Vulnerability Summary for the Week of April 6, 2015 Please Note: • The vulnerabilities are cattegorized by their level of severity which is either High, Medium or Low. • The !" indentity number is the #ublicly $nown %& given to that #articular vulnerability. Therefore you can search the status of that #articular vulnerability using that %&. • The !'S (Common !ulnerability 'coring System) score is a standard scoring system used to determine the severity of the vulnerability. High Severity Vulnerabilities The Primary Vendor --- Description Date CVSS The CVE Product Published Score Identity antlabs ** inngate The +NTlabs %nn,ate firmware on %, -.//, %, 2015-04-04 10.0 CVE-2015-0932 CERT-VN -./., %nn,ate -.0/ E, %nn,ate -.0. E, %nn,ate CONFIRM (link -.00 E, %nn,ate -.1/ E, %nn,ate -.0. ,, and is external) %nn,ate -.1/ , devices does not re1uire MISC (link is external) authentication for rsync sessions, which allows MISC (link is remote attac$ers to read or write to arbitrary external) files via T P traffic on #ort 23-. a#ache ** subversion The mod_dav_svn server in 'ubversion ..8.0 2015-04-08 7.8 CVE-2015-0202 MANDRIVA through ..8.1. allows remote attac$ers to cause (link is external) a denial of service (memory consum#tion) via a CONFIRM large number of 5EP65T re1uests, which trigger the traversal of 7'7' re#ository nodes. a#ache ** cassandra The default configuration in +#ache assandra 2015-04-03 7.5 CVE-2015-0225 BUGTRAQ ..2.0 through ..2.18, 0.0.0 through 0.0.1-, and (link is external) 0.1.0 through 0.1.3 binds an unauthenticated MLIST 9M:;5M% interface to all networ$ interfaces, MISC (link is external) which allows remote attac$ers to e<ecute arbitrary 9ava code via an 5M% re1uest. a##le ** a##le4tv %OH%&7amily in +##le i6' before 2.3, +##le 6' : 2015-04-10 7.2 CVE-2015-1095 CONFIRM (link before ./.1/.3, and +##le T! before 3.0 allows is external) CONFIRM (link #hysically #roximate attac$ers to e<ecute is external) arbitrary code or cause a denial of service CONFIRM (link (memory corru#tion) via a crafted H%& device. is external) APPLE (link is external) APPLE (link is external) APPLE (link is external) a##le ** a##le4tv The $ernel in +##le i6' before 2.3, +##le 6' : 2015-04-10 7.1 CVE-2015-1102 CONFIRM (link before ./.1/.3, and +##le T! before 3.0 does not is external) #ro#erly handle T P headers, which allows man* CONFIRM (link in*the*middle attac$ers to cause a denial of is external) CONFIRM (link service via uns#ecified vectors. is external) APPLE (link is external) APPLE (link is external) APPLE (link is external) a##le ** a##le4tv The $ernel in +##le i6' before 2.3, +##le 6' : 2015-04-10 7.5 CVE-2015-1103 CONFIRM (link before ./.1/.3, and +##le T! before 3.0 ma$es is external) routing changes in res#onse to % MP45"&%5" T CONFIRM (link messages, which allows remote attac$ers to is external) CONFIRM (link cause a denial of service (networ$ outage) or is external) obtain sensitive #ac$et*content information via APPLE (link is a crafted % MP #ac$et. external) APPLE (link is external) APPLE (link is external) a##le ** mac4os4< The :P im#lementation in +dmin 7ramewor$ in 2015-04-10 7.2 CVE-2015-1130 CONFIRM (link +##le 6' : before ./.1/.3 allows local users to is external) bypass authentication and obtain admin APPLE (link is #rivileges via uns#ecified vectors. external) a##le ** mac4os4< fontd in +##le Type 'ervices (+T') in +##le 6' : 2015-04-10 7.2 CVE-2015-1131 CONFIRM (link before ./.1/.3 allows local users to gain is external) #rivileges via uns#ecified vectors, a different APPLE (link is vulnerability than !"*0/.=*..-0, !"*0/.=* external) ..--, !"*0/.=*..->, and !"*0/.=*..-=. a##le ** mac4os4< fontd in +##le Type 'ervices (+T') in +##le 6' : 2015-04-10 10.0 CVE-2015-1132 before ./.1/.3 allows local users to gain CONFIRM (link is external) #rivileges via uns#ecified vectors, a different APPLE (link is vulnerability than !"*0/.=*..-., !"*0/.=* external) ..--, !"*0/.=*..->, and !"*0/.=*..-=. a##le ** mac4os4< fontd in +##le Type 'ervices (+T') in +##le 6' : 2015-04-10 7.2 CVE-2015-1133 CONFIRM (link before ./.1/.3 allows local users to gain is external) #rivileges via uns#ecified vectors, a different APPLE (link is vulnerability than !"*0/.=*..-., !"*0/.=* external) ..-0, !"*0/.=*..->, and !"*0/.=*..-=. a##le ** mac4os4< fontd in +##le Type 'ervices (+T') in +##le 6' : 2015-04-10 7.2 CVE-2015-1134 CONFIRM (link before ./.1/.3 allows local users to gain is external) #rivileges via uns#ecified vectors, a different APPLE (link is vulnerability than !"*0/.=*..-., !"*0/.=* external) ..-0, !"*0/.=*..--, and !"*0/.=*..-=. a##le ** mac4os4< fontd in +##le Type 'ervices (+T') in +##le 6' : 2015-04-10 7.2 CVE-2015-1135 CONFIRM (link before ./.1/.3 allows local users to gain is external) #rivileges via uns#ecified vectors, a different APPLE (link is vulnerability than !"*0/.=*..-., !"*0/.=* external) ..-0, !"*0/.=*..--, and !"*0/.=*..->. a##le ** mac4os4< The NV%&%+ gra#hics driver in +##le 6' : before 2015-04-10 7.2 CVE-2015-1137 CONFIRM (link ./.1/.3 allows local users to gain #rivileges or is external) cause a denial of service (NULL #ointer APPLE (link is dereference) via an uns#ecified %6'ervice external) userclient type. a##le ** mac4os4< @uffer overflow in %OH%&7amily in +##le 6' : 2015-04-10 7.2 CVE-2015-1140 CONFIRM (link before ./.1/.3 allows local users to gain is external) #rivileges via uns#ecified vectors. APPLE (link is external) a##le ** mac4os4< Launch'ervices in +##le 6' : before ./.1/.3 2015-04-10 7.2 CVE-2015-1143 CONFIRM (link allows local users to gain #rivileges via a crafted is external) localized string, related to a Atype confusionA APPLE (link is issue. external) a##le ** mac4os4< @uffer overflow in the ?niformType%dentifiers 2015-04-10 7.2 CVE-2015-1144 CONFIRM (link com#onent in +##le 6' : before ./.1/.3 allows is external) local users to gain #rivileges via a crafted APPLE (link is ?niform Type %dentifier. external) a##le ** <code %nteger overflow in the simulator in 'wift in 2015-04-10 7.5 CVE-2015-1149 CONFIRM (link +##le :code before B.3 allows conte<t* de#endent attac$ers to cause a denial of service is external) APPLE (link is or #ossibly have uns#ecified other im#act by external) triggering an incorrect result of a type conversion. arC4software ** @uffer overflow in 6#en*source +59 archiver 2015-04-08 7.5 CVE-2015-2782 MLIST (link is arC4archiver -.1/.00 allows remote attac$ers to cause a denial external) of service (crash) or #ossibly e<ecute arbitrary MLIST (link is code via a crafted +59 archive. external) DEBIAN c*board_moyu$u4#roject ?nrestricted file u#load vulnerability in 2015-04-05 7.5 CVE-2015-0877 CONFIRM (link ** c*board_moyu$u a##;lib;mlf.pl in *@6+5D Moyu$u before is external) ..0-b- allows remote attac$ers to e<ecute JVNDB (link is arbitrary code by u#loading a file with a D/ external) JVN (link is character in its name. external) ca ** s#ectrum + '#ectrum 8.2.x and 8.3.x before 8.3 H/0 does 2015-04-07 9.0 CVE-2015-2828 CONFIRM (link not #roperly validate serialized 9ava obCects, is external) which allows remote authenticated users to obtain administrative #rivileges via crafted obCect data. cisco ** unity_connection The onnection onversation Manager (a$a 2015-04-03 7.1 CVE-2015-0612 SECTRACK u sMgr) #rocess in isco ?nity onnection 2.5 (link is external) before 2.5(.)'?B, 2.6 before 2.B(0a)'?>, and 8.x CISCO (link is before 8.1(0)'?0, when '%P trun$ integration is external) enabled, allows remote attac$ers to cause a denial of service ('%P outage) via a crafted ?DP #ac$et, a$a @ug %& ' uh0=/B0. cisco ** unity_connection The onnection onversation Manager (a$a 2015-04-03 7.1 CVE-2015-0613 SECTRACK u sMgr) #rocess in isco ?nity onnection 2.5 (link is external) before 2.5(.)'?3, 2.6 before 2.B(0a)'?>, 8.x CISCO (link is before 8.1(0)'?0, and ./.0 before ./.0(.)'?., external) when '%P trun$ integration is enabled, allows remote attac$ers to cause a denial of service (core dum# and restart) via crafted '%P %NV%TE messages, a$a @ug %D ' ul2/>>>. cisco ** unity_connection The onnection onversation Manager (a$a 2015-04-03 7.1 CVE-2015-0614 SECTRACK u sMgr) #rocess in isco ?nity onnection 2.5 (link is external) before 2.5(.)'?3, 2.6 before 2.B(0a)'?>, 8.x CISCO (link is before 8.1(0)'?0, and ./.0 before ./.0(.)'?., external) when '%P trun$ integration is enabled, allows remote attac$ers to cause a denial of service (core dum# and restart) via crafted '%P %NV%TE messages, a$a @ug %D ' ul2B0B3. cisco ** unity_connection The call-handling im#lementation in isco ?nity 2015-04-03 7.1 CVE-2015-0615 SECTRACK onnection 2.= before 2.5(.)'?3, 2.6 before (link is external) 2.6(0a)'?>, 8.x before 8.1(0)'?0, and ./.0 before CISCO (link is ./.0(.)'?., when '%P trun$ integration is external) enabled, allows remote attac$ers to cause a denial of service (#ort consum#tion) by im#roperly terminating '%P sessions, a$a @ug %D ' ul22/28. cisco ** unity_connection The onnection onversation Manager (a$a 2015-04-03 7.1 CVE-2015-0616 SECTRACK u sMgr) #rocess in isco ?nity onnection 2.5 (link is external) before 2.5(.)'?3, 2.6 before 2.B(0a)'?>, and 8.x CISCO (link is before 8.1(0)'?0, when '%P trun$ integration is external) enabled, allows remote attac$ers to cause a denial of service (core dum# and restart) by im#roperly terminating '%P T P connections, a$a @ug %D ' ul682.8.