SSI-PSB-2015-03: ScopServ Vulnerability CVE-2014-1691 January 29, 2015 Addendum

In reference of our bulletin SSI-PSB-2015-01 and its first addendum, we are posting a second addendum. If you are uncertain that your server has been compromised, ScopServ has committed changes which will allow you to check for compromised directories. 2015-01-28 [XS] Add a shell script to compare installed files with filelist from RPM. To compare […]

Read More

SSI-PSB-2015-02: RedHat (CentOS 5.x) Vulnerability CVE-2015-0235

RedHat (CentOS 5.x) Vulnerability CVE-2015-0235 Red Hat Product Security has rated this update as having Critical security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Description: The glibc packages provide the standard C libraries (libc), POSIX thread […]

Read More

SSI-PSB-2015-01: ScopServ Vulnerability CVE-2014-1691 January 26, 2015

The Horde framework within a ScopTEL installation could be vulnerable as defined in the security advisory CVE-2014-1691. Description: Unsanitized variables are passed to the unserialize() PHP function. A remote attacker could specially-craft one of those variables allowing to load and execute malicious code. Required Action: In order to protect a ScopTEL installation from this vulnerability […]

Read More