Daily threat and vulnerabilities report (rules users)

Security annoucements of interest to the AtomiCorp community, such as vulnerabilities in third party applications.
Post Reply
User avatar
mikeshinn
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin
Posts: 4149
Joined: Thu Feb 07, 2008 7:49 pm
Location: Chantilly, VA

Daily threat and vulnerabilities report (rules users)

Unread post by mikeshinn »

This report is an analysis of all published vulnerabilities in any product, weaknesses in technologies and exploits Internet wide, and how our products protect our customers from these vulnerabilities, weaknesses and exploits.

Please see this forum post for an explanation of the categories used in this report

ASL users

Summary: Is the ASL defaults for apache security are used, no updates are required.

Already protect against/Known Method/No update required

WordPress Symposium Pro Social 15.12 XSS / CSRF
CVE-2015-8756
CVE-2015-8755
CVE-2015-8754
CVE-2015-5259
CVE-2016-1564
CVE-2016-1565
CVE-2016-1501
CVE-2016-1499
CVE-2016-1498
CVE-2015-8766
CVE-2015-8376
CVE-2015-7541
CVE-2015-7512 (Buffer overflow in QEMU)
CVE-2014-7151
CVE-2014-6444
CVE-2015-4694
CVE-2015-8761
CVE-2015-8760
CVE-2015-8759
CVE-2015-8758
CVE-2015-8757
CVE-2015-5259 (Heap based buffer overflow in subversion)

Not already protected against/New Method/Update Available

None.

Not already protected against/Doesnt protect against/Solution

None.

Potential Vulnerability/Solution

ASL disables MD5 and SHA1 for Apache by default. If the default settings are used, no patch is necessary. If the default settings are not used, patching is recommended for these CVEs:

CVE-2015-7575 (gnutls man-in-the-middle md5 downgrade attack)
CVE-2015-7575 (openssl man-in-the-middle md5 downgrade attack)

Note: at this time both of these vulnerabilities require a powerful adversary, so the risk is low at this time.

Rules only users

Summary: multiple operating system and support library vulnerabilities. See notes below.

Already protect against/Known Method/No update required

WordPress Symposium Pro Social 15.12 XSS / CSRFWordPress Symposium Pro Social 15.12 XSS / CSRF
CVE-2015-8756
CVE-2015-8755
CVE-2015-8754
CVE-2016-1564
CVE-2016-1565
CVE-2016-1501
CVE-2016-1499
CVE-2016-1498
CVE-2015-8766
CVE-2015-8376
CVE-2014-7151
CVE-2014-6444
CVE-2015-4694
CVE-2015-8761
CVE-2015-8760
CVE-2015-8759
CVE-2015-8758
CVE-2015-8757

Not already protected against/New Method/Update Available

None.

Not already protected against/Doesnt protect against/Solution

modsecurity can not protect against these vulnerabilities:

CVE-2015-5259 - patch available from vendor
CVE-2015-7541 - patch available from vendor
CVE-2015-7512 (Buffer overflow in QEMU) - patch available from vendor
CVE-2015-5259 (Heap based buffer overflow in subversion) - patch available from vendor

Potential Vulnerability/Solution

modsecurity can not protect against these vulnerabilities:

CVE-2015-7575 (gnutls man-in-the-middle md5 downgrade attack) - install patch from vendor or disable MD5 and SHA1 in all your protocol configurations.
CVE-2015-7575 (openssl man-in-the-middle md5 downgrade attack) - install patch from vendor or disable MD5 and SHA1 in all your protocol configurations.
Top
Post Reply

Return to “Security Alerts”