• Support
  • Forums
  • Blogs

Security Advisory, AlienVault v4.15.1 addresses twenty (20) vulnerabilities

LBarracoLBarraco

AlienVault Employee
+19
Several vulnerabilities were discovered in the underlying OS packages in AlienVault v4.15 and lower, including the Linux "GHOST" vulnerability (CVE-2015-0235). The GHOST vulnerability is a buffer overflow condition that can be easily exploited locally and remotely, which makes it extremely dangerous. This vulnerability is named after the GetHOSTbyname function involved in the exploit. All of the vulnerabilities below have been confirmed and fixed in the AlienVault v4.15.1. AlienVault encourages customers to upgrade to v4.15.1 to eliminate the vulnerabilities.

See the v4.15.1 patch release notice for details on the release.



Debian Security Update (DLA-139-1)

AlienVault ID: ENG-98558
Description: Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka "GHOST."
CVE ID: CVE-2015-0235
CVSS v2 Base Score: 6.8
CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P


Debian Security Update (DLA-105-1)

AlienVault ID: ENG-98478
Description: Format string vulnerability in the yyerror function in lib/cgraph/scan.l in Graphviz allows remote attackers to have unspecified impact via format string specifiers in unknown vector, which are not properly handled in an error string.
CVE ID: CVE-2014-9157
CVSS v2 Base Score: 1.3
CVSS v2 Vector: AV:N/AC:L/Au:N/C/I/A/E:F/RL:OF/RC:C/CDP:L/TD:L/CR:L/IR:L/AR:L


Debian Security Update (DLA-110-1)

AlienVault ID: ENG-98483
Description: scanner.c in LibYAML 0.1.5 and 0.1.6, as used in the YAML-LibYAML (aka YAML-XS) module for Perl, allows context-dependent attackers to cause a denial of service (assertion failure and crash) via vectors involving line-wrapping.
CVE ID: CVE-2014-9130
CVSS v2 Base Score: 1.0
CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A/E:F/RL:OF/RC:C/CDP:L/TD:L/CR:ND/IR:ND/AR:L


Debian Security Update (DLA-109-1)

AlienVault ID: ENG-98486
Description: scanner.c in LibYAML 0.1.5 and 0.1.6, as used in the YAML-LibYAML (aka YAML-XS) module for Perl, allows context-dependent attackers to cause a denial of service (assertion failure and crash) via vectors involving line-wrapping.
CVE ID: CVE-2014-9130
CVSS v2 Base Score: 1.0
CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A/E:F/RL:OF/RC:C/CDP:L/TD:L/CR:ND/IR:ND/AR:L


Debian Security Update (DLA-111-1)

AlienVault ID: ENG-98487
Description: Heap-based buffer overflow in the process_copy_in function in GNU Cpio 2.11 allows remote attackers to cause a denial of service via a large block value in a cpio archive.
CVE ID: CVE-2014-9112
CVSS v2 Base Score: 0.9
CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A/E:POC/RL:OF/RC:C/CDP:L/TD:L/CR:ND/IR:ND/AR:L


Debian Security Update (DLA-113-1)

AlienVault ID: ENG-98489
Description: A flaw was found in the way mailx handled the parsing of email addresses. A syntactically valid email address could allow a local attacker to cause mailx to execute arbitrary shell commands through shell meta-characters (CVE-2004-2771) and the direct command execution functionality (CVE-2014-7844).
CVE ID: CVE-2014-7844
CVSS v2 Base Score: 3.6
CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:N


Debian Security Update (DLA-134-1)

AlienVault ID: ENG-98505
Description: CRLF injection vulnerability in libcurl 6.0 through 7.x before 7.40.0, when using an HTTP proxy, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in a URL.
CVE ID: CVE-2014-8150
CVSS v2 Base Score: 0.9
CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I/A:N/E:F/RL:OF/RC:C/CDP:L/TD:L/CR:ND/IR:L/AR:ND


Debian Security Update (DLA-137-1)

AlienVault ID: ENG-98528
Description: This update fixes a buffer overflow in the buffered event handling in libevent.
CVE ID: CVE-2014-6272
CVSS v2 Base Score: 5.1
CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P


Debian Security Update (DLA-132-1)

AlienVault ID: ENG-98499
Description: The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct ECDHE-to-ECDH downgrade attacks and trigger a loss of forward secrecy by omitting the ServerKeyExchange message.
CVE ID: CVE-2014-3572
CVSS v2 Base Score: 5.0
CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I/A:N/E:F/RL:OF/RC:C/CDP:L/TD:L/CR:ND/IR:L/AR:ND


Debian Security Update (DLA-132-1)

AlienVault ID: ENG-98500
Description: OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not enforce certain constraints on certificate data, which allows remote attackers to defeat a fingerprint-based certificate-blacklist protection mechanism by including crafted data within a certificate's unsigned portion, related to crypto/asn1/a_verify.c, crypto/dsa/dsa_asn1.c, crypto/ecdsa/ecs_vrf.c, and crypto/x509/x_all.c.
CVE ID: CVE-2014-8275
CVSS v2 Base Score: 5.0
CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I/A:N/E:F/RL:OF/RC:C/CDP:L/TD:L/CR:ND/IR:L/AR:ND


Debian Security Update (DLA-124-1)

AlienVault ID: ENG-98364
Description: The package 'unzip' is affected by heap-based buffer overflows within the CRC32 verification function (CVE-2014-8139), the test_compr_eb() function (CVE-2014-8140) and the getZip64Data() function (CVE-2014-8141), which may lead to the execution of arbitrary code.
CVE ID: CVE-2014-8139, CVE-2014-8140, CVE-2014-8141
CVSS v2 Base Score: 6.8
CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P


Debian Security Update (DLA-125-1)

AlienVault ID: ENG-98365
Description: run-mailcap in the Debian mime-support package before 3.52-1+deb7u1 allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a filename.
CVE ID: CVE-2014-7209
CVSS v2 Base Score: 7.5
CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P


Debian Security Update (DLA-131-1)

AlienVault ID: ENG-98490
Description: The ELF parser (readelf.c) in file before 5.21 allows remote attackers to cause a denial of service (CPU consumption or crash) via a large number of (1) program or (2) section headers or (3) invalid capabilities.
CVE ID: CVE-2014-8116
CVSS v2 Base Score: 1.0
CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A/E:F/RL:OF/RC:C/CDP:L/TD:L/CR:ND/IR:ND/AR:L


Debian Security Update (DLA-131-1)

AlienVault ID: ENG-98496
Description: softmagic.c in file before 5.21 does not properly limit recursion, which allows remote attackers to cause a denial of service (CPU consumption or crash) via unspecified vectors.
CVE ID: CVE-2014-8117
CVSS v2 Base Score: 0.9
CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A/E:F/RL:OF/RC:C/CDP:L/TD:L/CR:ND/IR:ND/AR:L


Debian Security Update (DLA-132-1)

AlienVault ID: ENG-98503
Description: The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct RSA-to-EXPORT_RSA downgrade attacks and facilitate brute-force decryption by offering a weak ephemeral RSA key in a noncompliant role.
CVE ID: CVE-2015-0204
CVSS v2 Base Score: 5.0
CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N


Debian Security Update (DLA-132-1)

AlienVault ID: ENG-98497
Description: The BN_sqr implementation in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not properly calculate the square of a BIGNUM value, which might make it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors, related to crypto/bn/asm/mips.pl, crypto/bn/asm/x86_64-gcc.c, and crypto/bn/bn_asm.c.
CVE ID: CVE-2014-3570
CVSS v2 Base Score: 5.0
CVSS v2 Vector: AV:N/AC:L/Au:N/C/I:N/A:N/E:F/RL:OF/RC:C/CDP:L/TD:L/CR:L/IR:ND/AR:ND


Debian Security Update (DLA-132-1)

AlienVault ID: ENG-98498
Description: OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted DTLS message that is processed with a different read operation for the handshake header than for the handshake body, related to the dtls1_get_record function in d1_pkt.c and the ssl3_read_n function in s3_pkt.c.
CVE ID: CVE-2014-3571
CVSS v2 Base Score: 5.0
CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A/E:F/RL:OF/RC:C/CDP:L/TD:L/CR:ND/IR:ND/AR:L


Debian Security Update (DLA-102-1)

AlienVault ID: ENG-98455
Description: tcpdump 3.8 through 4.6.2 might allow remote attackers to obtain sensitive information from memory or cause a denial of service (packet loss or segmentation fault) via a crafted Ad hoc On-Demand Distance Vector (AODV) packet, which triggers an out-of-bounds memory access.
CVE ID: CVE-2014-8769
CVSS v2 Base Score: 6.4
CVSS v2 Vector: AV:N/AC:L/Au:N/C/I:N/A/E:POC/RL:OF/RC:C/CDP:L/TD:L/CR:L/IR:ND/AR:L


Debian Security Update (DLA-102-1)

AlienVault ID: ENG-98456
Description: Buffer overflow in the ppp_hdlc function in print-ppp.c in tcpdump 4.6.2 and earlier allows remote attackers to cause a denial of service (crash) cia a crafted PPP packet.
CVE ID: CVE-2014-9140
CVSS v2 Base Score: 5.0
CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A/E:POC/RL:OF/RC:C/CDP:L/TD:L/CR:ND/IR:ND/AR:L


Debian Security Update (DLA-102-1)

AlienVault ID: ENG-98454
Description: Integer underflow in the olsr_print function in tcpdump 3.9.6 through 4.6.2, when in verbose mode, allows remote attackers to cause a denial of service (crash) via a crafted length value in an OLSR frame.
CVE ID: CVE-2014-8767
CVSS v2 Base Score: 5.0
CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A/E:POC/RL:OF/RC:C/CDP:L/TD:L/CR:ND/IR:ND/AR:L

Share post:

This discussion has been closed.