Date: Wed, 28 Nov 2018 19:57:29 +0000 (UTC) From: Kurt Jaeger <pi@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r486144 - head/security/vuxml Message-ID: <201811281957.wASJvTb7092011@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: pi Date: Wed Nov 28 19:57:29 2018 New Revision: 486144 URL: https://svnweb.freebsd.org/changeset/ports/486144 Log: security/vuxml: document www/payara vulnerabilities PR: 233573 Submitted by: Dmytro Bilokha <dmytro@posteo.net> Modified: head/security/vuxml/vuln.xml Modified: head/security/vuxml/vuln.xml ============================================================================== --- head/security/vuxml/vuln.xml Wed Nov 28 19:22:56 2018 (r486143) +++ head/security/vuxml/vuln.xml Wed Nov 28 19:57:29 2018 (r486144) @@ -58,6 +58,169 @@ Notes: * Do not forget port variants (linux-f10-libxml2, libxml2, etc.) --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">; + <vuln vid="93f8e0ff-f33d-11e8-be46-0019dbb15b3f"> + <topic>payara -- Default typing issue in Jackson Databind</topic> + <affects> + <package> + <name>payara</name> + <range><eq>4.1.2.181.3</eq></range> + <range><eq>4.1.2.182</eq></range> + <range><eq>5.181.3</eq></range> + <range><eq>5.182</eq></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml">; + <blockquote cite="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7489">; + <p>FasterXML jackson-databind before 2.8.11.1 and 2.9.x before + 2.9.5 allows unauthenticated remote code execution because of + an incomplete fix for the CVE-2017-7525 deserialization flaw. + This is exploitable by sending maliciously crafted JSON input + to the readValue method of the ObjectMapper, bypassing a + blacklist that is ineffective if the c3p0 libraries are + available in the classpath.</p> + </blockquote> + </body> + </description> + <references> + <url>https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7489</url>; + <cvename>CVE-2018-7489</cvename> + </references> + <dates> + <discovery>2018-02-26</discovery> + <entry>2018-11-28</entry> + </dates> + </vuln> + + <vuln vid="22bc5327-f33f-11e8-be46-0019dbb15b3f"> + <topic>payara -- Code execution via crafted PUT requests to JSPs</topic> + <affects> + <package> + <name>payara</name> + <range><eq>4.1.2.174</eq></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml">; + <blockquote cite="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12615">; + <p>When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP + PUTs enabled (e.g. via setting the readonly initialisation + parameter of the Default to false) it was possible to upload a + JSP file to the server via a specially crafted request. This + JSP could then be requested and any code it contained would be + executed by the server.</p> + </blockquote> + </body> + </description> + <references> + <url>https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12615</url>; + <cvename>CVE-2017-12615</cvename> + </references> + <dates> + <discovery>2017-08-07</discovery> + <entry>2018-11-28</entry> + </dates> + </vuln> + + <vuln vid="d70c9e18-f340-11e8-be46-0019dbb15b3f"> + <topic>payara -- Multiple vulnerabilities</topic> + <affects> + <package> + <name>payara</name> + <range><eq>4.1.2.173</eq></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml">; + <blockquote cite="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000031">; + <p>Apache Commons FileUpload before 1.3.3 + DiskFileItem File Manipulation Remote Code Execution.</p> + </blockquote> + <blockquote cite="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3239">; + <p>Vulnerability in the Oracle GlassFish Server component of + Oracle Fusion Middleware (subcomponent: Administration). + Supported versions that are affected are 3.0.1 and 3.1.2. + Easily exploitable vulnerability allows low privileged attacker + with logon to the infrastructure where Oracle GlassFish Server + executes to compromise Oracle GlassFish Server. Successful + attacks of this vulnerability can result in unauthorized read + access to a subset of Oracle GlassFish Server accessible data. + CVSS v3.0 Base Score 3.3 (Confidentiality impacts).</p> + </blockquote> + <blockquote cite="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3247">; + <p>Vulnerability in the Oracle GlassFish Server component of Oracle + Fusion Middleware (subcomponent: Core). Supported versions that + are affected are 2.1.1, 3.0.1 and 3.1.2. Easily exploitable + vulnerability allows unauthenticated attacker with network access + via SMTP to compromise Oracle GlassFish Server. Successful + attacks require human interaction from a person other than the + attacker. Successful attacks of this vulnerability can result in + unauthorized update, insert or delete access to some of Oracle + GlassFish Server accessible data. CVSS v3.0 Base Score 4.3 + (Integrity impacts).</p> + </blockquote> + <blockquote cite="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3249">; + <p>Vulnerability in the Oracle GlassFish Server component of + Oracle Fusion Middleware (subcomponent: Security). Supported + versions that are affected are 2.1.1, 3.0.1 and 3.1.2. + Easily exploitable vulnerability allows unauthenticated attacker + with network access via LDAP to compromise Oracle GlassFish Server. + Successful attacks of this vulnerability can result in unauthorized + update, insert or delete access to some of Oracle GlassFish Server + accessible data as well as unauthorized read access to a subset of + Oracle GlassFish Server accessible data and unauthorized ability + to cause a partial denial of service (partial DOS) of Oracle + GlassFish Server. CVSS v3.0 Base Score 7.3 (Confidentiality, + Integrity and Availability impacts).</p> + </blockquote> + <blockquote cite="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3250">; + <p>Vulnerability in the Oracle GlassFish Server component of Oracle + Fusion Middleware (subcomponent: Security). Supported versions that + are affected are 2.1.1, 3.0.1 and 3.1.2. Easily exploitable + vulnerability allows unauthenticated attacker with network access + via HTTP to compromise Oracle GlassFish Server. Successful attacks + of this vulnerability can result in unauthorized update, insert or + delete access to some of Oracle GlassFish Server accessible data as + well as unauthorized read access to a subset of Oracle GlassFish + Server accessible data and unauthorized ability to cause a partial + denial of service (partial DOS) of Oracle GlassFish Server. + CVSS v3.0 Base Score 7.3 (Confidentiality, Integrity and + Availability impacts).</p> + </blockquote> + <blockquote cite="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5528">; + <p>Vulnerability in the Oracle GlassFish Server component of Oracle + Fusion Middleware (subcomponent: Security). Supported versions that + are affected are 2.1.1, 3.0.1 and 3.1.2. Difficult to exploit + vulnerability allows unauthenticated attacker with network access + via multiple protocols to compromise Oracle GlassFish Server. While + the vulnerability is in Oracle GlassFish Server, attacks may + significantly impact additional products. Successful attacks of this + vulnerability can result in takeover of Oracle GlassFish Server. + CVSS v3.0 Base Score 9.0 (Confidentiality, Integrity and + Availability impacts).</p> + </blockquote> + </body> + </description> + <references> + <url>http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000031</url>; + <cvename>CVE-2016-1000031</cvename> + <url>https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3239</url>; + <cvename>CVE-2017-3239</cvename> + <url>https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3247</url>; + <cvename>CVE-2017-3247</cvename> + <url>https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3249</url>; + <cvename>CVE-2017-3249</cvename> + <url>https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3250</url>; + <cvename>CVE-2017-3250</cvename> + <url>https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5528</url>; + <cvename>CVE-2016-5528</cvename> + </references> + <dates> + <discovery>2016-06-16</discovery> + <entry>2018-11-28</entry> + </dates> + </vuln> + <vuln vid="8a4aba2d-f33e-11e8-9416-001b217b3468"> <topic>Gitlab -- Multiple vulnerabilities</topic> <affects>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201811281957.wASJvTb7092011>