• Support
  • Forums
  • Blogs

Security Advisory - OSSIM v5.2.5 addresses 26 vulnerabilities

LBarracoLBarraco

AlienVault Employee
+20

Notice Date: June 9, 2016

Several vulnerabilities were discovered in the underlying OS packages in AlienVault USM and OSSIM v5.2.4 and earlier. All of the vulnerabilities below have been confirmed and fixed in the AlienVault v5.2.5. AlienVault encourages customers to upgrade to eliminate the vulnerabilities.

See the v5.2.5 hotfix notice for details on the release.


Debian Security Update

AlienVault ID: ENG-102048
Description: The stringprep_utf8_to_ucs4 function in libin before 1.31, as used in jabberd2, allows context-dependent attackers to read system memory and possibly have other unspecified impact via invalid UTF-8 characters in a string, which triggers an out-of-bounds read.
CVE ID: CVE-2015-2059
CVSS: 6.4


Security Update

AlienVault ID: ENG-103101
Description: An insecure sudoers configuration allows the 'avapi' user to execute arbitrary python code or arbitrary commands as root. The following screenshots detail the insecure sudoers configuration and a proof-of-concept exploit. The use of wild cards within the sudoers configuration makes this attack possible.
Reported by: Denis Andzakovic (Security-assessment.com)
CVSS: 6.6


Debian Security Update

AlienVault ID: ENG-103540
Description: Vulnerability in libexpat
CVE ID: CVE-2016-0718


Debian Security Update

AlienVault ID: ENG-103541
Description: Jansson 2.7 and earlier allows context-dependent attackers to cause a denial of service (deep recursion, stack consumption, and crash) via crafted JSON data.
CVE ID: CVE-2016-4425
CVSS: 3.7


Debian Security Update

AlienVault ID: ENG-103564
Description: epan/proto.c in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 does not limit the protocol-tree depth, which allows remote attackers to cause a denial of service (stack memory consumption and application crash) via a crafted packet.
CVE ID: CVE-2016-4006
CVSS: 3.2


Debian Security Update

AlienVault ID: ENG-103564
Description: epan/dissectors/packet-pktc.c in the PKTC dissector in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 does not verify BER identifiers, which allows remote attackers to cause a denial of service (out-of-bounds write and application crash) via a crafted packet.
CVE ID: CVE-2016-4079
CVSS: 3.2


Debian Security Update

AlienVault ID: ENG-103564
Description: epan/dissectors/packet-pktc.c in the PKTC dissector in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 misparses timestamp fields, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.
CVE ID: CVE-2016-4080
CVSS: 3.2


Debian Security Update

AlienVault ID: ENG-103564
Description: epan/dissectors/packet-iax2.c in the IAX2 dissector in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 uses an incorrect integer data type, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.
CVE ID: CVE-2016-4081
CVSS: 3.2


Debian Security Update

AlienVault ID: ENG-103564
Description: epan/dissectors/packet-gsm_cbch.c in the GSM CBCH dissector in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 uses the wrong variable to index an array, which allows remote attackers to cause a denial of service (out-of-bounds access and application crash) via a crafted packet.
CVE ID: CVE-2016-4082
CVSS: 3.2


Debian Security Update

AlienVault ID: ENG-103564
Description: Stack-based buffer overflow in epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 1.12.x before 1.12.11 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long string in a packet.
CVE ID: CVE-2016-4085
CVSS: 3.2


Debian Security Update

AlienVault ID: ENG-103599
Description: Heap-based buffer overflow in the gdk_pixbuf_flip function in gdk-pixbuf-scale.c in gdk-pixbuf 2.30.x allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted BMP file.
CVE ID: CVE-2015-7552
CVSS: 6.3


Debian Security Update

AlienVault ID: ENG-103599
Description: Integer overlows in pixops_* functions
CVE ID: CVE-2015-8875


Debian Security Update

AlienVault ID: ENG-103626
Description: dict.c in libxml2 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via an unexpected character immediately after the " < !DOCTYPE html" substring in a crafted HTML document.
CVE ID: CVE-2015-8806
CVSS: 5.0


Debian Security Update

AlienVault ID: ENG-103626
Description: libxml2 in Apple iOS before 9.3, OS X before 10.11.4, Safari before 9.1, tvOS before 9.2, and watchOS before 2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document.
CVE ID: CVE-2016-1762
CVSS: 10


Debian Security Update

AlienVault ID: ENG-103626
Description: libxml2, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document, a different vulnerability than CVE-2016-1834, CVE-2016-1836, CVE-2016-1837, CVE-2016-1838, CVE-2016-1839, and CVE-2016-1840.
CVE ID: CVE-2016-1833
CVSS: 7.5


Debian Security Update

AlienVault ID: ENG-103626
Description: libxml2, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document, a different vulnerability than CVE-2016-1833, CVE-2016-1836, CVE-2016-1837, CVE-2016-1838, CVE-2016-1839, and CVE-2016-1840.
CVE ID: CVE-2016-1834
CVSS: 6.8


Debian Security Update

AlienVault ID: ENG-103626
Description: libxml2, as used in Apple iOS before 9.3.2 and OS X before 10.11.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document.
CVE ID: CVE-2016-1835
CVSS: 6.8


Debian Security Update

AlienVault ID: ENG-103626
Description: libxml2, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document, a different vulnerability than CVE-2016-1833, CVE-2016-1834, CVE-2016-1837, CVE-2016-1838, CVE-2016-1839, and CVE-2016-1840.
CVE ID: CVE-2016-1836
CVSS: 6.8


Debian Security Update

AlienVault ID: ENG-103626
Description: libxml2, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document, a different vulnerability than CVE-2016-1833, CVE-2016-1834, CVE-2016-1836, CVE-2016-1838, CVE-2016-1839, and CVE-2016-1840.
CVE ID: CVE-2016-1837
CVSS: 6.8


Debian Security Update

AlienVault ID: ENG-103626
Description: libxml2, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document, a different vulnerability than CVE-2016-1833, CVE-2016-1834, CVE-2016-1836, CVE-2016-1837, CVE-2016-1839, and CVE-2016-1840.
CVE ID: CVE-2016-1838
CVSS: 6.8


Debian Security Update

AlienVault ID: ENG-103626
Description: libxml2, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document, a different vulnerability than CVE-2016-1833, CVE-2016-1834, CVE-2016-1836, CVE-2016-1837, CVE-2016-1838, and CVE-2016-1840.
CVE ID: CVE-2016-1839
CVSS: 6.8


Debian Security Update

AlienVault ID: ENG-103626
Description: libxml2, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document, a different vulnerability than CVE-2016-1833, CVE-2016-1834, CVE-2016-1836, CVE-2016-1837, CVE-2016-1838, and CVE-2016-1839.
CVE ID: CVE-2016-1840
CVSS: 6.8


Debian Security Update

AlienVault ID: ENG-103626
Description: The htmlParseNameComplex function in HTMLparser.c in libxml2 allows attackers to cause a denial of service (out-of-bounds read) via a crafted XML document.
CVE ID: CVE-2016-2073
CVSS: 4.3


Debian Security Update

AlienVault ID: ENG-103626
Description: The xmlStringGetNodeList function in tree.c in libxml2 2.9.3 and earlier, when used in recovery mode, allows context-dependent attackers to cause a denial of service (infinite recursion, stack consumption, and application crash) via a crafted XML document.
CVE ID: CVE-2016-3627
CVSS: 5.0


Debian Security Update

AlienVault ID: ENG-103626
Description: The (1) xmlParserEntityCheck and (2) xmlParseAttValueComplex functions in parser.c in libxml2 2.9.3 do not properly keep track of the recursion depth, which allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via a crafted XML document containing a large number of nested entity references.
CVE ID: CVE-2016-3705
CVSS: 5.0


Debian Security Update

AlienVault ID: ENG-103626
Description: Reserved vulnerability in libxml2
CVE ID: CVE-2016-4447


Debian Security Update

AlienVault ID: ENG-103626
Description: Reserved vulnerability in libxml2
CVE ID: CVE-2016-4449


Debian Security Update

AlienVault ID: ENG-103626
Description: Reserved vulnerability in libxml2
CVE ID: CVE-2016-4483

Share post:

This discussion has been closed.