6992 : John Villamil (@day6reak), Yahoo Pentest Team
CoreText Available for: OS X Yosemite v10.10.5 and OS X El Capitan 10.11 Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: Multiple memory corruption issues existed in the handling of font files. These issues were addressed through improved bounds checking. CVE-ID CVE-2015-6975 : John Villamil (@day6reak), Yahoo Pentest Team
CoreText Available for: OS X El Capitan 10.11 Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: Multiple memory corruption issues existed in the handling of font files. These issues were addressed through improved bounds checking. CVE-ID CVE-2015-7017 : John Villamil (@day6reak), Yahoo Pentest Team
CoreText Available for: OS X Mavericks v10.9.5 and OS X Yosemite v10.10.5 Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: Multiple memory corruption issues existed in the handling of font files. These issues were addressed through improved bounds checking. CVE-ID CVE-2015-5944 : John Villamil (@day6reak), Yahoo Pentest Team
Disk Images Available for: OS X El Capitan 10.11 Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in the parsing of disk images. This issue was addressed through improved memory handling. CVE-ID CVE-2015-6995 : Ian Beer of Google Project Zero
EFI Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11 Impact: An attacker can exercise unused EFI functions Description: An issue existed with EFI argument handling. This was addressed by removing the affected functions. CVE-ID CVE-2015-7035 : Corey Kallenberg, Xeno Kovah, John Butterworth, and Sam Cornwell of The MITRE Corporation, coordinated via CERT/CC
File Bookmark Available for: OS X El Capitan 10.11 Impact: Browsing to a folder with malformed bookmarks may cause unexpected application termination Description: An input validation issue existed in parsing bookmark metadata. This issue was addressed through improved validation checks. CVE-ID CVE-2015-6987 : Luca Todesco (@qwertyoruiop)
FontParser Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11 Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: Multiple memory corruption issues existed in the handling of font files. These issues were addressed through improved bounds checking. CVE-ID CVE-2015-5927 : Apple CVE-2015-5942 CVE-2015-6976 : John Villamil (@day6reak), Yahoo Pentest Team CVE-2015-6977 : John Villamil (@day6reak), Yahoo Pentest Team CVE-2015-6978 : Jaanus Kp, Clarified Security, working with HP's Zero Day Initiative CVE-2015-6991 : John Villamil (@day6reak), Yahoo Pentest Team CVE-2015-6993 : John Villamil (@day6reak), Yahoo Pentest Team CVE-2015-7009 : John Villamil (@day6reak), Yahoo Pentest Team CVE-2015-7010 : John Villamil (@day6reak), Yahoo Pentest Team CVE-2015-7018 : John Villamil (@day6reak), Yahoo Pentest Team
FontParser Available for: OS X El Capitan 10.11 Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: Multiple memory corruption issues existed in the handling of font files. These issues were addressed through improved bounds checking. CVE-ID CVE-2015-6990 : John Villamil (@day6reak), Yahoo Pentest Team CVE-2015-7008 : John Villamil (@day6reak), Yahoo Pentest Team
Grand Central Dispatch Available for: OS X Yosemite v10.10.5 and OS X El Capitan 10.11 Impact: Processing a maliciously crafted package may lead to arbitrary code execution Description: A memory corruption issue existed in the handling of dispatch calls. This issue was addressed through improved memory handling. CVE-ID CVE-2015-6989 : Apple
Graphics Drivers Available for: OS X El Capitan 10.11 Impact: A local user may be able to cause unexpected system termination or read kernel memory Description: Multiple out of bounds read issues existed in the NVIDIA graphics driver. These issues were addressed through improved bounds checking. CVE-ID CVE-2015-7019 : Ian Beer of Google Project Zero CVE-2015-7020 : Moony Li of Trend Micro
Graphics Drivers Available for: OS X El Capitan 10.11 Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue existed in the kernel. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7021 : Moony Li of Trend Micro
ImageIO Available for: OS X Mavericks v10.9.5 and OS X Yosemite v10.10.5 Impact: Processing a maliciously crafted image file may lead to arbitrary code execution Description: Multiple memory corruption issues existed in the parsing of image metadata. These issues were addressed through improved metadata validation. CVE-ID CVE-2015-5935 : Apple CVE-2015-5938 : Apple
ImageIO Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11 Impact: Processing a maliciously crafted image file may lead to arbitrary code execution Description: Multiple memory corruption issues existed in the parsing of image metadata. These issues were addressed through improved metadata validation. CVE-ID CVE-2015-5936 : Apple CVE-2015-5937 : Apple CVE-2015-5939 : Apple
IOAcceleratorFamily Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11 Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in IOAcceleratorFamily. This issue was addressed through improved memory handling. CVE-ID CVE-2015-6996 : Ian Beer of Google Project Zero
IOHIDFamily Available for: OS X El Capitan 10.11 Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue existed in the kernel. This issue was addressed through improved memory handling. CVE-ID CVE-2015-6974 : Luca Todesco (@qwertyoruiop)
Kernel Available for: OS X Yosemite v10.10.5 Impact: A local user may be able to execute arbitrary code with system privileges Description: A type confusion issue existed in the validation of Mach tasks. This issue was addressed through improved Mach task validation. CVE-ID CVE-2015-5932 : Luca Todesco (@qwertyoruiop), Filippo Bigarella
Kernel Available for: OS X El Capitan 10.11 Impact: An attacker with a privileged network position may be able to execute arbitrary code Description: An uninitialized memory issue existed in the kernel. This issue was addressed through improved memory initialization. CVE-ID CVE-2015-6988 : The Brainy Code Scanner (m00nbsd)
Kernel Available for: OS X El Capitan 10.11 Impact: A local application may be able to cause a denial of service Description: An issue existed when reusing virtual memory. This issue was addressed through improved validation. CVE-ID CVE-2015-6994 : Mark Mentovai of Google Inc.
libarchive Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11 Impact: A malicious application may be able to overwrite arbitrary files Description: An issue existed within the path validation logic for symlinks. This issue was addressed through improved path sanitization. CVE-ID CVE-2015-6984 : Christopher Crone of Infinit, Jonathan Schleifer
MCX Application Restrictions Available for: OS X Yosemite v10.10.5 and OS X El Capitan 10.11 Impact: A developer-signed executable may acquire restricted entitlements Description: An entitlement validation issue existed in Managed Configuration. A developer-signed app could bypass restrictions on use of restricted entitlements and elevate privileges. This issue was addressed through improved provisioning profile validation. CVE-ID CVE-2015-7016 : Apple
Net-SNMP Available for: OS X El Capitan 10.11 Impact: An attacker in a privileged network position may be able to cause a denial of service Description: Multiple issues existed in netsnmp version 5.6. These issues were addressed by using patches affecting OS X from upstream. CVE-ID CVE-2012-6151 CVE-2014-3565
OpenGL Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11 Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: A memory corruption issue existed in OpenGL. This issue was addressed through improved memory handling. CVE-ID CVE-2015-5924 : Apple
OpenSSH Available for: OS X El Capitan 10.11 Impact: A local user may be able to conduct impersonation attacks Description: A privilege separation issue existed in PAM support. This issue was addressed with improved authorization checks. CVE-ID CVE-2015-6563 : Moritz Jodeit of Blue Frost Security GmbH
Sandbox Available for: OS X El Capitan 10.11 Impact: A local user may be able to execute arbitrary code with kernel privileges Description: An input validation issue existed when handling NVRAM parameters. This issue was addressed through improved validation. CVE-ID CVE-2015-5945 : Rich Trouton (@rtrouton), Howard Hughes Medical Institute, Apple
Script Editor Available for: OS X El Capitan 10.11 Impact: An attacker may trick a user into running arbitrary AppleScript Description: In some circumstances, Script Editor did not ask for user confirmation before executing AppleScripts. This issue was addressed by prompting for user confirmation before executing AppleScripts. CVE-ID CVE-2015-7007 : Joe Vennix of Rapid7
Security Available for: OS X El Capitan 10.11 Impact: A malicious application may be able to overwrite arbitrary files Description: A double free issue existed in the handling of AtomicBufferedFile descriptors. This issue was addressed through improved validation of AtomicBufferedFile descriptors. CVE-ID CVE-2015-6983 : David Benjamin, Greg Kerr, Mark Mentovai and Sergey Ulanov from the Chrome Team
SecurityAgent Available for: OS X El Capitan 10.11 Impact: A malicious application can programmatically control keychain access prompts Description: A method existed for applications to create synthetic clicks on keychain prompts. This was addressed by disabling synthetic clicks for keychain access windows. CVE-ID CVE-2015-5943
Installation note:
OS X El Capitan v10.11.1 includes the security content of Safari 9.0.1: https://support.apple.com/kb/HT205377
OS X El Capitan 10.11.1 and Security Update 2015-007 may be obtained from the Mac App Store or Apple's Software Downloads web site: http://www.apple.com/support/downloads/
Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org
iQIcBAEBCAAGBQJWJuKsAAoJEBcWfLTuOo7t8e0P/igVHKDXeLNib2eEzbS2BMVV Ee968BgEDw1xnHK8zzh3bbRNxxAUT9lwe8RuSYECfp8sUYySb51/VIWpmidewsqB az7mJ4Gohldppejc5tykHDoTYesQL7iySLn74PdxZfZXbtz2EGJK19cA6hIHcO5x ZiMCbJzTaAOylKRQRRi3kMdNWEzxbtm90247vNx/zMSjs1bhGlQbJsCVDmX/Q9uH Xja9aPCHDfaQueTw5idbXwT+Y/+I9ytBlL5JXVrjRUDYCtuewC4DNsQxZY0qcDyE A7/0G7iYW5vOECNhpoLA0+1MbdHxJXhwJtmIKX8zucYqe/Vr4j41oGey/HJW55ER USJ2RBpMtGhDEolyvxz7FlSPYOIpp05mwMB0GWQWAmkWDAxnagkQm9xwKBMt4eq4 CNdI0YaX0iPPWYIkI3HpZHdzuwbE5b053cw1hLKc0OVQBiqLUQxe3W5s64ZqTSe0 whlm9lt/9EUwyfXHEiXTYi/d+CF8+JthY4ieXRJ4mwz77udafmgA5Pbl71SqB8pE 7TBByuCOFdou6JmdJPahLDxoGRA+i7Z+a8Myn4WtbemkjrO9iZ/VsdAdl/Db+7cz rEgSPjelEC5z5WxQspiuohxU1NkDnMgWm2Tnx+pFBOfZMheE4xnTfve3vqY+gQdN 4GbuRXld4PbxeDdel0Nk =snJ4 -----END PGP SIGNATURE----- .
Please update or upgrade to one of the following versions or subsequent.
References:
CVE-2015-0235 - Buffer Errors (CWE-119) SSRT101906
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
The glibc updates are available for RHEL4, RHEL5, and RHEL6 at:
https://access.redhat.com/security/cve/CVE-2015-0235
WORKAROUND INSTRUCTIONS
HP recommends following this information after applying the updates to protect against potential risk for the specified HP IceWall products.
HP IceWall SSO Dfw
The AGENT_PERMIT configuration parameter allows Dfw to restrict requests from the Agent (another module) by using one of following methods: IP (IP address), HOST(host name) and DOMAIN (domain name). If possible, do not specify the "IP" value as the evaluation method in setting AGENT_PERMIT. Instead, use "HOST" or "DOMAIN".
Note: The HP IceWall product is only available in Japan.
HISTORY Version:1 (rev.1) - 2 February 2015 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04589512
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c04589512 Version: 1
HPSBGN03285 rev.1 - HP Business Service Manager Virtual Appliance, Multiple
Vulnerabilities
NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.
Release Date: 2015-03-17 Last Updated: 2015-03-17
Potential Security Impact: Multiple vulnerabilities
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with these three
packages. These vulnerabilities could be exploited to allow execution of
code.
HP Operation Agent Virtual Appliance for monitoring VMware vSphere
environments (OAVA) HP Virtualization Performance Viewer for monitoring VMware vSphere
environments (vPV VA) HP Operations Manager i 10.00 Virtual (OMi VA)
References:
CVE-2015-0235 - Buffer Errors (CWE-119) CVE-2012-6657 - Permissions, Privileges, and Access Control (CWE-264) CVE-2014-3673 - Resource Management Errors (CWE-399) CVE-2014-3687 - Resource Management Errors (CWE-399) CVE-2014-3688 - Resource Management Errors (CWE-399) CVE-2014-5471 - Resource Management Errors (CWE-399) CVE-2014-5472 - Input Validation (CWE-20) CVE-2014-6410 - Resource Management Errors (CWE-399) CVE-2014-9322- Permissions, Privileges, and Access Control (CWE-264) SSRT101955
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP Operation Agent Virtual Appliance for monitoring VMware vSphere
environments (OAVA) v11.14, v11.13, v11.12, v11.11
HP Virtualization Performance Viewer for monitoring VMware vSphere
environments (vPV VA) v2.10, v2.01, v2.0, v1.x
HP Operations Manager i 10.00 Virtual (OMi VA) v10.00
BACKGROUND For a PGP signed version of this security bulletin please write to:
security-alert@hp.com
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2015-0235 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-6657 (AV:L/AC:L/Au:N/C:N/I:N/A:C) 4.9 CVE-2014-3673 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 CVE-2014-3687 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 CVE-2014-3688 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2014-5471 (AV:L/AC:H/Au:N/C:N/I:N/A:C) 4.0 CVE-2014-5472 (AV:L/AC:H/Au:N/C:N/I:N/A:C) 4.0 CVE-2014-6410 (AV:L/AC:M/Au:N/C:N/I:N/A:C) 4.7 CVE-2014-9322 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has provided the following information to mitigate the impact of these
vulnerabilities.
https://softwaresupport.hp.com/group/softwaresupport/search-
result/-/facetsearch/document/KM01411792
HISTORY Version:1 (rev.1) - 17 March 2015 Initial release
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported
product, send Email to: security-alert@hp.com It is strongly recommended that security related information being
communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key
Subscribe: To initiate a subscription to receive future HP Security Bulletins
via Email: http://h30046.www3.hp.com/driverAlertProfile.php?
regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile
to update appropriate sections.
To review previously published Security Bulletins visit:
http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is
represented by the 5th and 6th characters of the Bulletin number in the
title: GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW
MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS
PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux
TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to
maintain system integrity. HP is continually reviewing and enhancing the
security features of software products to provide customers with current
secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the
attention of users of the affected HP products the important security
information contained in this Bulletin. HP recommends that all users
determine the applicability of this information to their individual
situations and take appropriate action. HP does not warrant that this
information is necessarily accurate or complete for all user situations and,
consequently, HP will not be responsible for any damages resulting from
user's use or disregard of the information provided in this Bulletin. To the
extent permitted by law, HP disclaims all warranties, either express or
implied, including the warranties of merchantability and fitness for a
particular purpose, title and non-infringement."
Copyright 2015 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors
or omissions contained herein. The information provided is provided "as is"
without warranty of any kind. To the extent permitted by law, neither HP or
its affiliates, subcontractors or suppliers will be liable for incidental,
special or consequential damages including downtime cost; lost profits;
damages relating to the procurement of substitute products or services; or
damages for loss of data, or software restoration. The information in this
document is subject to change without notice. Hewlett-Packard Company and the
names of Hewlett-Packard products referenced herein are trademarks of
Hewlett-Packard Company in the United States and other countries. Other
product and company names mentioned herein may be trademarks of their
respective owners. Content-Disposition: inline
==========================================================================Ubuntu Security Notice USN-2485-1 January 27, 2015
eglibc vulnerability
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 LTS
- Ubuntu 10.04 LTS
Summary:
The GNU C Library could be made to crash or run programs.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 12.04 LTS: libc6 2.15-0ubuntu10.10
Ubuntu 10.04 LTS: libc6 2.11.1-0ubuntu7.20
After a standard system update you need to reboot your computer to make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: glibc security update Advisory ID: RHSA-2015:0101-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0101.html Issue date: 2015-01-28 CVE Names: CVE-2015-0235 =====================================================================
- Summary:
Updated glibc packages that fix one security issue are now available for Red Hat Enterprise Linux 4 Extended Life Cycle Support.
Red Hat Product Security has rated this update as having Critical security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux AS (v. 4 ELS) - i386, ia64, x86_64 Red Hat Enterprise Linux ES (v. 4 ELS) - i386, ia64, x86_64
- Description:
The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the Name Server Caching Daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. (CVE-2015-0235)
Red Hat would like to thank Qualys for reporting this issue.
All glibc users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1183461 - CVE-2015-0235 glibc: __nss_hostname_digits_dots() heap-based buffer overflow
- Package List:
Red Hat Enterprise Linux AS (v. 4 ELS):
Source: glibc-2.3.4-2.57.el4.2.src.rpm
i386: glibc-2.3.4-2.57.el4.2.i386.rpm glibc-2.3.4-2.57.el4.2.i686.rpm glibc-common-2.3.4-2.57.el4.2.i386.rpm glibc-debuginfo-2.3.4-2.57.el4.2.i386.rpm glibc-debuginfo-2.3.4-2.57.el4.2.i686.rpm glibc-debuginfo-common-2.3.4-2.57.el4.2.i386.rpm glibc-devel-2.3.4-2.57.el4.2.i386.rpm glibc-headers-2.3.4-2.57.el4.2.i386.rpm glibc-profile-2.3.4-2.57.el4.2.i386.rpm glibc-utils-2.3.4-2.57.el4.2.i386.rpm nptl-devel-2.3.4-2.57.el4.2.i386.rpm nptl-devel-2.3.4-2.57.el4.2.i686.rpm nscd-2.3.4-2.57.el4.2.i386.rpm
ia64: glibc-2.3.4-2.57.el4.2.i686.rpm glibc-2.3.4-2.57.el4.2.ia64.rpm glibc-common-2.3.4-2.57.el4.2.ia64.rpm glibc-debuginfo-2.3.4-2.57.el4.2.i686.rpm glibc-debuginfo-2.3.4-2.57.el4.2.ia64.rpm glibc-debuginfo-common-2.3.4-2.57.el4.2.i386.rpm glibc-devel-2.3.4-2.57.el4.2.ia64.rpm glibc-headers-2.3.4-2.57.el4.2.ia64.rpm glibc-profile-2.3.4-2.57.el4.2.ia64.rpm glibc-utils-2.3.4-2.57.el4.2.ia64.rpm nptl-devel-2.3.4-2.57.el4.2.ia64.rpm nscd-2.3.4-2.57.el4.2.ia64.rpm
x86_64: glibc-2.3.4-2.57.el4.2.i686.rpm glibc-2.3.4-2.57.el4.2.x86_64.rpm glibc-common-2.3.4-2.57.el4.2.x86_64.rpm glibc-debuginfo-2.3.4-2.57.el4.2.i386.rpm glibc-debuginfo-2.3.4-2.57.el4.2.i686.rpm glibc-debuginfo-2.3.4-2.57.el4.2.x86_64.rpm glibc-debuginfo-common-2.3.4-2.57.el4.2.i386.rpm glibc-devel-2.3.4-2.57.el4.2.i386.rpm glibc-devel-2.3.4-2.57.el4.2.x86_64.rpm glibc-headers-2.3.4-2.57.el4.2.x86_64.rpm glibc-profile-2.3.4-2.57.el4.2.x86_64.rpm glibc-utils-2.3.4-2.57.el4.2.x86_64.rpm nptl-devel-2.3.4-2.57.el4.2.x86_64.rpm nscd-2.3.4-2.57.el4.2.x86_64.rpm
Red Hat Enterprise Linux ES (v. 4 ELS):
Source: glibc-2.3.4-2.57.el4.2.src.rpm
i386: glibc-2.3.4-2.57.el4.2.i386.rpm glibc-2.3.4-2.57.el4.2.i686.rpm glibc-common-2.3.4-2.57.el4.2.i386.rpm glibc-debuginfo-2.3.4-2.57.el4.2.i386.rpm glibc-debuginfo-2.3.4-2.57.el4.2.i686.rpm glibc-debuginfo-common-2.3.4-2.57.el4.2.i386.rpm glibc-devel-2.3.4-2.57.el4.2.i386.rpm glibc-headers-2.3.4-2.57.el4.2.i386.rpm glibc-profile-2.3.4-2.57.el4.2.i386.rpm glibc-utils-2.3.4-2.57.el4.2.i386.rpm nptl-devel-2.3.4-2.57.el4.2.i386.rpm nptl-devel-2.3.4-2.57.el4.2.i686.rpm nscd-2.3.4-2.57.el4.2.i386.rpm
ia64: glibc-debuginfo-common-2.3.4-2.57.el4.2.i386.rpm
x86_64: glibc-2.3.4-2.57.el4.2.i686.rpm glibc-2.3.4-2.57.el4.2.x86_64.rpm glibc-common-2.3.4-2.57.el4.2.x86_64.rpm glibc-debuginfo-2.3.4-2.57.el4.2.i386.rpm glibc-debuginfo-2.3.4-2.57.el4.2.i686.rpm glibc-debuginfo-2.3.4-2.57.el4.2.x86_64.rpm glibc-debuginfo-common-2.3.4-2.57.el4.2.i386.rpm glibc-devel-2.3.4-2.57.el4.2.i386.rpm glibc-devel-2.3.4-2.57.el4.2.x86_64.rpm glibc-headers-2.3.4-2.57.el4.2.x86_64.rpm glibc-profile-2.3.4-2.57.el4.2.x86_64.rpm glibc-utils-2.3.4-2.57.el4.2.x86_64.rpm nptl-devel-2.3.4-2.57.el4.2.x86_64.rpm nscd-2.3.4-2.57.el4.2.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2015-0235 https://access.redhat.com/security/updates/classification/#critical
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFUyRwbXlSAg2UNWIIRAnx8AJ94LYbxTEFIpPLiN/L5Wg+RHu8sewCfU4Gq q+5AuvegeRJa0LimEFiDjZE= =l1Y9 -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
Gentoo Linux Security Advisory GLSA 201503-04
http://security.gentoo.org/
Severity: Normal Title: GNU C Library: Multiple vulnerabilities Date: March 08, 2015 Bugs: #431218, #434408, #454862, #464634, #477330, #480734, #484646, #488084, #489234, #501196, #513090, #521930, #537990 ID: 201503-04
Synopsis
Multiple vulnerabilities have been found in GNU C Library, the worst of which allowing a local attacker to execute arbitrary code or cause a Denial of Service .
Background
The GNU C library is the standard C library used by Gentoo Linux systems.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 sys-libs/glibc < 2.19-r1 >= 2.19-r1
Description
Multiple vulnerabilities have been discovered in the GNU C Library. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All glibc users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=sys-libs/glibc-2.19-r1"
References
[ 1 ] CVE-2012-3404 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3404 [ 2 ] CVE-2012-3405 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3405 [ 3 ] CVE-2012-3406 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3406 [ 4 ] CVE-2012-3480 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3480 [ 5 ] CVE-2012-4412 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4412 [ 6 ] CVE-2012-4424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4424 [ 7 ] CVE-2012-6656 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6656 [ 8 ] CVE-2013-0242 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0242 [ 9 ] CVE-2013-1914 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1914 [ 10 ] CVE-2013-2207 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2207 [ 11 ] CVE-2013-4237 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4237 [ 12 ] CVE-2013-4332 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4332 [ 13 ] CVE-2013-4458 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4458 [ 14 ] CVE-2013-4788 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4788 [ 15 ] CVE-2014-4043 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-4043 [ 16 ] CVE-2015-0235 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0235
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201503-04.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2015 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. SEC Consult Vulnerability Lab Security Advisory < 20210901-0 > ======================================================================= title: Multiple vulnerabilities product: see "Vulnerable / tested versions" vulnerable version: see "Vulnerable / tested versions" fixed version: see "Solution" CVE number: CVE-2021-39278, CVE-2021-39279 impact: High homepage: https://www.moxa.com/ found: 2020-08-31 by: T. Weber (Office Vienna) SEC Consult Vulnerability Lab
An integrated part of SEC Consult, an Atos company
Europe | Asia | North America
https://www.sec-consult.com
=======================================================================
Vendor description:
"Together, We Create Change
Moxa is committed to making a positive impact around the world. We put our all behind this commitment--from our employees, to our products and supply chain.
In our local communities, we nurture and support the spirit of volunteering. We encourage our employees to contribute to community development, with an emphasis on ecology, education, and health.
In our products, we invest in social awareness programs and environment-friendly policies at every stage of the product lifecycle. We make sure our manufacturing meets the highest standards with regards to quality, ethics, and sustainability."
Source: https://www.moxa.com/en/about-us/corporate-responsibility
Business recommendation:
SEC Consult recommends to immediately apply the available patches from the vendor. A thorough security review should be performed by security professionals to identify further potential security issues.
Vulnerability overview/description:
1) Authenticated Command Injection (CVE-2021-39279) An authenticated command injection vulnerability can be triggered by issuing a GET request to the "/forms/web_importTFTP" CGI program which is available on the web interface. An attacker can abuse this vulnerability to compromise the operating system of the device. This issue was found by emulating the firmware of the device.
2) Reflected Cross-Site Scripting via Manipulated Config-File (CVE-2021-39278) Via a crafted config-file, a reflected cross-site scripting vulnerability can be exploited in the context of the victim's browser. This config-file can be uploaded to the device via the "Config Import Export" tab in the main menu.
3) Known GNU glibc Vulnerabilities (CVE-2015-0235) The used GNU glibc in version 2.9 is outdated and contains multiple known vulnerabilities. One of the discovered vulnerabilities (CVE-2015-0235, gethostbyname "GHOST" buffer overflow) was verified by using the MEDUSA scalable firmware runtime.
4) Multiple Outdated Software Components Multiple outdated software components containing vulnerabilities were found by the IoT Inspector.
The vulnerabilities 1), 2) and 3) were manually verified on an emulated device by using the MEDUSA scalable firmware runtime.
Proof of concept:
1) Authenticated Command Injection (CVE-2021-39279) The vulnerability can be triggered by navigating in the web interface to the tab:
"Main Menu"->"Maintenance"->"Config Import Export"
The "TFTP Import" menu is prone to command injection via all parameters. To exploit the vulnerability, an IP address, a configuration path and a filename must be set. If the filename is used to trigger the exploit, the payload in the interceptor proxy would be:
http://192.168.1.1/forms/web_importTFTP?servIP=192.168.1.1&configPath=/&fileName=name|ping localhost -c 100
2) Reflected Cross-Site Scripting via Manipulated Config-File (CVE-2021-39278) The vulnerability can be triggered by navigating in the web interface to the tab:
"Main Menu"->"Maintenance"->"Config Import Export"
The "Config Import" menu is prone to reflected cross-site scripting via the upload of config files. Example of malicious config file:
[board] deviceName="WAC-2004_0000alert(document.cookie)" deviceLocation="" [..]
Uploading such a crafted file triggers cross-site scripting as the erroneous value is displayed without filtering characters.
3) Known GNU glibc Vulnerabilities (CVE-2015-0235) GNU glibc version 2.9 contains multiple CVEs like: CVE-2016-1234, CVE-2015-7547, CVE-2013-7423, CVE-2013-1914, and more.
The gethostbyname buffer overflow vulnerability (GHOST) was checked with the help of the exploit code from https://seclists.org/oss-sec/2015/q1/274. It was compiled and executed on the emulated device to test the system.
4) Multiple Outdated Software Components The IoT Inspector recognized multiple outdated software components with known vulnerabilities:
BusyBox 1.18.5 06/2011 Dropbear SSH 2011.54 11/2011 GNU glibc 2.9 02/2009 Linux Kernel 2.6.27 10/2008 OpenSSL 0.9.7g 04/2005 Only found in the program "iw_director" OpenSSL 1.0.0 03/2010
Vulnerable / tested versions:
The following firmware versions for various devices have been identified to be vulnerable: * WAC-2004 / 1.7 * WAC-1001 / 2.1 * WAC-1001-T / 2.1 * OnCell G3470A-LTE-EU / 1.7 * OnCell G3470A-LTE-EU-T / 1.7 * TAP-323-EU-CT-T / 1.3 * TAP-323-US-CT-T / 1.3 * TAP-323-JP-CT-T / 1.3 * WDR-3124A-EU / 2.3 * WDR-3124A-EU-T / 2.3 * WDR-3124A-US / 2.3 * WDR-3124A-US-T / 2.3
Vendor contact timeline:
2020-10-09: Contacting vendor through moxa.csrt@moxa.com. 2020-10-12: Contact sends PGP key for encrypted communication and asks for the detailed advisory. Sent encrypted advisory to vendor. 2020-11-06: Status update from vendor regarding technical analysis. Vendor requested more time for fixing the vulnerabilities as more products are affected. 2020-11-09: Granted more time for fixing to vendor. 2020-11-10: Vendor asked for next steps regarding the advisory publication. 2020-11-11: Asked vendor for an estimation when a public disclosure is possible. 2020-11-16: Vendor responded that the product team can give a rough feedback. 2020-11-25: Asked for a status update. 2020-11-25: Vendor responded that the investigation is not done yet. 2020-12-14: Vendor provided a list of potential affected devices and stated that full investigation may take until January 2021 due to the list of CVEs that were provided with the appended IoT Inspector report. The patches may be available until June 2021. 2020-12-15: Shifted next status update round with vendor on May 2021. 2020-12-23: Vendor provided full list of affected devices. 2021-02-05: Vendor sieved out the found issues from 4) manually and provided a full list of confirmed vulnerabilities. WAC-2004 phased-out in 2019. 2021-02-21: Confirmed receive of vulnerabilities, next status update in May 2021. 2021-06-10: Asking for an update. 2021-06-15: Vendor stated, that the update will be provided in the next days. 2021-06-21: Vendor will give an update in the next week as Covid gets worse in Taiwan. 2021-06-23: Vendor stated, that patches are under development. Vendor needs more time to finish the patches. 2021-06-24: Set release date to 2021-09-01. 2021-07-02: Vendor provides status updates. 2021-08-16: Vendor provides status updates. 2021-08-17: Vendor asks for CVE IDs and stated, that WDR-3124A has phased-out. 2021-08-20: Sent assigned CVE-IDs to vendor. Asked for fixed version numbers. 2021-08-31: Vendor provides fixed firmware version numbers and the advisory links. 2021-09-01: Coordinated release of security advisory.
Solution:
According to the vendor the following patches must be applied to fix issues: * WAC-1001 / 2.1.5 * WAC-1001-T / 2.1.5 * OnCell G3470A-LTE-EU / 1.7.4 * OnCell G3470A-LTE-EU-T / 1.7.4 * TAP-323-EU-CT-T / 1.8.1 * TAP-323-US-CT-T / 1.8.1 * TAP-323-JP-CT-T / 1.8.1
The Moxa Technical Support must be contacted for requesting the security patches.
The corresponding security advisories for the affected devices are available on the vendor's website: TAP-323/WAC-1001/WAC-2004 https://www.moxa.com/en/support/product-support/security-advisory/tap-323-wac-1001-2004-wireless-ap-bridge-client-vulnerabilities OnCell G3470A-LTE/WDR-3124A https://www.moxa.com/en/support/product-support/security-advisory/oncell-g3470a-wdr-3124a-cellular-gateways-router-vulnerabilities
The following device models are EOL and should be replaced: * WAC-2004 * WDR-3124A-EU * WDR-3124A-EU-T * WDR-3124A-US * WDR-3124A-US-T
Workaround:
None.
Advisory URL:
https://sec-consult.com/vulnerability-lab/
SEC Consult Vulnerability Lab
SEC Consult, an Atos company
Europe | Asia | North America
About SEC Consult Vulnerability Lab
The SEC Consult Vulnerability Lab is an integrated part of SEC Consult, an
Atos company. It ensures the continued knowledge gain of SEC Consult in the
field of network and application security to stay ahead of the attacker. The
SEC Consult Vulnerability Lab supports high-quality penetration testing and
the evaluation of new offensive and defensive technologies for our customers.
Hence our customers obtain the most current information about vulnerabilities
and valid recommendation about the risk profile of new technologies.
Interested to work with the experts of SEC Consult? Send us your application https://sec-consult.com/career/
Interested in improving your cyber security with the experts of SEC Consult? Contact our local offices https://sec-consult.com/contact/ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Mail: research at sec-consult dot com Web: https://www.sec-consult.com Blog: http://blog.sec-consult.com Twitter: https://twitter.com/sec_consult
EOF Thomas Weber / @2021
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201501-0737",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "pureapplication system",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "1.1.0.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "7.0"
},
{
"model": "php",
"scope": "gte",
"trust": 1.0,
"vendor": "php",
"version": "5.5.0"
},
{
"model": "communications webrtc session controller",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "7.1"
},
{
"model": "php",
"scope": "lt",
"trust": 1.0,
"vendor": "php",
"version": "5.4.38"
},
{
"model": "virtualization",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "mac os x",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "10.11.1"
},
{
"model": "communications policy management",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "9.9.1"
},
{
"model": "vm virtualbox",
"scope": "lt",
"trust": 1.0,
"vendor": "oracle",
"version": "5.1.24"
},
{
"model": "communications policy management",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.1.1"
},
{
"model": "communications webrtc session controller",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "7.2"
},
{
"model": "glibc",
"scope": "lt",
"trust": 1.0,
"vendor": "gnu",
"version": "2.18"
},
{
"model": "communications user data repository",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "10.0.1"
},
{
"model": "exalogic infrastructure",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "1.0"
},
{
"model": "communications webrtc session controller",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "7.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "8.0"
},
{
"model": "communications eagle application processor",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "16.0"
},
{
"model": "communications session border controller",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "7.2.0"
},
{
"model": "php",
"scope": "lt",
"trust": 1.0,
"vendor": "php",
"version": "5.6.6"
},
{
"model": "communications eagle lnp application processor",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "10.0"
},
{
"model": "communications session border controller",
"scope": "lt",
"trust": 1.0,
"vendor": "oracle",
"version": "7.2.0"
},
{
"model": "php",
"scope": "lt",
"trust": 1.0,
"vendor": "php",
"version": "5.5.22"
},
{
"model": "communications policy management",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "11.5"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "5"
},
{
"model": "pureapplication system",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "1.0.0.0"
},
{
"model": "glibc",
"scope": "gte",
"trust": 1.0,
"vendor": "gnu",
"version": "2.0"
},
{
"model": "php",
"scope": "gte",
"trust": 1.0,
"vendor": "php",
"version": "5.4.0"
},
{
"model": "communications policy management",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "10.4.1"
},
{
"model": "communications policy management",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "9.7.3"
},
{
"model": "communications application session controller",
"scope": "lt",
"trust": 1.0,
"vendor": "oracle",
"version": "3.7.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "7"
},
{
"model": "pureapplication system",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "2.0.0.0"
},
{
"model": "communications lsms",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "13.1"
},
{
"model": "php",
"scope": "gte",
"trust": 1.0,
"vendor": "php",
"version": "5.6.0"
},
{
"model": "exalogic infrastructure",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "2.0"
},
{
"model": "communications user data repository",
"scope": "gte",
"trust": 1.0,
"vendor": "oracle",
"version": "10.0.0"
},
{
"model": "security access manager for enterprise single sign-on",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "8.2"
},
{
"model": "communications session border controller",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "8.0.0"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "arch linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "citrix",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netapp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opensuse",
"version": null
},
{
"model": "glibc",
"scope": "eq",
"trust": 0.6,
"vendor": "gnu",
"version": "2.15"
},
{
"model": "glibc",
"scope": "eq",
"trust": 0.6,
"vendor": "gnu",
"version": "2.16"
},
{
"model": "glibc",
"scope": "eq",
"trust": 0.6,
"vendor": "gnu",
"version": "2.13"
},
{
"model": "glibc",
"scope": "eq",
"trust": 0.6,
"vendor": "gnu",
"version": "2.12.1"
},
{
"model": "glibc",
"scope": "eq",
"trust": 0.6,
"vendor": "gnu",
"version": "2.14"
},
{
"model": "glibc",
"scope": "eq",
"trust": 0.6,
"vendor": "gnu",
"version": "2.14.1"
},
{
"model": "glibc",
"scope": "eq",
"trust": 0.6,
"vendor": "gnu",
"version": "2.12.2"
},
{
"model": "glibc",
"scope": "eq",
"trust": 0.6,
"vendor": "gnu",
"version": "2.11.2"
},
{
"model": "glibc",
"scope": "eq",
"trust": 0.6,
"vendor": "gnu",
"version": "2.17"
},
{
"model": "glibc",
"scope": "eq",
"trust": 0.6,
"vendor": "gnu",
"version": "2.12"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#967332"
},
{
"db": "CNNVD",
"id": "CNNVD-201501-658"
},
{
"db": "NVD",
"id": "CVE-2015-0235"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Qualys",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201501-658"
}
],
"trust": 0.6
},
"cve": "CVE-2015-0235",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2015-0235",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT DEFINED",
"baseScore": 10.0,
"collateralDamagePotential": "NOT DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT DEFINED",
"enviromentalScore": 5.9,
"exploitability": "PROOF-OF-CONCEPT",
"exploitabilityScore": 10.0,
"id": "CVE-2015-0235",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT DEFINED",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"remediationLevel": "OFFICIAL FIX",
"reportConfidence": "CONFIRMED",
"severity": "HIGH",
"targetDistribution": "MEDIUM",
"trust": 0.8,
"userInteractionRequired": null,
"vector_string": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-78181",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-0235",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2015-0235",
"trust": 0.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201501-658",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-78181",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#967332"
},
{
"db": "VULHUB",
"id": "VHN-78181"
},
{
"db": "CNNVD",
"id": "CNNVD-201501-658"
},
{
"db": "NVD",
"id": "CVE-2015-0235"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka \"GHOST.\". This vulnerability has been assigned CVE-2015-0235, and is referred to in the media by the name \"GHOST\". -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nAPPLE-SA-2015-10-21-4 OS X El Capitan 10.11.1 and Security Update\n2015-007\n\nOS X El Capitan 10.11.1 and Security Update 2015-007 are now\navailable and address the following:\n\nAccelerate Framework\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nand OS X El Capitan 10.11\nImpact: Visiting a maliciously crafted website may lead to arbitrary\ncode execution\nDescription: A memory corruption issue existed in the Accelerate\nFramework in multi-threading mode. This issue was addressed through\nimproved accessor element validation and improved object locking. \nCVE-ID\nCVE-2015-5940 : Apple\n\napache_mod_php\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nand OS X El Capitan 10.11\nImpact: Multiple vulnerabilities in PHP\nDescription: Multiple vulnerabilities existed in PHP versions prior\nto 5.5.29 and 5.4.45. These were addressed by updating PHP to\nversions 5.5.29 and 5.4.45. \nCVE-ID\nCVE-2015-0235\nCVE-2015-0273\nCVE-2015-6834\nCVE-2015-6835\nCVE-2015-6836\nCVE-2015-6837\nCVE-2015-6838\n\nATS\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nand OS X El Capitan 10.11\nImpact: Visiting a maliciously crafted webpage may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A memory corruption issue existed in ATS. This issue\nwas addressed through improved memory handling. \nCVE-ID\nCVE-2015-6985 : John Villamil (@day6reak), Yahoo Pentest Team\n\nAudio\nAvailable for: OS X El Capitan 10.11\nImpact: A malicious application may be able to execute arbitrary\ncode\nDescription: An uninitialized memory issue existed in coreaudiod. \nThis issue was addressed through improved memory initialization. \nCVE-ID\nCVE-2015-7003 : Mark Brand of Google Project Zero\n\nAudio\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nand OS X El Capitan 10.11\nImpact: Playing a malicious audio file may lead to arbitrary code\nexecution\nDescription: Multiple memory corruption issues existed in the\nhandling of audio files. These issues were addressed through improved\nmemory handling. \nCVE-ID\nCVE-2015-5933 : Apple\nCVE-2015-5934 : Apple\n\nBom\nAvailable for: OS X El Capitan 10.11\nImpact: Unpacking a maliciously crafted archive may lead to\narbitrary code execution\nDescription: A file traversal vulnerability existed in the handling\nof CPIO archives. This issue was addressed through improved\nvalidation of metadata. \nCVE-ID\nCVE-2015-7006 : Mark Dowd of Azimuth Security\n\nCFNetwork\nAvailable for: OS X El Capitan 10.11\nImpact: Visiting a maliciously crafted website may lead to cookies\nbeing overwritten\nDescription: A parsing issue existed when handling cookies with\ndifferent letter casing. This issue was addressed through improved\nparsing. \nCVE-ID\nCVE-2015-7023 : Marvin Scholz; Xiaofeng Zheng and Jinjin Liang of\nTsinghua University, Jian Jiang of University of California,\nBerkeley, Haixin Duan of Tsinghua University and International\nComputer Science Institute, Shuo Chen of Microsoft Research Redmond,\nTao Wan of Huawei Canada, Nicholas Weaver of International Computer\nScience Institute and University of California, Berkeley, coordinated\nvia CERT/CC\n\nconfigd\nAvailable for: OS X El Capitan 10.11\nImpact: A malicious application may be able to elevate privileges\nDescription: A heap based buffer overflow issue existed in the DNS\nclient library. A malicious application with the ability to spoof\nresponses from the local configd service may have been able to cause\narbitrary code execution in DNS clients. \nCVE-ID\nCVE-2015-7015 : PanguTeam\n\nCoreGraphics\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nand OS X El Capitan 10.11\nImpact: Visiting a maliciously crafted website may lead to arbitrary\ncode execution\nDescription: Multiple memory corruption issues existed in\nCoreGraphics. These issues were addressed through improved memory\nhandling. \nCVE-ID\nCVE-2015-5925 : Apple\nCVE-2015-5926 : Apple\n\nCoreText\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nand OS X El Capitan 10.11\nImpact: Processing a maliciously crafted font file may lead to\narbitrary code execution\nDescription: Multiple memory corruption issues existed in the\nhandling of font files. These issues were addressed through improved\nbounds checking. \nCVE-ID\nCVE-2015-6992 : John Villamil (@day6reak), Yahoo Pentest Team\n\nCoreText\nAvailable for: OS X Yosemite v10.10.5 and OS X El Capitan 10.11\nImpact: Processing a maliciously crafted font file may lead to\narbitrary code execution\nDescription: Multiple memory corruption issues existed in the\nhandling of font files. These issues were addressed through improved\nbounds checking. \nCVE-ID\nCVE-2015-6975 : John Villamil (@day6reak), Yahoo Pentest Team\n\nCoreText\nAvailable for: OS X El Capitan 10.11\nImpact: Processing a maliciously crafted font file may lead to\narbitrary code execution\nDescription: Multiple memory corruption issues existed in the\nhandling of font files. These issues were addressed through improved\nbounds checking. \nCVE-ID\nCVE-2015-7017 : John Villamil (@day6reak), Yahoo Pentest Team\n\nCoreText\nAvailable for: OS X Mavericks v10.9.5 and OS X Yosemite v10.10.5\nImpact: Processing a maliciously crafted font file may lead to\narbitrary code execution\nDescription: Multiple memory corruption issues existed in the\nhandling of font files. These issues were addressed through improved\nbounds checking. \nCVE-ID\nCVE-2015-5944 : John Villamil (@day6reak), Yahoo Pentest Team\n\nDisk Images\nAvailable for: OS X El Capitan 10.11\nImpact: A malicious application may be able to execute arbitrary\ncode with system privileges\nDescription: A memory corruption issue existed in the parsing of\ndisk images. This issue was addressed through improved memory\nhandling. \nCVE-ID\nCVE-2015-6995 : Ian Beer of Google Project Zero\n\nEFI\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nand OS X El Capitan 10.11\nImpact: An attacker can exercise unused EFI functions\nDescription: An issue existed with EFI argument handling. This was\naddressed by removing the affected functions. \nCVE-ID\nCVE-2015-7035 : Corey Kallenberg, Xeno Kovah, John Butterworth, and\nSam Cornwell of The MITRE Corporation, coordinated via CERT/CC\n\nFile Bookmark\nAvailable for: OS X El Capitan 10.11\nImpact: Browsing to a folder with malformed bookmarks may cause\nunexpected application termination\nDescription: An input validation issue existed in parsing bookmark\nmetadata. This issue was addressed through improved validation\nchecks. \nCVE-ID\nCVE-2015-6987 : Luca Todesco (@qwertyoruiop)\n\nFontParser\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nand OS X El Capitan 10.11\nImpact: Processing a maliciously crafted font file may lead to\narbitrary code execution\nDescription: Multiple memory corruption issues existed in the\nhandling of font files. These issues were addressed through improved\nbounds checking. \nCVE-ID\nCVE-2015-5927 : Apple\nCVE-2015-5942\nCVE-2015-6976 : John Villamil (@day6reak), Yahoo Pentest Team\nCVE-2015-6977 : John Villamil (@day6reak), Yahoo Pentest Team\nCVE-2015-6978 : Jaanus Kp, Clarified Security, working with HP\u0027s Zero\nDay Initiative\nCVE-2015-6991 : John Villamil (@day6reak), Yahoo Pentest Team\nCVE-2015-6993 : John Villamil (@day6reak), Yahoo Pentest Team\nCVE-2015-7009 : John Villamil (@day6reak), Yahoo Pentest Team\nCVE-2015-7010 : John Villamil (@day6reak), Yahoo Pentest Team\nCVE-2015-7018 : John Villamil (@day6reak), Yahoo Pentest Team\n\nFontParser\nAvailable for: OS X El Capitan 10.11\nImpact: Processing a maliciously crafted font file may lead to\narbitrary code execution\nDescription: Multiple memory corruption issues existed in the\nhandling of font files. These issues were addressed through improved\nbounds checking. \nCVE-ID\nCVE-2015-6990 : John Villamil (@day6reak), Yahoo Pentest Team\nCVE-2015-7008 : John Villamil (@day6reak), Yahoo Pentest Team\n\nGrand Central Dispatch\nAvailable for: OS X Yosemite v10.10.5 and OS X El Capitan 10.11\nImpact: Processing a maliciously crafted package may lead to\narbitrary code execution\nDescription: A memory corruption issue existed in the handling of\ndispatch calls. This issue was addressed through improved memory\nhandling. \nCVE-ID\nCVE-2015-6989 : Apple\n\nGraphics Drivers\nAvailable for: OS X El Capitan 10.11\nImpact: A local user may be able to cause unexpected system\ntermination or read kernel memory\nDescription: Multiple out of bounds read issues existed in the\nNVIDIA graphics driver. These issues were addressed through improved\nbounds checking. \nCVE-ID\nCVE-2015-7019 : Ian Beer of Google Project Zero\nCVE-2015-7020 : Moony Li of Trend Micro\n\nGraphics Drivers\nAvailable for: OS X El Capitan 10.11\nImpact: A local user may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue existed in the kernel. This\nissue was addressed through improved memory handling. \nCVE-ID\nCVE-2015-7021 : Moony Li of Trend Micro\n\nImageIO\nAvailable for: OS X Mavericks v10.9.5 and OS X Yosemite v10.10.5\nImpact: Processing a maliciously crafted image file may lead to\narbitrary code execution\nDescription: Multiple memory corruption issues existed in the\nparsing of image metadata. These issues were addressed through\nimproved metadata validation. \nCVE-ID\nCVE-2015-5935 : Apple\nCVE-2015-5938 : Apple\n\nImageIO\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nand OS X El Capitan 10.11\nImpact: Processing a maliciously crafted image file may lead to\narbitrary code execution\nDescription: Multiple memory corruption issues existed in the\nparsing of image metadata. These issues were addressed through\nimproved metadata validation. \nCVE-ID\nCVE-2015-5936 : Apple\nCVE-2015-5937 : Apple\nCVE-2015-5939 : Apple\n\nIOAcceleratorFamily\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nand OS X El Capitan 10.11\nImpact: A malicious application may be able to execute arbitrary\ncode with system privileges\nDescription: A memory corruption issue existed in\nIOAcceleratorFamily. This issue was addressed through improved memory\nhandling. \nCVE-ID\nCVE-2015-6996 : Ian Beer of Google Project Zero\n\nIOHIDFamily\nAvailable for: OS X El Capitan 10.11\nImpact: A malicious application may be able to execute arbitrary\ncode with kernel privileges\nDescription: A memory corruption issue existed in the kernel. This\nissue was addressed through improved memory handling. \nCVE-ID\nCVE-2015-6974 : Luca Todesco (@qwertyoruiop)\n\nKernel\nAvailable for: OS X Yosemite v10.10.5\nImpact: A local user may be able to execute arbitrary code with\nsystem privileges\nDescription: A type confusion issue existed in the validation of\nMach tasks. This issue was addressed through improved Mach task\nvalidation. \nCVE-ID\nCVE-2015-5932 : Luca Todesco (@qwertyoruiop), Filippo Bigarella\n\nKernel\nAvailable for: OS X El Capitan 10.11\nImpact: An attacker with a privileged network position may be able\nto execute arbitrary code\nDescription: An uninitialized memory issue existed in the kernel. \nThis issue was addressed through improved memory initialization. \nCVE-ID\nCVE-2015-6988 : The Brainy Code Scanner (m00nbsd)\n\nKernel\nAvailable for: OS X El Capitan 10.11\nImpact: A local application may be able to cause a denial of service\nDescription: An issue existed when reusing virtual memory. This\nissue was addressed through improved validation. \nCVE-ID\nCVE-2015-6994 : Mark Mentovai of Google Inc. \n\nlibarchive\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nand OS X El Capitan 10.11\nImpact: A malicious application may be able to overwrite arbitrary\nfiles\nDescription: An issue existed within the path validation logic for\nsymlinks. This issue was addressed through improved path\nsanitization. \nCVE-ID\nCVE-2015-6984 : Christopher Crone of Infinit, Jonathan Schleifer\n\nMCX Application Restrictions\nAvailable for: OS X Yosemite v10.10.5 and OS X El Capitan 10.11\nImpact: A developer-signed executable may acquire restricted\nentitlements\nDescription: An entitlement validation issue existed in Managed\nConfiguration. A developer-signed app could bypass restrictions on\nuse of restricted entitlements and elevate privileges. This issue was\naddressed through improved provisioning profile validation. \nCVE-ID\nCVE-2015-7016 : Apple\n\nNet-SNMP\nAvailable for: OS X El Capitan 10.11\nImpact: An attacker in a privileged network position may be able to\ncause a denial of service\nDescription: Multiple issues existed in netsnmp version 5.6. These\nissues were addressed by using patches affecting OS X from upstream. \nCVE-ID\nCVE-2012-6151\nCVE-2014-3565\n\nOpenGL\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nand OS X El Capitan 10.11\nImpact: Visiting a maliciously crafted website may lead to arbitrary\ncode execution\nDescription: A memory corruption issue existed in OpenGL. This issue\nwas addressed through improved memory handling. \nCVE-ID\nCVE-2015-5924 : Apple\n\nOpenSSH\nAvailable for: OS X El Capitan 10.11\nImpact: A local user may be able to conduct impersonation attacks\nDescription: A privilege separation issue existed in PAM support. \nThis issue was addressed with improved authorization checks. \nCVE-ID\nCVE-2015-6563 : Moritz Jodeit of Blue Frost Security GmbH\n\nSandbox\nAvailable for: OS X El Capitan 10.11\nImpact: A local user may be able to execute arbitrary code with\nkernel privileges\nDescription: An input validation issue existed when handling NVRAM\nparameters. This issue was addressed through improved validation. \nCVE-ID\nCVE-2015-5945 : Rich Trouton (@rtrouton), Howard Hughes Medical\nInstitute, Apple\n\nScript Editor\nAvailable for: OS X El Capitan 10.11\nImpact: An attacker may trick a user into running arbitrary\nAppleScript\nDescription: In some circumstances, Script Editor did not ask for\nuser confirmation before executing AppleScripts. This issue was\naddressed by prompting for user confirmation before executing\nAppleScripts. \nCVE-ID\nCVE-2015-7007 : Joe Vennix of Rapid7\n\nSecurity\nAvailable for: OS X El Capitan 10.11\nImpact: A malicious application may be able to overwrite arbitrary\nfiles\nDescription: A double free issue existed in the handling of\nAtomicBufferedFile descriptors. This issue was addressed through\nimproved validation of AtomicBufferedFile descriptors. \nCVE-ID\nCVE-2015-6983 : David Benjamin, Greg Kerr, Mark Mentovai and Sergey\nUlanov from the Chrome Team\n\nSecurityAgent\nAvailable for: OS X El Capitan 10.11\nImpact: A malicious application can programmatically control\nkeychain access prompts\nDescription: A method existed for applications to create synthetic\nclicks on keychain prompts. This was addressed by disabling synthetic\nclicks for keychain access windows. \nCVE-ID\nCVE-2015-5943\n\nInstallation note:\n\nOS X El Capitan v10.11.1 includes the security content of\nSafari 9.0.1: https://support.apple.com/kb/HT205377\n\nOS X El Capitan 10.11.1 and Security Update 2015-007 may be obtained\nfrom the Mac App Store or Apple\u0027s Software Downloads web site:\nhttp://www.apple.com/support/downloads/\n\nInformation will also be posted to the Apple Security Updates\nweb site: https://support.apple.com/kb/HT201222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n\n-----BEGIN PGP SIGNATURE-----\nComment: GPGTools - http://gpgtools.org\n\niQIcBAEBCAAGBQJWJuKsAAoJEBcWfLTuOo7t8e0P/igVHKDXeLNib2eEzbS2BMVV\nEe968BgEDw1xnHK8zzh3bbRNxxAUT9lwe8RuSYECfp8sUYySb51/VIWpmidewsqB\naz7mJ4Gohldppejc5tykHDoTYesQL7iySLn74PdxZfZXbtz2EGJK19cA6hIHcO5x\nZiMCbJzTaAOylKRQRRi3kMdNWEzxbtm90247vNx/zMSjs1bhGlQbJsCVDmX/Q9uH\nXja9aPCHDfaQueTw5idbXwT+Y/+I9ytBlL5JXVrjRUDYCtuewC4DNsQxZY0qcDyE\nA7/0G7iYW5vOECNhpoLA0+1MbdHxJXhwJtmIKX8zucYqe/Vr4j41oGey/HJW55ER\nUSJ2RBpMtGhDEolyvxz7FlSPYOIpp05mwMB0GWQWAmkWDAxnagkQm9xwKBMt4eq4\nCNdI0YaX0iPPWYIkI3HpZHdzuwbE5b053cw1hLKc0OVQBiqLUQxe3W5s64ZqTSe0\nwhlm9lt/9EUwyfXHEiXTYi/d+CF8+JthY4ieXRJ4mwz77udafmgA5Pbl71SqB8pE\n7TBByuCOFdou6JmdJPahLDxoGRA+i7Z+a8Myn4WtbemkjrO9iZ/VsdAdl/Db+7cz\nrEgSPjelEC5z5WxQspiuohxU1NkDnMgWm2Tnx+pFBOfZMheE4xnTfve3vqY+gQdN\n4GbuRXld4PbxeDdel0Nk\n=snJ4\n-----END PGP SIGNATURE-----\n. \n\n Please update or upgrade to one of the following versions or subsequent. \n\nReferences:\n\nCVE-2015-0235 - Buffer Errors (CWE-119)\nSSRT101906\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \n\nThe glibc updates are available for RHEL4, RHEL5, and RHEL6 at:\n\nhttps://access.redhat.com/security/cve/CVE-2015-0235\n\nWORKAROUND INSTRUCTIONS\n\nHP recommends following this information after applying the updates to\nprotect against potential risk for the specified HP IceWall products. \n\nHP IceWall SSO Dfw\n\nThe AGENT_PERMIT configuration parameter allows Dfw to restrict requests from\nthe Agent (another module) by using one of following methods: IP (IP\naddress), HOST(host name) and DOMAIN (domain name). \nIf possible, do not specify the \"IP\" value as the evaluation method in\nsetting AGENT_PERMIT. Instead, use \"HOST\" or \"DOMAIN\". \n\nNote: The HP IceWall product is only available in Japan. \n\nHISTORY\nVersion:1 (rev.1) - 2 February 2015 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/\ndocDisplay?docId=emr_na-c04589512\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c04589512\nVersion: 1\n\nHPSBGN03285 rev.1 - HP Business Service Manager Virtual Appliance, Multiple\n\nVulnerabilities\n\nNOTICE: The information in this Security Bulletin should be acted upon as\n\nsoon as possible. \n\nRelease Date: 2015-03-17\nLast Updated: 2015-03-17\n\n- -----------------------------------------------------------------------------\n\n- ---\n\nPotential Security Impact: Multiple vulnerabilities\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with these three\n\npackages. These vulnerabilities could be exploited to allow execution of\n\ncode. \n\nHP Operation Agent Virtual Appliance for monitoring VMware vSphere\n\nenvironments (OAVA)\nHP Virtualization Performance Viewer for monitoring VMware vSphere\n\nenvironments (vPV VA)\nHP Operations Manager i 10.00 Virtual (OMi VA)\n\nReferences:\n\nCVE-2015-0235 - Buffer Errors (CWE-119)\nCVE-2012-6657 - Permissions, Privileges, and Access Control (CWE-264)\nCVE-2014-3673 - Resource Management Errors (CWE-399)\nCVE-2014-3687 - Resource Management Errors (CWE-399)\nCVE-2014-3688 - Resource Management Errors (CWE-399)\nCVE-2014-5471 - Resource Management Errors (CWE-399)\nCVE-2014-5472 - Input Validation (CWE-20)\nCVE-2014-6410 - Resource Management Errors (CWE-399)\nCVE-2014-9322- Permissions, Privileges, and Access Control (CWE-264)\nSSRT101955\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP Operation Agent Virtual Appliance for monitoring VMware vSphere\n\nenvironments (OAVA) v11.14, v11.13, v11.12, v11.11\n\nHP Virtualization Performance Viewer for monitoring VMware vSphere\n\nenvironments (vPV VA) v2.10, v2.01, v2.0, v1.x\n\nHP Operations Manager i 10.00 Virtual (OMi VA) v10.00\n\nBACKGROUND\nFor a PGP signed version of this security bulletin please write to:\n\nsecurity-alert@hp.com\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2015-0235 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2012-6657 (AV:L/AC:L/Au:N/C:N/I:N/A:C) 4.9\nCVE-2014-3673 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8\nCVE-2014-3687 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8\nCVE-2014-3688 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2014-5471 (AV:L/AC:H/Au:N/C:N/I:N/A:C) 4.0\nCVE-2014-5472 (AV:L/AC:H/Au:N/C:N/I:N/A:C) 4.0\nCVE-2014-6410 (AV:L/AC:M/Au:N/C:N/I:N/A:C) 4.7\nCVE-2014-9322 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has provided the following information to mitigate the impact of these\n\nvulnerabilities. \n\nhttps://softwaresupport.hp.com/group/softwaresupport/search-\n\nresult/-/facetsearch/document/KM01411792\n\nHISTORY\nVersion:1 (rev.1) - 17 March 2015 Initial release\n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported\n\nproduct, send Email to: security-alert@hp.com\nIt is strongly recommended that security related information being\n\ncommunicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com\n Subject: get key\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletins\n\nvia Email:\nhttp://h30046.www3.hp.com/driverAlertProfile.php?\n\nregioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC\nOn the web page: ITRC security bulletins and patch sign-up\nUnder Step1: your ITRC security bulletins and patches\n - check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems\n - verify your operating system selections are checked and save. \n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php\nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile\n\nto update appropriate sections. \n\nTo review previously published Security Bulletins visit:\n\nhttp://www.itrc.hp.com/service/cki/secBullArchive.do\n\n* The Software Product Category that this Security Bulletin relates to is\n\nrepresented by the 5th and 6th characters of the Bulletin number in the\n\ntitle: GN = HP General SW\n MA = HP Management Agents\n MI = Misc. 3rd Party SW\n\nMP = HP MPE/iX\n NS = HP NonStop Servers\n OV = HP OpenVMS\n\nPI = HP Printing \u0026 Imaging\n ST = HP Storage SW\n TL = HP Trusted Linux\n\nTU = HP Tru64 UNIX\n UX = HP-UX\n VV = HP VirtualVault\n\nSystem management and security procedures must be reviewed frequently to\n\nmaintain system integrity. HP is continually reviewing and enhancing the\n\nsecurity features of software products to provide customers with current\n\nsecure solutions. \n\n\"HP is broadly distributing this Security Bulletin in order to bring to the\n\nattention of users of the affected HP products the important security\n\ninformation contained in this Bulletin. HP recommends that all users\n\ndetermine the applicability of this information to their individual\n\nsituations and take appropriate action. HP does not warrant that this\n\ninformation is necessarily accurate or complete for all user situations and,\n\nconsequently, HP will not be responsible for any damages resulting from\n\nuser\u0027s use or disregard of the information provided in this Bulletin. To the\n\nextent permitted by law, HP disclaims all warranties, either express or\n\nimplied, including the warranties of merchantability and fitness for a\n\nparticular purpose, title and non-infringement.\"\n\nCopyright 2015 Hewlett-Packard Development Company, L.P. \n\nHewlett-Packard Company shall not be liable for technical or editorial errors\n\nor omissions contained herein. The information provided is provided \"as is\"\n\nwithout warranty of any kind. To the extent permitted by law, neither HP or\n\nits affiliates, subcontractors or suppliers will be liable for incidental,\n\nspecial or consequential damages including downtime cost; lost profits;\n\ndamages relating to the procurement of substitute products or services; or\n\ndamages for loss of data, or software restoration. The information in this\n\ndocument is subject to change without notice. Hewlett-Packard Company and the\n\nnames of Hewlett-Packard products referenced herein are trademarks of\n\nHewlett-Packard Company in the United States and other countries. Other\n\nproduct and company names mentioned herein may be trademarks of their\n\nrespective owners. Content-Disposition: inline\n\n==========================================================================Ubuntu Security Notice USN-2485-1\nJanuary 27, 2015\n\neglibc vulnerability\n==========================================================================\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 12.04 LTS\n- Ubuntu 10.04 LTS\n\nSummary:\n\nThe GNU C Library could be made to crash or run programs. \n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 12.04 LTS:\n libc6 2.15-0ubuntu10.10\n\nUbuntu 10.04 LTS:\n libc6 2.11.1-0ubuntu7.20\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: glibc security update\nAdvisory ID: RHSA-2015:0101-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2015-0101.html\nIssue date: 2015-01-28\nCVE Names: CVE-2015-0235 \n=====================================================================\n\n1. Summary:\n\nUpdated glibc packages that fix one security issue are now available for\nRed Hat Enterprise Linux 4 Extended Life Cycle Support. \n\nRed Hat Product Security has rated this update as having Critical security\nimpact. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available from the CVE link in the\nReferences section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux AS (v. 4 ELS) - i386, ia64, x86_64\nRed Hat Enterprise Linux ES (v. 4 ELS) - i386, ia64, x86_64\n\n3. Description:\n\nThe glibc packages provide the standard C libraries (libc), POSIX thread\nlibraries (libpthread), standard math libraries (libm), and the Name\nServer Caching Daemon (nscd) used by multiple programs on the system. \nWithout these libraries, the Linux system cannot function correctly. (CVE-2015-0235)\n\nRed Hat would like to thank Qualys for reporting this issue. \n\nAll glibc users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1183461 - CVE-2015-0235 glibc: __nss_hostname_digits_dots() heap-based buffer overflow\n\n6. Package List:\n\nRed Hat Enterprise Linux AS (v. 4 ELS):\n\nSource:\nglibc-2.3.4-2.57.el4.2.src.rpm\n\ni386:\nglibc-2.3.4-2.57.el4.2.i386.rpm\nglibc-2.3.4-2.57.el4.2.i686.rpm\nglibc-common-2.3.4-2.57.el4.2.i386.rpm\nglibc-debuginfo-2.3.4-2.57.el4.2.i386.rpm\nglibc-debuginfo-2.3.4-2.57.el4.2.i686.rpm\nglibc-debuginfo-common-2.3.4-2.57.el4.2.i386.rpm\nglibc-devel-2.3.4-2.57.el4.2.i386.rpm\nglibc-headers-2.3.4-2.57.el4.2.i386.rpm\nglibc-profile-2.3.4-2.57.el4.2.i386.rpm\nglibc-utils-2.3.4-2.57.el4.2.i386.rpm\nnptl-devel-2.3.4-2.57.el4.2.i386.rpm\nnptl-devel-2.3.4-2.57.el4.2.i686.rpm\nnscd-2.3.4-2.57.el4.2.i386.rpm\n\nia64:\nglibc-2.3.4-2.57.el4.2.i686.rpm\nglibc-2.3.4-2.57.el4.2.ia64.rpm\nglibc-common-2.3.4-2.57.el4.2.ia64.rpm\nglibc-debuginfo-2.3.4-2.57.el4.2.i686.rpm\nglibc-debuginfo-2.3.4-2.57.el4.2.ia64.rpm\nglibc-debuginfo-common-2.3.4-2.57.el4.2.i386.rpm\nglibc-devel-2.3.4-2.57.el4.2.ia64.rpm\nglibc-headers-2.3.4-2.57.el4.2.ia64.rpm\nglibc-profile-2.3.4-2.57.el4.2.ia64.rpm\nglibc-utils-2.3.4-2.57.el4.2.ia64.rpm\nnptl-devel-2.3.4-2.57.el4.2.ia64.rpm\nnscd-2.3.4-2.57.el4.2.ia64.rpm\n\nx86_64:\nglibc-2.3.4-2.57.el4.2.i686.rpm\nglibc-2.3.4-2.57.el4.2.x86_64.rpm\nglibc-common-2.3.4-2.57.el4.2.x86_64.rpm\nglibc-debuginfo-2.3.4-2.57.el4.2.i386.rpm\nglibc-debuginfo-2.3.4-2.57.el4.2.i686.rpm\nglibc-debuginfo-2.3.4-2.57.el4.2.x86_64.rpm\nglibc-debuginfo-common-2.3.4-2.57.el4.2.i386.rpm\nglibc-devel-2.3.4-2.57.el4.2.i386.rpm\nglibc-devel-2.3.4-2.57.el4.2.x86_64.rpm\nglibc-headers-2.3.4-2.57.el4.2.x86_64.rpm\nglibc-profile-2.3.4-2.57.el4.2.x86_64.rpm\nglibc-utils-2.3.4-2.57.el4.2.x86_64.rpm\nnptl-devel-2.3.4-2.57.el4.2.x86_64.rpm\nnscd-2.3.4-2.57.el4.2.x86_64.rpm\n\nRed Hat Enterprise Linux ES (v. 4 ELS):\n\nSource:\nglibc-2.3.4-2.57.el4.2.src.rpm\n\ni386:\nglibc-2.3.4-2.57.el4.2.i386.rpm\nglibc-2.3.4-2.57.el4.2.i686.rpm\nglibc-common-2.3.4-2.57.el4.2.i386.rpm\nglibc-debuginfo-2.3.4-2.57.el4.2.i386.rpm\nglibc-debuginfo-2.3.4-2.57.el4.2.i686.rpm\nglibc-debuginfo-common-2.3.4-2.57.el4.2.i386.rpm\nglibc-devel-2.3.4-2.57.el4.2.i386.rpm\nglibc-headers-2.3.4-2.57.el4.2.i386.rpm\nglibc-profile-2.3.4-2.57.el4.2.i386.rpm\nglibc-utils-2.3.4-2.57.el4.2.i386.rpm\nnptl-devel-2.3.4-2.57.el4.2.i386.rpm\nnptl-devel-2.3.4-2.57.el4.2.i686.rpm\nnscd-2.3.4-2.57.el4.2.i386.rpm\n\nia64:\nglibc-debuginfo-common-2.3.4-2.57.el4.2.i386.rpm\n\nx86_64:\nglibc-2.3.4-2.57.el4.2.i686.rpm\nglibc-2.3.4-2.57.el4.2.x86_64.rpm\nglibc-common-2.3.4-2.57.el4.2.x86_64.rpm\nglibc-debuginfo-2.3.4-2.57.el4.2.i386.rpm\nglibc-debuginfo-2.3.4-2.57.el4.2.i686.rpm\nglibc-debuginfo-2.3.4-2.57.el4.2.x86_64.rpm\nglibc-debuginfo-common-2.3.4-2.57.el4.2.i386.rpm\nglibc-devel-2.3.4-2.57.el4.2.i386.rpm\nglibc-devel-2.3.4-2.57.el4.2.x86_64.rpm\nglibc-headers-2.3.4-2.57.el4.2.x86_64.rpm\nglibc-profile-2.3.4-2.57.el4.2.x86_64.rpm\nglibc-utils-2.3.4-2.57.el4.2.x86_64.rpm\nnptl-devel-2.3.4-2.57.el4.2.x86_64.rpm\nnscd-2.3.4-2.57.el4.2.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2015-0235\nhttps://access.redhat.com/security/updates/classification/#critical\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2015 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFUyRwbXlSAg2UNWIIRAnx8AJ94LYbxTEFIpPLiN/L5Wg+RHu8sewCfU4Gq\nq+5AuvegeRJa0LimEFiDjZE=\n=l1Y9\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201503-04\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: GNU C Library: Multiple vulnerabilities\n Date: March 08, 2015\n Bugs: #431218, #434408, #454862, #464634, #477330, #480734,\n #484646, #488084, #489234, #501196, #513090, #521930, #537990\n ID: 201503-04\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in GNU C Library, the worst\nof which allowing a local attacker to execute arbitrary code or cause a\nDenial of Service . \n\nBackground\n==========\n\nThe GNU C library is the standard C library used by Gentoo Linux\nsystems. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 sys-libs/glibc \u003c 2.19-r1 \u003e= 2.19-r1\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in the GNU C Library. \nPlease review the CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll glibc users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=sys-libs/glibc-2.19-r1\"\n\nReferences\n==========\n\n[ 1 ] CVE-2012-3404\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3404\n[ 2 ] CVE-2012-3405\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3405\n[ 3 ] CVE-2012-3406\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3406\n[ 4 ] CVE-2012-3480\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3480\n[ 5 ] CVE-2012-4412\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4412\n[ 6 ] CVE-2012-4424\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4424\n[ 7 ] CVE-2012-6656\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6656\n[ 8 ] CVE-2013-0242\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0242\n[ 9 ] CVE-2013-1914\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1914\n[ 10 ] CVE-2013-2207\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2207\n[ 11 ] CVE-2013-4237\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4237\n[ 12 ] CVE-2013-4332\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4332\n[ 13 ] CVE-2013-4458\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4458\n[ 14 ] CVE-2013-4788\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4788\n[ 15 ] CVE-2014-4043\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-4043\n[ 16 ] CVE-2015-0235\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0235\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201503-04.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2015 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. SEC Consult Vulnerability Lab Security Advisory \u003c 20210901-0 \u003e\n=======================================================================\n title: Multiple vulnerabilities\n product: see \"Vulnerable / tested versions\"\n vulnerable version: see \"Vulnerable / tested versions\"\n fixed version: see \"Solution\"\n CVE number: CVE-2021-39278, CVE-2021-39279\n impact: High\n homepage: https://www.moxa.com/\n found: 2020-08-31\n by: T. Weber (Office Vienna)\n SEC Consult Vulnerability Lab\n\n An integrated part of SEC Consult, an Atos company\n Europe | Asia | North America\n\n https://www.sec-consult.com\n\n=======================================================================\n\nVendor description:\n-------------------\n\"Together, We Create Change\n\nMoxa is committed to making a positive impact around the world. We put our all\nbehind this commitment--from our employees, to our products and supply chain. \n\nIn our local communities, we nurture and support the spirit of volunteering. \nWe encourage our employees to contribute to community development, with an\nemphasis on ecology, education, and health. \n\nIn our products, we invest in social awareness programs and\nenvironment-friendly policies at every stage of the product lifecycle. We make\nsure our manufacturing meets the highest standards with regards to quality,\nethics, and sustainability.\"\n\nSource: https://www.moxa.com/en/about-us/corporate-responsibility\n\nBusiness recommendation:\n------------------------\nSEC Consult recommends to immediately apply the available patches\nfrom the vendor. A thorough security review should be performed by\nsecurity professionals to identify further potential security issues. \n\n\nVulnerability overview/description:\n-----------------------------------\n1) Authenticated Command Injection (CVE-2021-39279)\nAn authenticated command injection vulnerability can be triggered by issuing a\nGET request to the \"/forms/web_importTFTP\" CGI program which is available on\nthe web interface. An attacker can abuse this vulnerability to compromise the\noperating system of the device. This issue was found by emulating the firmware\nof the device. \n\n2) Reflected Cross-Site Scripting via Manipulated Config-File (CVE-2021-39278)\nVia a crafted config-file, a reflected cross-site scripting vulnerability can\nbe exploited in the context of the victim\u0027s browser. This config-file can be\nuploaded to the device via the \"Config Import Export\" tab in the main menu. \n\n3) Known GNU glibc Vulnerabilities (CVE-2015-0235)\nThe used GNU glibc in version 2.9 is outdated and contains multiple known\nvulnerabilities. One of the discovered vulnerabilities (CVE-2015-0235,\ngethostbyname \"GHOST\" buffer overflow) was verified by using the MEDUSA\nscalable firmware runtime. \n\n4) Multiple Outdated Software Components\nMultiple outdated software components containing vulnerabilities were found by\nthe IoT Inspector. \n\nThe vulnerabilities 1), 2) and 3) were manually verified on an emulated device\nby using the MEDUSA scalable firmware runtime. \n\nProof of concept:\n-----------------\n1) Authenticated Command Injection (CVE-2021-39279)\nThe vulnerability can be triggered by navigating in the web interface to the\ntab:\n\n\"Main Menu\"-\u003e\"Maintenance\"-\u003e\"Config Import Export\"\n\nThe \"TFTP Import\" menu is prone to command injection via all parameters. To\nexploit the vulnerability, an IP address, a configuration path and a filename\nmust be set. \nIf the filename is used to trigger the exploit, the payload in the interceptor\nproxy would be:\n\nhttp://192.168.1.1/forms/web_importTFTP?servIP=192.168.1.1\u0026configPath=/\u0026fileName=name|`ping localhost -c 100`\n\n\n2) Reflected Cross-Site Scripting via Manipulated Config-File (CVE-2021-39278)\nThe vulnerability can be triggered by navigating in the web interface to the\ntab:\n\n\"Main Menu\"-\u003e\"Maintenance\"-\u003e\"Config Import Export\"\n\nThe \"Config Import\" menu is prone to reflected cross-site scripting via the\nupload of config files. Example of malicious config file:\n-------------------------------------------------------------------------------\n[board]\ndeviceName=\"WAC-2004_0000\u003c/span\u003e\u003cscript\u003ealert(document.cookie)\u003c/script\u003e\"\ndeviceLocation=\"\"\n[..]\n-------------------------------------------------------------------------------\nUploading such a crafted file triggers cross-site scripting as the erroneous\nvalue is displayed without filtering characters. \n\n\n3) Known GNU glibc Vulnerabilities (CVE-2015-0235)\nGNU glibc version 2.9 contains multiple CVEs like:\nCVE-2016-1234, CVE-2015-7547, CVE-2013-7423, CVE-2013-1914, and more. \n\nThe gethostbyname buffer overflow vulnerability (GHOST) was checked with the\nhelp of the exploit code from https://seclists.org/oss-sec/2015/q1/274. It was\ncompiled and executed on the emulated device to test the system. \n\n\n4) Multiple Outdated Software Components\nThe IoT Inspector recognized multiple outdated software components with known\nvulnerabilities:\n\nBusyBox 1.18.5 06/2011\nDropbear SSH 2011.54 11/2011\nGNU glibc 2.9 02/2009\nLinux Kernel 2.6.27 10/2008\nOpenSSL 0.9.7g 04/2005\nOnly found in the program \"iw_director\"\nOpenSSL 1.0.0 03/2010\n\n\nVulnerable / tested versions:\n-----------------------------\nThe following firmware versions for various devices have been identified\nto be vulnerable:\n* WAC-2004 / 1.7\n* WAC-1001 / 2.1\n* WAC-1001-T / 2.1\n* OnCell G3470A-LTE-EU / 1.7\n* OnCell G3470A-LTE-EU-T / 1.7\n* TAP-323-EU-CT-T / 1.3\n* TAP-323-US-CT-T / 1.3\n* TAP-323-JP-CT-T / 1.3\n* WDR-3124A-EU / 2.3\n* WDR-3124A-EU-T / 2.3\n* WDR-3124A-US / 2.3\n* WDR-3124A-US-T / 2.3\n\n\nVendor contact timeline:\n------------------------\n2020-10-09: Contacting vendor through moxa.csrt@moxa.com. \n2020-10-12: Contact sends PGP key for encrypted communication and asks for the\n detailed advisory. Sent encrypted advisory to vendor. \n2020-11-06: Status update from vendor regarding technical analysis. Vendor\n requested more time for fixing the vulnerabilities as more products\n are affected. \n2020-11-09: Granted more time for fixing to vendor. \n2020-11-10: Vendor asked for next steps regarding the advisory publication. \n2020-11-11: Asked vendor for an estimation when a public disclosure is possible. \n2020-11-16: Vendor responded that the product team can give a rough feedback. \n2020-11-25: Asked for a status update. \n2020-11-25: Vendor responded that the investigation is not done yet. \n2020-12-14: Vendor provided a list of potential affected devices and stated\n that full investigation may take until January 2021 due to the list\n of CVEs that were provided with the appended IoT Inspector report. \n The patches may be available until June 2021. \n2020-12-15: Shifted next status update round with vendor on May 2021. \n2020-12-23: Vendor provided full list of affected devices. \n2021-02-05: Vendor sieved out the found issues from 4) manually and provided a\n full list of confirmed vulnerabilities. WAC-2004 phased-out in\n 2019. \n2021-02-21: Confirmed receive of vulnerabilities, next status update in May\n 2021. \n2021-06-10: Asking for an update. \n2021-06-15: Vendor stated, that the update will be provided in the next days. \n2021-06-21: Vendor will give an update in the next week as Covid gets worse in\n Taiwan. \n2021-06-23: Vendor stated, that patches are under development. Vendor needs more\n time to finish the patches. \n2021-06-24: Set release date to 2021-09-01. \n2021-07-02: Vendor provides status updates. \n2021-08-16: Vendor provides status updates. \n2021-08-17: Vendor asks for CVE IDs and stated, that WDR-3124A has phased-out. \n2021-08-20: Sent assigned CVE-IDs to vendor. Asked for fixed version numbers. \n2021-08-31: Vendor provides fixed firmware version numbers and the advisory\n links. \n2021-09-01: Coordinated release of security advisory. \n\nSolution:\n---------\nAccording to the vendor the following patches must be applied to fix issues:\n* WAC-1001 / 2.1.5\n* WAC-1001-T / 2.1.5\n* OnCell G3470A-LTE-EU / 1.7.4\n* OnCell G3470A-LTE-EU-T / 1.7.4\n* TAP-323-EU-CT-T / 1.8.1\n* TAP-323-US-CT-T / 1.8.1\n* TAP-323-JP-CT-T / 1.8.1\n\nThe Moxa Technical Support must be contacted for requesting the security\npatches. \n\nThe corresponding security advisories for the affected devices are available on\nthe vendor\u0027s website:\nTAP-323/WAC-1001/WAC-2004\nhttps://www.moxa.com/en/support/product-support/security-advisory/tap-323-wac-1001-2004-wireless-ap-bridge-client-vulnerabilities\nOnCell G3470A-LTE/WDR-3124A\nhttps://www.moxa.com/en/support/product-support/security-advisory/oncell-g3470a-wdr-3124a-cellular-gateways-router-vulnerabilities\n\nThe following device models are EOL and should be replaced:\n* WAC-2004\n* WDR-3124A-EU\n* WDR-3124A-EU-T\n* WDR-3124A-US\n* WDR-3124A-US-T\n\n\nWorkaround:\n-----------\nNone. \n\n\nAdvisory URL:\n-------------\nhttps://sec-consult.com/vulnerability-lab/\n\n\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n\nSEC Consult Vulnerability Lab\n\nSEC Consult, an Atos company\nEurope | Asia | North America\n\nAbout SEC Consult Vulnerability Lab\nThe SEC Consult Vulnerability Lab is an integrated part of SEC Consult, an\nAtos company. It ensures the continued knowledge gain of SEC Consult in the\nfield of network and application security to stay ahead of the attacker. The\nSEC Consult Vulnerability Lab supports high-quality penetration testing and\nthe evaluation of new offensive and defensive technologies for our customers. \nHence our customers obtain the most current information about vulnerabilities\nand valid recommendation about the risk profile of new technologies. \n\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\nInterested to work with the experts of SEC Consult?\nSend us your application https://sec-consult.com/career/\n\nInterested in improving your cyber security with the experts of SEC Consult?\nContact our local offices https://sec-consult.com/contact/\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n\nMail: research at sec-consult dot com\nWeb: https://www.sec-consult.com\nBlog: http://blog.sec-consult.com\nTwitter: https://twitter.com/sec_consult\n\nEOF Thomas Weber / @2021\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-0235"
},
{
"db": "CERT/CC",
"id": "VU#967332"
},
{
"db": "VULHUB",
"id": "VHN-78181"
},
{
"db": "PACKETSTORM",
"id": "134055"
},
{
"db": "PACKETSTORM",
"id": "134196"
},
{
"db": "PACKETSTORM",
"id": "130216"
},
{
"db": "PACKETSTORM",
"id": "131015"
},
{
"db": "PACKETSTORM",
"id": "130099"
},
{
"db": "PACKETSTORM",
"id": "130135"
},
{
"db": "PACKETSTORM",
"id": "130702"
},
{
"db": "PACKETSTORM",
"id": "164014"
}
],
"trust": 2.43
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.kb.cert.org/vuls/id/967332",
"trust": 0.8,
"type": "poc"
},
{
"reference": "https://www.scap.org.cn/vuln/vhn-78181",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#967332"
},
{
"db": "VULHUB",
"id": "VHN-78181"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-0235",
"trust": 3.3
},
{
"db": "PACKETSTORM",
"id": "164014",
"trust": 1.8
},
{
"db": "BID",
"id": "91787",
"trust": 1.7
},
{
"db": "BID",
"id": "72325",
"trust": 1.7
},
{
"db": "PACKETSTORM",
"id": "167552",
"trust": 1.7
},
{
"db": "PACKETSTORM",
"id": "130974",
"trust": 1.7
},
{
"db": "PACKETSTORM",
"id": "153278",
"trust": 1.7
},
{
"db": "PACKETSTORM",
"id": "130768",
"trust": 1.7
},
{
"db": "PACKETSTORM",
"id": "130171",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "62883",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "62690",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "62871",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "62680",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "62517",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "62640",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "62715",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "62812",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "62667",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "62879",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "62813",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "62698",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "62681",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "62692",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "62758",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "62870",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "62816",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "62691",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "62688",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "62865",
"trust": 1.7
},
{
"db": "JUNIPER",
"id": "JSA10671",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1032909",
"trust": 1.7
},
{
"db": "MCAFEE",
"id": "SB10100",
"trust": 1.7
},
{
"db": "SIEMENS",
"id": "SSA-994726",
"trust": 1.7
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2021/05/04/7",
"trust": 1.7
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2015/01/27/9",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#967332",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201501-658",
"trust": 0.7
},
{
"db": "CXSECURITY",
"id": "WLB-2022060049",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "134196",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "130216",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "130135",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "130099",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "131867",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130115",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "131214",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130100",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130134",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130114",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130163",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130333",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "36421",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "35951",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-89237",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-78181",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "134055",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "131015",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130702",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#967332"
},
{
"db": "VULHUB",
"id": "VHN-78181"
},
{
"db": "PACKETSTORM",
"id": "134055"
},
{
"db": "PACKETSTORM",
"id": "134196"
},
{
"db": "PACKETSTORM",
"id": "130216"
},
{
"db": "PACKETSTORM",
"id": "131015"
},
{
"db": "PACKETSTORM",
"id": "130099"
},
{
"db": "PACKETSTORM",
"id": "130135"
},
{
"db": "PACKETSTORM",
"id": "130702"
},
{
"db": "PACKETSTORM",
"id": "164014"
},
{
"db": "CNNVD",
"id": "CNNVD-201501-658"
},
{
"db": "NVD",
"id": "CVE-2015-0235"
}
]
},
"id": "VAR-201501-0737",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-78181"
}
],
"trust": 0.01
},
"last_update_date": "2025-12-22T22:06:30.112000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "glibc-2.18",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=53554"
},
{
"title": "glibc-2.18",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=53556"
},
{
"title": "glibc-2.18",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=53555"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201501-658"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.1
},
{
"problemtype": "CWE-119",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-78181"
},
{
"db": "NVD",
"id": "CVE-2015-0235"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://www.qualys.com/research/security-advisories/ghost-cve-2015-0235.txt"
},
{
"trust": 2.3,
"url": "http://www.debian.org/security/2015/dsa-3142"
},
{
"trust": 2.3,
"url": "http://packetstormsecurity.com/files/130171/exim-esmtp-ghost-denial-of-service.html"
},
{
"trust": 2.3,
"url": "http://packetstormsecurity.com/files/130768/emc-secure-remote-services-ghost-sql-injection-command-injection.html"
},
{
"trust": 2.3,
"url": "http://packetstormsecurity.com/files/130974/exim-ghost-glibc-gethostbyname-buffer-overflow.html"
},
{
"trust": 2.3,
"url": "http://packetstormsecurity.com/files/153278/wago-852-industrial-managed-switch-series-code-execution-hardcoded-credentials.html"
},
{
"trust": 2.3,
"url": "http://packetstormsecurity.com/files/164014/moxa-command-injection-cross-site-scripting-vulnerable-software.html"
},
{
"trust": 2.3,
"url": "http://packetstormsecurity.com/files/167552/nexans-ftto-gigaswitch-outdated-components-hardcoded-backdoor.html"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2015/jun/msg00002.html"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2015/sep/msg00008.html"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2015/oct/msg00005.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/72325"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/91787"
},
{
"trust": 1.7,
"url": "http://seclists.org/oss-sec/2015/q1/269"
},
{
"trust": 1.7,
"url": "http://seclists.org/oss-sec/2015/q1/274"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/534845/100/0/threaded"
},
{
"trust": 1.7,
"url": "https://seclists.org/bugtraq/2019/jun/14"
},
{
"trust": 1.7,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20150128-ghost"
},
{
"trust": 1.7,
"url": "http://blogs.sophos.com/2015/01/29/sophos-products-and-the-ghost-vulnerability-affecting-linux/"
},
{
"trust": 1.7,
"url": "http://linux.oracle.com/errata/elsa-2015-0090.html"
},
{
"trust": 1.7,
"url": "http://linux.oracle.com/errata/elsa-2015-0092.html"
},
{
"trust": 1.7,
"url": "http://support.apple.com/kb/ht204942"
},
{
"trust": 1.7,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21695695"
},
{
"trust": 1.7,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21695774"
},
{
"trust": 1.7,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21695835"
},
{
"trust": 1.7,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21695860"
},
{
"trust": 1.7,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696131"
},
{
"trust": 1.7,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696243"
},
{
"trust": 1.7,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696526"
},
{
"trust": 1.7,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696600"
},
{
"trust": 1.7,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696602"
},
{
"trust": 1.7,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696618"
},
{
"trust": 1.7,
"url": "http://www.idirect.net/partners/~/media/files/cve/idirect-posted-common-vulnerabilities-and-exposures.pdf"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"trust": 1.7,
"url": "http://www.websense.com/support/article/kbarticle/vulnerabilities-resolved-in-triton-apx-version-8-0"
},
{
"trust": 1.7,
"url": "https://bto.bluecoat.com/security-advisory/sa90"
},
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-994726.pdf"
},
{
"trust": 1.7,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04874668"
},
{
"trust": 1.7,
"url": "https://help.ecostruxureit.com/display/public/uadco8x/struxureware+data+center+operation+software+vulnerability+fixes"
},
{
"trust": 1.7,
"url": "https://security.netapp.com/advisory/ntap-20150127-0001/"
},
{
"trust": 1.7,
"url": "https://support.apple.com/ht205267"
},
{
"trust": 1.7,
"url": "https://support.apple.com/ht205375"
},
{
"trust": 1.7,
"url": "https://www.f-secure.com/en/web/labs_global/fsc-2015-1"
},
{
"trust": 1.7,
"url": "https://www.sophos.com/en-us/support/knowledgebase/121879.aspx"
},
{
"trust": 1.7,
"url": "http://seclists.org/fulldisclosure/2015/jan/111"
},
{
"trust": 1.7,
"url": "http://seclists.org/fulldisclosure/2019/jun/18"
},
{
"trust": 1.7,
"url": "http://seclists.org/fulldisclosure/2021/sep/0"
},
{
"trust": 1.7,
"url": "http://seclists.org/fulldisclosure/2022/jun/36"
},
{
"trust": 1.7,
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"trust": 1.7,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2015:039"
},
{
"trust": 1.7,
"url": "https://community.qualys.com/blogs/laws-of-vulnerabilities/2015/01/27/the-ghost-vulnerability"
},
{
"trust": 1.7,
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1053-security-advisory-9"
},
{
"trust": 1.7,
"url": "http://www.openwall.com/lists/oss-security/2021/05/04/7"
},
{
"trust": 1.7,
"url": "http://rhn.redhat.com/errata/rhsa-2015-0126.html"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1032909"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/62517"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/62640"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/62667"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/62680"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/62681"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/62688"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/62690"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/62691"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/62692"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/62698"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/62715"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/62758"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/62812"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/62813"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/62816"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/62865"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/62870"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/62871"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/62879"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/62883"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=142781412222323\u0026w=2"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=142722450701342\u0026w=2"
},
{
"trust": 1.6,
"url": "https://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10671"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=143145428124857\u0026w=2"
},
{
"trust": 1.6,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10100"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=142296726407499\u0026w=2"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=142721102728110\u0026w=2"
},
{
"trust": 0.8,
"url": "http://www.openwall.com/lists/oss-security/2015/01/27/9"
},
{
"trust": 0.8,
"url": "https://security-tracker.debian.org/tracker/cve-2015-0235"
},
{
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2015-0099.html"
},
{
"trust": 0.8,
"url": "http://lists.suse.com/pipermail/sle-security-updates/2015-january/001186.html"
},
{
"trust": 0.8,
"url": "http://www.slackware.com/security/list.php?l=slackware-security\u0026y=2015"
},
{
"trust": 0.8,
"url": "https://wiki.ubuntu.com/securityteam/knowledgebase/ghost"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0235"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/issue/wlb-2022060049"
},
{
"trust": 0.2,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2015-0235"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1914"
},
{
"trust": 0.1,
"url": "https://kb.juniper.net/infocenter/index?page=content\u0026amp;id=jsa10671"
},
{
"trust": 0.1,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026amp;id=sb10100"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142296726407499\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142781412222323\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142722450701342\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=142721102728110\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=143145428124857\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5925"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5936"
},
{
"trust": 0.1,
"url": "https://support.apple.com/kb/ht201222"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-6836"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5943"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5924"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5945"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-6834"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5935"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5944"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5942"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3565"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-6837"
},
{
"trust": 0.1,
"url": "http://www.apple.com/support/downloads/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5940"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5927"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5933"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5939"
},
{
"trust": 0.1,
"url": "https://support.apple.com/kb/ht205377"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5934"
},
{
"trust": 0.1,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-6835"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-6838"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-6563"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-6151"
},
{
"trust": 0.1,
"url": "http://gpgtools.org"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5938"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-6974"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0273"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5926"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5937"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5932"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_n"
},
{
"trust": 0.1,
"url": "http://www.hpe.com/support/security_bulletin_archive"
},
{
"trust": 0.1,
"url": "https://h10145.www1.hpe.com/sso/index.aspx?returnurl=..%2fdownloads%2fdow"
},
{
"trust": 0.1,
"url": "http://www.hpe.com/support/subscriber_choice"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
},
{
"trust": 0.1,
"url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-6657"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3687"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3688"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-9322"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-5472"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3673"
},
{
"trust": 0.1,
"url": "https://softwaresupport.hp.com/group/softwaresupport/search-"
},
{
"trust": 0.1,
"url": "http://h30046.www3.hp.com/subsignin.php"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-6410"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-5471"
},
{
"trust": 0.1,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?"
},
{
"trust": 0.1,
"url": "http://www.ubuntu.com/usn/usn-2485-1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/eglibc/2.11.1-0ubuntu7.20"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/eglibc/2.15-0ubuntu10.10"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2015-0101.html"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-3405"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-4458"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-4332"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-3406"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-4458"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-4788"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-4237"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-6656"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2207"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0242"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201503-04.xml"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-4237"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4412"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-3404"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-4332"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-4788"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4424"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0235"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3406"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1914"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3405"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-6656"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-3480"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2207"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4043"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-4043"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0242"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3404"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4412"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3480"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4424"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-39278"
},
{
"trust": 0.1,
"url": "https://www.moxa.com/en/support/product-support/security-advisory/oncell-g3470a-wdr-3124a-cellular-gateways-router-vulnerabilities"
},
{
"trust": 0.1,
"url": "https://www.moxa.com/en/about-us/corporate-responsibility"
},
{
"trust": 0.1,
"url": "https://seclists.org/oss-sec/2015/q1/274."
},
{
"trust": 0.1,
"url": "https://sec-consult.com/contact/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-7423"
},
{
"trust": 0.1,
"url": "https://www.sec-consult.com"
},
{
"trust": 0.1,
"url": "https://sec-consult.com/vulnerability-lab/"
},
{
"trust": 0.1,
"url": "https://twitter.com/sec_consult"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1234"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7547"
},
{
"trust": 0.1,
"url": "https://www.moxa.com/en/support/product-support/security-advisory/tap-323-wac-1001-2004-wireless-ap-bridge-client-vulnerabilities"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-39279"
},
{
"trust": 0.1,
"url": "http://blog.sec-consult.com"
},
{
"trust": 0.1,
"url": "https://www.moxa.com/"
},
{
"trust": 0.1,
"url": "https://sec-consult.com/career/"
},
{
"trust": 0.1,
"url": "http://192.168.1.1/forms/web_importtftp?servip=192.168.1.1\u0026configpath=/\u0026filename=name|`ping"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#967332"
},
{
"db": "VULHUB",
"id": "VHN-78181"
},
{
"db": "PACKETSTORM",
"id": "134055"
},
{
"db": "PACKETSTORM",
"id": "134196"
},
{
"db": "PACKETSTORM",
"id": "130216"
},
{
"db": "PACKETSTORM",
"id": "131015"
},
{
"db": "PACKETSTORM",
"id": "130099"
},
{
"db": "PACKETSTORM",
"id": "130135"
},
{
"db": "PACKETSTORM",
"id": "130702"
},
{
"db": "PACKETSTORM",
"id": "164014"
},
{
"db": "CNNVD",
"id": "CNNVD-201501-658"
},
{
"db": "NVD",
"id": "CVE-2015-0235"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#967332"
},
{
"db": "VULHUB",
"id": "VHN-78181"
},
{
"db": "PACKETSTORM",
"id": "134055"
},
{
"db": "PACKETSTORM",
"id": "134196"
},
{
"db": "PACKETSTORM",
"id": "130216"
},
{
"db": "PACKETSTORM",
"id": "131015"
},
{
"db": "PACKETSTORM",
"id": "130099"
},
{
"db": "PACKETSTORM",
"id": "130135"
},
{
"db": "PACKETSTORM",
"id": "130702"
},
{
"db": "PACKETSTORM",
"id": "164014"
},
{
"db": "CNNVD",
"id": "CNNVD-201501-658"
},
{
"db": "NVD",
"id": "CVE-2015-0235"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-01-28T00:00:00",
"db": "CERT/CC",
"id": "VU#967332"
},
{
"date": "2015-01-28T00:00:00",
"db": "VULHUB",
"id": "VHN-78181"
},
{
"date": "2015-10-21T19:32:22",
"db": "PACKETSTORM",
"id": "134055"
},
{
"date": "2015-11-03T16:53:42",
"db": "PACKETSTORM",
"id": "134196"
},
{
"date": "2015-02-03T16:49:41",
"db": "PACKETSTORM",
"id": "130216"
},
{
"date": "2015-03-25T00:42:48",
"db": "PACKETSTORM",
"id": "131015"
},
{
"date": "2015-01-27T18:04:39",
"db": "PACKETSTORM",
"id": "130099"
},
{
"date": "2015-01-29T06:05:51",
"db": "PACKETSTORM",
"id": "130135"
},
{
"date": "2015-03-09T20:15:21",
"db": "PACKETSTORM",
"id": "130702"
},
{
"date": "2021-09-01T15:42:52",
"db": "PACKETSTORM",
"id": "164014"
},
{
"date": "2015-01-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201501-658"
},
{
"date": "2015-01-28T19:59:00.063000",
"db": "NVD",
"id": "CVE-2015-0235"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-22T00:00:00",
"db": "CERT/CC",
"id": "VU#967332"
},
{
"date": "2021-11-17T00:00:00",
"db": "VULHUB",
"id": "VHN-78181"
},
{
"date": "2022-06-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201501-658"
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2015-0235"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "130135"
},
{
"db": "CNNVD",
"id": "CNNVD-201501-658"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "GNU C Library (glibc) __nss_hostname_digits_dots() function vulnerable to buffer overflow",
"sources": [
{
"db": "CERT/CC",
"id": "VU#967332"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201501-658"
}
],
"trust": 0.6
}
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.