CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Redhat : Security Vulnerabilities Published In 2013

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2013-6439 287 2013-12-23 2014-01-17
9.3
None Remote Medium Not required Complete Complete Complete
Candlepin in Red Hat Subscription Asset Manager 1.0 through 1.3 uses a weak authentication scheme when the configuration file does not specify a scheme, which has unspecified impact and attack vectors.
2 CVE-2013-6368 20 DoS +Priv 2013-12-14 2014-03-26
6.2
None Local High Not required Complete Complete Complete
The KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges or cause a denial of service (system crash) via a VAPIC synchronization operation involving a page-end address.
3 CVE-2013-5651 119 DoS Overflow 2013-09-30 2013-10-23
5.0
None Remote Low Not required None None Partial
The virBitmapParse function in util/virbitmap.c in libvirt before 1.1.2 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via a crafted bitmap, as demonstrated by a large nodeset value to numatune.
4 CVE-2013-4854 DoS 2013-07-29 2014-10-24
7.8
None Remote Low Not required None None Complete
The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013.
5 CVE-2013-4566 264 Bypass 2013-12-12 2014-01-03
4.0
None Remote High Not required Partial Partial None
mod_nss 1.0.8 and earlier, when NSSVerifyClient is set to none for the server/vhost context, does not enforce the NSSVerifyClient setting in the directory context, which allows remote attackers to bypass intended access restrictions.
6 CVE-2013-4485 20 DoS 2013-11-23 2014-02-27
4.0
None Remote Low Single system None None Partial
389 Directory Server 1.2.11.15 (aka Red Hat Directory Server before 8.2.11-14) allows remote authenticated users to cause a denial of service (crash) via multiple @ characters in a GER attribute list in a search request.
7 CVE-2013-4482 +Priv 2013-11-23 2013-11-27
6.2
None Local High Not required Complete Complete Complete
Untrusted search path vulnerability in python-paste-script (aka paster) in Luci 0.26.0, when started using the initscript, allows local users to gain privileges via a Trojan horse .egg-info file in the (1) current working directory or (2) its parent directories.
8 CVE-2013-4481 362 +Info 2013-11-23 2013-11-25
1.9
None Local Medium Not required Partial None None
Race condition in Luci 0.26.0 creates /var/lib/luci/etc/luci.ini with world-readable permissions before restricting the permissions, which allows local users to read the file and obtain sensitive information such as "authentication secrets."
9 CVE-2013-4480 264 2013-11-17 2013-11-30
7.5
None Remote Low Not required Partial Partial Partial
Red Hat Satellite 5.6 and earlier does not disable the web interface that is used to create the first user for a satellite, which allows remote attackers to create administrator accounts.
10 CVE-2013-4461 89 Exec Code Sql 2013-12-23 2014-01-13
7.5
None Remote Low Not required Partial Partial Partial
SQL injection vulnerability in the web interface for cumin in Red Hat Enterprise MRG Grid 2.4 allows remote attackers to execute arbitrary SQL commands via vectors related to the "filtering table operator."
11 CVE-2013-4452 264 +Info 2013-12-24 2013-12-26
2.1
None Local Low Not required Partial None None
Red Hat JBoss Operations Network 3.1.2 uses world-readable permissions for the (1) server and (2) agent configuration files, which allows local users to obtain authentication credentials and other unspecified sensitive information by reading these files.
12 CVE-2013-4424 79 XSS 2013-12-23 2013-12-27
4.3
None Remote Medium Not required None Partial None
Multiple cross-site scripting (XSS) vulnerabilities in the GateIn Portal component in Red Hat JBoss Portal 6.1.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
13 CVE-2013-4414 79 XSS 2013-12-23 2014-01-13
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in the web interface for cumin in Red Hat Enterprise MRG Grid 2.4 allows remote attackers to inject arbitrary web script or HTML via the "Max allowance" field in the "Set limit" form.
14 CVE-2013-4405 352 CSRF 2013-12-23 2014-01-13
6.8
None Remote Medium Not required Partial Partial Partial
Multiple cross-site request forgery (CSRF) vulnerabilities in the web interface for cumin in Red Hat Enterprise MRG Grid 2.4 allow remote attackers to hijack the authentication of cumin users for unspecified requests.
15 CVE-2013-4404 264 Bypass +Info 2013-12-23 2014-01-13
6.5
None Remote Low Single system Partial Partial Partial
cumin in Red Hat Enterprise MRG Grid 2.4 does not properly enforce user roles, which allows remote authenticated users to bypass intended role restrictions and obtain sensitive information or perform privileged operations via unspecified vectors.
16 CVE-2013-4401 264 +Priv 2013-11-02 2013-12-10
8.5
None Remote Medium Single system Complete Complete Complete
The virConnectDomainXMLToNative API function in libvirt 1.1.0 through 1.1.3 checks for the connect:read permission instead of the connect:write permission, which allows attackers to gain domain:write privileges and execute Qemu binaries via crafted XML. NOTE: some of these details are obtained from third party information.
17 CVE-2013-4400 264 +Priv 2013-12-09 2013-12-10
7.2
None Local Low Not required Complete Complete Complete
virt-login-shell in libvirt 1.1.2 through 1.1.3 allows local users to overwrite arbitrary files and possibly gain privileges via unspecified environment variables or command-line arguments.
18 CVE-2013-4397 189 DoS Exec Code Overflow 2013-10-17 2013-12-19
6.8
None Remote Medium Not required Partial Partial Partial
Multiple integer overflows in the th_read function in lib/block.c in libtar before 1.2.20 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long (1) name or (2) link in an archive, which triggers a heap-based buffer overflow.
19 CVE-2013-4386 89 Exec Code Sql 2013-11-20 2013-11-24
7.5
None Remote Low Not required Partial Partial Partial
Multiple SQL injection vulnerabilities in app/models/concerns/host_common.rb in Foreman before 1.2.3 allow remote attackers to execute arbitrary SQL commands via the (1) fqdn or (2) hostgroup parameter.
20 CVE-2013-4373 20 2013-10-23 2013-11-12
3.2
None Local Low Single system None Partial Partial
The storeFiles method in JPADriftServerBean in Red Hat JBoss Operations Network (JON) 3.1.2 allows local users to load arbitrary drift files into a server by writing the files to the temporary directory that is used to unpack zip files.
21 CVE-2013-4372 79 XSS 2013-09-30 2014-01-03
4.3
None Remote Medium Not required None Partial None
Multiple cross-site scripting (XSS) vulnerabilities in Fuse Management Console in Red Hat JBoss Fuse 6.0.0 before patch 3 and JBoss A-MQ 6.0.0 before patch 3 allow remote attackers to inject arbitrary web script or HTML via the (1) user field in the create user page or (2) profile version to the create profile page.
22 CVE-2013-4345 189 2013-10-10 2014-04-19
5.8
None Remote Medium Not required Partial Partial None
Off-by-one error in the get_prng_bytes function in crypto/ansi_cprng.c in the Linux kernel through 3.11.4 makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms via multiple requests for small amounts of data, leading to improper management of the state of the consumed data.
23 CVE-2013-4342 264 +Priv 2013-10-09 2013-10-10
7.6
None Remote High Not required Complete Complete Complete
xinetd does not enforce the user and group configuration directives for TCPMUX services, which causes these services to be run as root and makes it easier for remote attackers to gain privileges by leveraging another vulnerability in a service.
24 CVE-2013-4332 189 DoS Overflow 2013-10-09 2014-01-03
4.3
None Remote Medium Not required None None Partial
Multiple integer overflows in malloc/malloc.c in the GNU C Library (aka glibc or libc6) 2.18 and earlier allow context-dependent attackers to cause a denial of service (heap corruption) via a large value to the (1) pvalloc, (2) valloc, (3) posix_memalign, (4) memalign, or (5) aligned_alloc functions.
25 CVE-2013-4326 264 Bypass 2013-10-03 2013-12-08
4.6
None Local Low Not required Partial Partial Partial
RealtimeKit (aka rtkit) 0.5 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec process, a related issue to CVE-2013-4288.
26 CVE-2013-4324 264 Bypass 2013-10-03 2013-10-30
4.6
None Local Low Not required Partial Partial Partial
spice-gtk 0.14, and possibly other versions, invokes the polkit authority using the insecure polkit_unix_process_new API function, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec process, a related issue to CVE-2013-4288.
27 CVE-2013-4311 264 Bypass 2013-10-03 2013-11-06
4.6
None Local Low Not required Partial Partial Partial
libvirt 1.0.5.x before 1.0.5.6, 0.10.2.x before 0.10.2.8, and 0.9.12.x before 0.9.12.2 allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition in pkcheck via a (1) setuid process or (2) pkexec process, a related issue to CVE-2013-4288.
28 CVE-2013-4297 119 DoS Overflow 2013-09-30 2013-10-01
4.0
None Remote Low Single system None None Partial
The virFileNBDDeviceAssociate function in util/virfile.c in libvirt 1.1.2 and earlier allows remote authenticated users to cause a denial of service (uninitialized pointer dereference and crash) via unspecified vectors.
29 CVE-2013-4296 119 DoS Overflow 2013-09-30 2013-11-06
4.0
None Remote Low Single system None None Partial
The remoteDispatchDomainMemoryStats function in daemon/remote.c in libvirt 0.9.1 through 0.10.1.x, 0.10.2.x before 0.10.2.8, 1.0.x before 1.0.5.6, and 1.1.x before 1.1.2 allows remote authenticated users to cause a denial of service (uninitialized pointer dereference and crash) via a crafted RPC call.
30 CVE-2013-4293 310 +Info 2013-10-23 2013-10-25
2.1
None Local Low Not required Partial None None
The server in Red Hat JBoss Operations Network (JON) 3.1.2 logs passwords in plaintext, which allows local users to obtain sensitive information by reading the log files.
31 CVE-2013-4292 399 DoS 2013-09-30 2013-10-01
2.1
None Local Low Not required None None Partial
libvirt 1.1.0 and 1.1.1 allows local users to cause a denial of service (memory consumption) via a large number of domain migrate parameters in certain RPC calls in (1) daemon/remote.c and (2) remote/remote_driver.c.
32 CVE-2013-4291 264 +Priv 2013-09-30 2013-10-01
6.9
None Local Medium Not required Complete Complete Complete
The virSecurityManagerSetProcessLabel function in libvirt 0.10.2.7, 1.0.5.5, and 1.1.1, when the domain has read an uid:gid label, does not properly set group memberships, which allows local users to gain privileges.
33 CVE-2013-4288 362 +Priv Bypass 2013-10-03 2013-12-08
7.2
None Local Low Not required Complete Complete Complete
Race condition in PolicyKit (aka polkit) allows local users to bypass intended PolicyKit restrictions and gain privileges by starting a setuid or pkexec process before the authorization check is performed, related to (1) the polkit_unix_process_new API function, (2) the dbus API, or (3) the --process (unix-process) option for authorization to pkcheck.
34 CVE-2013-4287 310 DoS 2013-10-17 2014-03-05
4.3
None Remote Medium Not required None None Partial
Algorithmic complexity vulnerability in Gem::Version::VERSION_PATTERN in lib/rubygems/version.rb in RubyGems before 1.8.23.1, 1.8.24 through 1.8.25, 2.0.x before 2.0.8, and 2.1.x before 2.1.0, as used in Ruby 1.9.0 through 2.0.0p247, allows remote attackers to cause a denial of service (CPU consumption) via a crafted gem version that triggers a large amount of backtracking in a regular expression.
35 CVE-2013-4284 399 DoS 2013-10-09 2013-10-10
5.0
None Remote Low Not required None None Partial
Cumin, as used in Red Hat Enterprise MRG 2.4, allows remote attackers to cause a denial of service (CPU and memory consumption) via a crafted Ajax update request.
36 CVE-2013-4282 119 DoS Overflow 2013-11-02 2014-01-23
5.0
None Remote Low Not required None None Partial
Stack-based buffer overflow in the reds_handle_ticket function in server/reds.c in SPICE 0.12.0 allows remote attackers to cause a denial of service (crash) via a long password in a SPICE ticket.
37 CVE-2013-4261 119 DoS Overflow 2013-10-29 2013-10-30
3.5
None Remote Medium Single system None None Partial
OpenStack Compute (Nova) Folsom, Grizzly, and earlier, when using Apache Qpid for the RPC backend, does not properly handle errors that occur during messaging, which allows remote attackers to cause a denial of service (connection pool consumption), as demonstrated using multiple requests that send long strings to an instance console and retrieving the console log.
38 CVE-2013-4255 20 DoS 2013-10-11 2013-10-15
3.5
None Remote Medium Single system None None Partial
The policy definition evaluator in Condor 7.5.4, 8.0.0, and earlier does not properly handle attributes in a (1) PREEMPT, (2) SUSPEND, (3) CONTINUE, (4) WANT_VACATE, or (5) KILL policy that evaluate to an Unconfigured, Undefined, or Error state, which allows remote authenticated users to cause a denial of service (condor_startd exit) via a crafted job.
39 CVE-2013-4248 20 2013-08-17 2014-07-17
4.3
None Remote Medium Not required None Partial None
The openssl_x509_parse function in openssl.c in the OpenSSL module in PHP before 5.4.18 and 5.5.x before 5.5.2 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
40 CVE-2013-4239 119 DoS Overflow Mem. Corr. 2013-09-30 2013-10-01
4.0
None Remote Low Single system None None Partial
The xenDaemonListDefinedDomains function in xen/xend_internal.c in libvirt 1.1.1 allows remote authenticated users to cause a denial of service (memory corruption and crash) via vectors involving the virConnectListDefinedDomains API function.
41 CVE-2013-4236 2013-08-19 2013-08-20
2.7
None Local Network Low Single system None None Partial
VDSM in Red Hat Enterprise Virtualization 3 and 3.2 allows privileged guest users to cause the host to become "unavailable to the managment server" via invalid XML characters in a guest agent response. NOTE: this issue is due to an incomplete fix for CVE-2013-0167.
42 CVE-2013-4214 59 2013-11-23 2014-03-05
6.3
None Local Medium Not required None Complete Complete
rss-newsfeed.php in Nagios Core 3.4.4, 3.5.1, and earlier, when MAGPIE_CACHE_ON is set to 1, allows local users to overwrite arbitrary files via a symlink attack on /tmp/magpie_cache.
43 CVE-2013-4213 16 2013-08-16 2013-10-30
6.4
None Remote Low Not required Partial Partial None
Red Hat JBoss Enterprise Application Platform (EAP) 6.1.0 does not properly cache EJB invocations by the EJB client API, which allows remote attackers to hijack sessions by using an EJB client.
44 CVE-2013-4210 DoS 2013-10-01 2013-10-30
5.0
None Remote Low Not required None None Partial
The org.jboss.remoting.transport.socket.ServerThread class in Red Hat JBoss Remoting for Red Hat JBoss SOA Platform 5.3.1 GA, Web Platform 5.2.0, Enterprise Application Platform 5.2.0, and other products allows remote attackers to cause a denial of service (file descriptor consumption) via unspecified vectors.
45 CVE-2013-4185 310 DoS 2013-10-29 2013-10-30
4.0
None Remote Low Single system None None Partial
Algorithmic complexity vulnerability in OpenStack Compute (Nova) before 2013.1.3 and Havana before havana-3 does not properly handle network source security group policy updates, which allows remote authenticated users to cause a denial of service (nova-network consumption) via a large number of server-creation operations, which triggers a large number of update requests.
46 CVE-2013-4182 264 2013-09-16 2013-09-17
7.5
None Remote Low Not required Partial Partial Partial
app/controllers/api/v1/hosts_controller.rb in Foreman before 1.2.2 does not properly restrict access to hosts, which allows remote attackers to access arbitrary hosts via an API request.
47 CVE-2013-4181 79 XSS 2013-09-16 2013-09-25
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in the addAlert function in the RedirectServlet servlet in oVirt Engine and Red Hat Enterprise Virtualization Manager (RHEV-M), as used in Red Hat Enterprise Virtualization 3 and 3.2, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
48 CVE-2013-4180 20 DoS 2013-09-16 2013-09-17
5.0
None Remote Low Not required None None Partial
The (1) power and (2) ipmi_boot actions in the HostController in Foreman before 1.2.2 allow remote attackers to cause a denial of service (memory consumption) via unspecified input that is converted to a symbol.
49 CVE-2013-4172 94 Exec Code 2013-08-23 2013-08-27
8.5
None Remote Medium Single system Complete Complete Complete
The Red Hat CloudForms Management Engine 5.1 allow remote administrators to execute arbitrary Ruby code via unspecified vectors.
50 CVE-2013-4157 59 2013-10-04 2013-10-07
3.6
None Local Low Not required None Partial Partial
Red Hat Storage 2.0 allows local users to overwrite arbitrary files via a symlink attack on the (1) e, (2) local-bricks.list, (3) bricks.err, or (4) limits.conf files in /tmp.
Total number of vulnerabilities : 191   Page : 1 (This Page)2 3 4
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.