Software Vulnerabilities Found with Defensics

2014

Crash with SRP Ciphersuite in Server Hello Message

• OpenSSL Advisory on CVE-2014-5139

PolarSSL Denial of Service against GCM enabled servers

• PolarSSL Security Advisory

Vulnerabilities fixed in the OpenSSL library

• Finnish Communications Regulatory Authority, NCSC-FI Vulnerability Coordination

GnuTLS Hello Vulnerability

• The Official Radare Blog

Vulnerability in BIND

• ISC Knowledge Base
• SCIP advisory

Heartbleed

• heartbleed.com

• NCSC-FI Advisory on OpenSSL

SCTP Linux Kernel Panic

• CVE-2014-0101
• RedHat Bugzilla Entry
• RedHat Errata

Heimdal in Apple OS X allows remote DoS

• A reachable abort existed in the handling of ASN.1 data
• CVE-2014-1316 Description

Apple TLS Bug

• Understanding the Apple TLS Bug

2013

Vulnerability in Oracle

• Oracle critical patch update

Apple remote DoS (CVE 2013-5140)

• Apple iOS before 7 allows remote denial of service via an invalid packet fragment

2012

Two vulnerabilities in the ISC DHCP server implementation

• CERT-FI Advisory on ISC DHCP
• An Error in the Handling of an Unexpected Client Identifiers can Cause Server Crash When Serving DHCPv6
• An Error in the Handling of Malformed Client Identifiers can Cause a Denial-of-Service Condition in Affected Servers
• CVE-2012-3570
• CVE-2012-3571

RSA signature verification vulnerability in strongSwan

• CERT-FI Advisory on strongSwan
• strongSwan 4.6.4 Released (CVE-2012-2388)
• CVE-2012-2388

Invalid TLS/DTLS record vulnerability in OpenSSL

• CERT-FI Advisory on OpenSSL
• OpenSSL Security Advisory: Invalid TLS/DTLS record attack
• CVE-2012-2333

Large Host: header can crash the Apache Traffic Server

• CERT-FI Advisory on Apache Traffic Server
• "Important security announcement: All versions of Traffic Server prior to v3.0.4 and v3.1.3 have a vulnerability where a large Host: header can crash the server under certain conditions."
• CVE-2012-0256

Two vulnerabilities in ImageMagick - Invalid Validation and Denial of Service

• CERT-FI Advisory on issues in ImageMagick
• ImageMagick Invalid Validation and Denial of Service
• CVE-2012-0247
• CVE-2012-0248

2011

Vulnerability in open source Bluetooth bluez-hcidump

• CERT-FI Advisory on bluez-hcidump
• CVE-2011-3334

Five vulnerabilities in the BGP and OSPF daemons of Quagga

• CERT-FI Advisory on Quagga
• CVE-2011-3323
• CVE-2011-3324
• CVE-2011-3325
• CVE-2011-3326
• CVE-2011-3327

2010

Two vulnerabilities in the BGP daemon of Quagga

• CERT-FI Advisory on Quagga
• Quagga 0.99.17 release note
• CVE-2010-2948
• CVE-2010-2949

SMB Stack Exhaustion Vulnerability

• MS10-054 - Vulnerabilities in SMB Server Could Allow Remote Code Execution
• Microsoft Security Bulletin Summary for August 2010
• CVE-2010-2552

Two vulnerabilities in OpenLDAP

• CERT-FI Advisory on OpenLDAP
• CVE-2010-0211
• CVE-2010-0212

Linux SCTP INIT message handling

• CERT-FI Advisory on Linux SCTP INIT message handling
• CVE-2010-1173

Lexmark vulnerabilities in HTTP and SSL

• HTTP Denial of Service Vulnerability Notification for Lexmark Printers and Multi-Function Printers
• CVE-2010-0101
• SSL Denial of Service Vulnerability Notification for Lexmark Printers and Multi-Function Printers
• CVE-2004-0079 (Regression)

Microsoft SMB implementations

• Microsoft Security Bulletin MS10-012
• CVE-2010-0020

Linux Kernel (with CERT-FI):

• CERT-FI advisory
• CVE-2007-4567 (Regression)
• CVE-2010-0006

2009

XML (several open source libraries, with CERT-FI):

• CERT-FI Advisory
• CVE-2009-3720 (libexpat in Expat 2.0.1, as used in Python, PyXML, w3c-libwww, and other software)
• CVE-2009-1885 (Apache Xerces C++ 2.7.0 and 2.8.0)
• CVE-2009-2414 (libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17)
• CVE-2009-2416 (libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17)
• CVE-2009-2625 (Apache Xerces2 Java, as used in Sun Java Runtime Environment (JRE) in JDK and JRE 6)
• List of affected software products and vendors includes (at least): Python Expat, Xerces C++, Libxml2, Sun Java, Xerces Java, OpenJDK, Apple, Google, OpenOffice, Sun StarOffice, Sun StarSuite, Oracle, VMware, ...

Squid (with CERT-FI):

• Squid advisory
• CVE-2009-2621
• CVE-2009-2622
• CVE-2009-0478

2008

OpenSSL (with CERT-FI):

• CERT-FI advisory
• OpenSSL advisory
• CVE-2008-0891

GnuTLS (with CERT-FI):

• GnuTLS update
• CERT-FI advisory
• CVE-2008-1948, CVE-2008-1949, CVE-2008-1950

NetBSD (with CERT-FI):

• CERT-FI advisory
• NetBSD advisory
• CVE-2008-2464

SMB libraries:

• Microsoft advisory
• CVE-2008-4038

2007

OpenGGSN (by VTT):

• Advisory from VTT

2005

Image libraries (with NISCC):

• Advisory from Microsoft

2004

OpenSSL (with NISCC and RedHat):

• Red Hat
• CVE-2004-0081

Apache (with NISCC and RedHat):

• Red Hat
• CVE-2004-0786