Home page logo
/
oss-sec logo
Open Source Security Mailing List

Discussion of security flaws, concepts, and practices in the Open Source community

List Archives

Jan–MarApr–JunJul–SepOct–Dec
2014714711631
2013777648688583
2012815578591549
2011640738550591
2010291376465383
2009250264272304
2008206390402358

Latest Posts

Re: CVE request: [CIFS] Possible null ptr deref in SMB2_tcon P J P (Sep 22)
Hello Raphael,

+-- On Wed, 17 Sep 2014, Raphael Geissert wrote --+
| Commit 18f39e7b[1] of the linux kernel repository fixes a remote null
| pointer dereference on the client when it resolves DFS referrals but
| the server deletes the IPC$ share.

IIUC, this would occur while mounting a remote share, right? mount(2) would
be a privileged operation on the client.

Thank you.

Re: CVE request: [CIFS] Possible null ptr deref in SMB2_tcon / Linux kernel cve-assign (Sep 22)
Use CVE-2014-7145.

Re: CVE request for vulnerability in OpenStack keystonemiddleware cve-assign (Sep 22)
Use CVE-2014-7144.

Re: Twisted Security Issue cve-assign (Sep 22)
Use CVE-2014-7143.

Re: CVE-Request: squid pinger remote DoS cve-assign (Sep 22)
As far as we can tell, CVE IDs are required for cases #1 and #3:

Use CVE-2014-7141.

Use CVE-2014-7142.

python-requests: CVE-2014-1829, CVE-2014-1830: password disclosure on redirect Jakub Wilk (Sep 19)
FYI: a while ago python-requests 2.3.0 was released, with the following
bugfix:

* No longer expose Authorization or Proxy-Authorization headers on
redirect. Fix CVE-2014-1829 and CVE-2014-1830 respectively.

References:
https://bugs.debian.org/733108
https://github.com/kennethreitz/requests/issues/1885
https://bugzilla.redhat.com/show_bug.cgi?id=1046626

Re: Confusion around gksu & CVE-2014-2943 cve-assign (Sep 18)
The right CVE for the gksu bug is CVE-2014-2886.

(The right CVE for the Cobham Aviator PIN algorithm issue, also
formerly known as CVE-2014-2943, is now CVE-2014-2942. The MITRE
CVE web site and NVD web site will have these changes in the
coming days. The entry currently at
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2943
will be replaced with an explanation of the two correct CVE IDs.)

Re: Re: [CVE Requests] rsync and librsync collisions Michael Samuel (Sep 18)
Ok, for rsync you can download colliding blocks (and a brief description) here:

https://github.com/therealmik/rsync-collision

I don't get the feeling that this will be fixed upstream, but a simple
fix would be
to incorporate libdetectcoll from Marc Stevens into rsync, and when a collision
attempt is detected to simply send a data block.

A longer-term would be to just replace MD5 with a collision-resistant hash
function - blake2 is a good...

CVE ID Syntax Change - Deadline Approaching Christey, Steven M. (Sep 17)
As we approach the end of 2014, CVE identifiers are getting closer and
closer to the magic CVE-2014-9999 mark, which means that MITRE will be
issuing a 5-digit CVE ID within a matter of months, in accordance with
the new syntax that was selected in 2013 (basically using 5, 6, or
even more digits as needed). Some people are still unaware that this
change has happened or have been slow to implement it.

Once a CVE identifier is issued using the...

Twisted Security Issue Alex Gaynor (Sep 17)
Hello all,

The twisted security project has identified, fixed, and released a
release fixing a security issue, I would like a CVE assigned:

Title: trustRoot not respected in HTTP client
Reporter: Alex Gaynor and David Reid (Rackspace)
Products: Twisted (14.0 only).
Description:
When specifying the trustRoot (CA store) for the HTTP client, Twisted
did not respect the user's specification, and always used the default
of the platform trust....

CVE request for vulnerability in OpenStack keystonemiddleware Grant Murphy (Sep 17)
A vulnerability was discovered in OpenStack (see below). In order to
ensure full traceability, we need a CVE number assigned that we can
attach to further notifications. This issue is already public, although an
advisory was not sent yet.

Title: TLS cert verification option not honoured in paste configs
Reporter: Qin Zhao (IBM)
Products: keystonemiddleware, python-keystoneclient
Versions: versions up to 1.1.1 (keystonemiddleware), versions up to...

CVE request: [CIFS] Possible null ptr deref in SMB2_tcon Raphael Geissert (Sep 17)
Hi,

Commit 18f39e7b[1] of the linux kernel repository fixes a remote null
pointer dereference on the client when it resolves DFS referrals but
the server deletes the IPC$ share. The commit has already been merged
for the 3.16, 3.14, and 3.10 branches.

Could a CVE id be assigned please?

Thanks in advance.

[1]https://github.com/torvalds/linux/commit/18f39e7be0121317550d03e267e3ebd4dbfbb3ce

Cheers,

Duplicate Request: CVE-2013-4444 as a duplicate of CVE-2013-2185 Arun Babu Neelicattu (Sep 17)
Recently Apache Tomcat issued an advisory [1] for CVE-2013-4444 [2]. However, this flaw was reported to the Apache
Tomcat Security team last year. We were instructed that Apache Tomcat team did not consider this a vulnerability. Red
Hat Product Security handled this issue as CVE-2013-2185 [3] in our affected products.

We request that CVE-2013-4444 be marked as a duplicate of CVE-2013-2185.

-arun

[1]...

[OSSA 2014-029] Configuration option leak through Keystone catalog (CVE-2014-3621) Tristan Cacqueray (Sep 16)
OpenStack Security Advisory: 2014-029
CVE: CVE-2014-3621
Date: September 16, 2014

Title: Configuration option leak through Keystone catalog
Reporter: Brant Knudson (IBM)
Products: Keystone
Versions: up to 2013.2.3 and 2014.1 versions up to 2014.1.2.1

Description:
Brant Knudson from IBM reported a vulnerability in Keystone catalog url
replacement. By creating a malicious endpoint a privileged user may
reveal configuration options resulting in...

CVE-2014-3635 to 3639: security issues in D-Bus < 1.8.8 Simon McVittie (Sep 16)
D-Bus <http://www.freedesktop.org/wiki/Software/dbus/> is an
asynchronous inter-process communication system, commonly used
for system services or within a desktop session on Linux and other
operating systems.

Alban Crequy and Simon McVittie at Collabora Ltd. discovered and fixed
several security flaws in the reference implementation of
dbus-daemon, the D-Bus message bus daemon. fd.o #83622 is a heap
overflow and could potentially be...

More Lists

Dozens of other network security lists are archived at SecLists.Org.


[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault