• Support
  • Forums
  • Blogs

Security Advisory, AlienVault v4.14 addresses (9) vulnerabilities

LBarracoLBarraco

AlienVault Employee
+19
Several vulnerabilities were discovered in the underlying OS packages in AlienVault v4.13 and lower. These vulnerabilities have been confirmed and fixed in the AlienVault v4.14. AlienVault encourages customers to upgrade to v4.14 to eliminate the vulnerabilities.

See the v4.14 functional release notice for details on the release.




Debian Security Update (DLA-86-1)

AlienVault ID: ENG-97950
Description: The donote function in readelf.c in file through 5.20, as used in the Fileinfo component in PHP 5.4.34, does not ensure that sufficient note headers are present, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted ELF file.
Debian Package: file
CVE ID: CVE-2014-3710
CVSS v2 Base Score: 5.0
CVSS v2 Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)


Debian Security Update (DLA-82-1)

AlienVault ID: ENG-97907
Description: Absolute path traversal vulnerability in GNU Wget before 1.16, when recursion is enabled, allows remote FTP servers to write to arbitrary files, and consequently execute arbitrary code, via a LIST response that references the same filename within two entries, one of which indicates that the filename is for a symlink.
Debian Package: wget
CVE ID: CVE-2014-4877
CVSS v2 Base Score: 9.3
CVSS v2 Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)


Debian Security Update (DLA-84-1)

AlienVault ID: ENG-97940
Description: The curl_easy_duphandle function in libcurl 7.17.1 through 7.38.0, when running with the CURLOPT_COPYPOSTFIELDS option, does not properly copy HTTP POST data for an easy handle, which triggers an out-of-bounds read that allows remote web servers to read sensitive memory information.
Debian Package: curl
CVE ID: CVE-2014-3707
CVSS v2 Base Score: 4
CVSS v2 Vector: (AV:N/AC:H/Au:N/C:P/I:N/A:P)


Debian Security Update (DLA-94-1)

AlienVault ID: ENG-97938
Description: The exif_ifd_make_value function in exif.c in the EXIF extension in PHP before 5.4.34, 5.5.x before 5.5.18, and 5.6.x before 5.6.2 operates on floating-point arrays incorrectly, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via a crafted JPEG image with TIFF thumbnail data that is improperly handled by the exif_thumbnail function.
Debian Package: php5
CVE ID: CVE-2014-3670
CVSS v2 Base Score: 6.8
CVSS v2 Vector: (AV:N/AC:M/Au:N/C:P/I:P/A:P)


Debian Security Update (DSA-3074-1)

AlienVault ID: ENG-97951
Description: The donote function in readelf.c in file through 5.20, as used in the Fileinfo component in PHP 5.4.34, does not ensure that sufficient note headers are present, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted ELF file.
Debian Package: php5
CVE ID: CVE-2014-3710
CVSS v2 Base Score: 5.0
CVSS v2 Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)


Debian Security Update (DLA-94-1)

AlienVault ID: ENG-97936
Description: Buffer overflow in the date_from_ISO8601 function in the mkgmtime implementation in libxmlrpc/xmlrpc.c in the XMLRPC extension in PHP before 5.4.34, 5.5.x before 5.5.18, and 5.6.x before 5.6.2 allows remote attackers to cause a denial of service (application crash) via (1) a crafted first argument to the xmlrpc_set_type function or (2) a crafted argument to the xmlrpc_decode function, related to an out-of-bounds read operation.
Debian Package: php5
CVE ID: CVE-2014-3668
CVSS v2 Base Score: 5.0
CVSS v2 Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)


Debian Security Update (DSA-3064-1)

AlienVault ID: ENG-97937
Description: Integer overflow in the object_custom function in ext/standard/var_unserializer.c in PHP before 5.4.34, 5.5.x before 5.5.18, and 5.6.x before 5.6.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an argument to the unserialize function that triggers calculation of a large length value.
Debian Package: php5
CVE ID: CVE-2014-3669
CVSS v2 Base Score: 7.5
CVSS v2 Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P)


Debian Security Update (DLA-54-1)

AlienVault ID: ENG-97294
Description: Libgcrypt before 1.5.4, as used in GnuPG and other products, does not properly perform ciphertext normalization and ciphertext randomization, which makes it easier for physically proximate attackers to conduct key-extraction attacks by leveraging the ability to collect voltage data from exposed metal, a different vector than CVE-2013-4576.
Debian Package: libgcrypt11
CVE ID: CVE-2014-5270
CVSS v2 Base Score: 2.1
CVSS v2 Vector: (AV:L/AC:L/Au:N/C:P/I:N/A:N)


OSSEC Security Update

AlienVault ID: ENG-98000
Description: host-deny.sh in OSSEC before 2.8.1 writes to temporary files with predictable filenames without verifying ownership, which allows local users to modify access restrictions in hosts.deny and gain root privileges by creating the temporary files before automatic IP blocking is performed.
CVE ID: CVE-2014-5284

Share post:

This discussion has been closed.