Red Hat Security Advisory 2014-0994-01 - The OpenStack Identity service authenticates and authorizes OpenStack users by keeping track of users and their permitted activities. The Identity service supports multiple forms of authentication, including user name and password credentials, token-based systems, and AWS-style logins. A flaw was found in keystone's chained delegation. A trustee able to create a delegation from a trust or an OAuth token could misuse identity impersonation to bypass the enforced scope, possibly allowing them to obtain elevated privileges to the trustor's projects and roles.
949f06302ebdd15da42d9c4bdee91521c3c370bd2d54ff6ea4bcf79a5f68e7ed
Ubuntu Security Notice 2304-1 - It was discovered that kauth was using polkit in an unsafe manner. A local attacker could possibly use this issue to bypass intended polkit authorizations.
7c89b70af19ac1649bedc4af2973ae7a0695ffbea57fdb9ce67c26a5df6ad153
Ubuntu Security Notice 2303-1 - It was discovered that in certain circumstances Unity failed to successfully grab the keyboard when switching to the lock screen. A local attacker could possibly use this issue to run commands, and unlock the current session.
eb7b8a8bb6ab99c23cd914fc4c3a266681936599f391e8324b01f671abd6a2a2
Mandriva Linux Security Advisory 2014-144 - The live555 RTSP streaming server and client libraries before 2013.11.29 are vulnerable to buffer overflows in RTSP command parsing that potentially allow for arbitrary code execution when connected to a malicious client or server.
53dd71b46de909c852986127d7647538e45baf8456c5132bc8658a346d36743a
Mandriva Linux Security Advisory 2014-143 - Multiple vulnerabilities has been discovered and corrected in phpmyadmin. Cross-site scripting vulnerability in the PMA_getHtmlForActionLinks function in libraries/structure.lib.php in phpMyAdmin 4.2.x before 4.2.6 allows remote authenticated users to inject arbitrary web script or HTML via a crafted table comment that is improperly handled during construction of a database structure page. Cross-site scripting vulnerability in the PMA_TRI_getRowForList function in libraries/rte/rte_list.lib.php in phpMyAdmin 4.0.x before 4.0.10.1, 4.1.x before 4.1.14.2, and 4.2.x before 4.2.6 allows remote authenticated users to inject arbitrary web script or HTML via a crafted trigger name that is improperly handled on the database triggers page. Multiple cross-site scripting vulnerabilities in js/functions.js in phpMyAdmin 4.0.x before 4.0.10.1, 4.1.x before 4.1.14.2, and 4.2.x before 4.2.6 allow remote authenticated users to inject arbitrary web script or HTML via a crafted column name that is improperly handled during construction of an AJAX confirmation message. server_user_groups.php in phpMyAdmin 4.1.x before 4.1.14.2 and 4.2.x before 4.2.6 allows remote authenticated users to bypass intended access restrictions and read the MySQL user list via a viewUsers request. This upgrade provides the latest phpmyadmin version to address these vulnerabilities.
b2f6ad263b0fb7a8fe5141ff3b59e1af4f3a8645dc84d6ed7677a33d39f72eae
Mandriva Linux Security Advisory 2014-142 - A race condition flaw, leading to heap-based buffer overflows, was found in the mod_status httpd module. A remote attacker able to access a status page served by mod_status on a server using a threaded Multi-Processing Module could send a specially crafted request that would cause the httpd child process to crash or, possibly, allow the attacker to execute arbitrary code with the privileges of the apache user. A denial of service flaw was found in the way httpd's mod_deflate module handled request body decompression (configured via the DEFLATE input filter. A remote attacker able to send a request whose body would be decompressed could use this flaw to consume an excessive amount of system memory and CPU on the target system. A denial of service flaw was found in the way httpd's mod_cgid module executed CGI scripts that did not read data from the standard input. A remote attacker could submit a specially crafted request that would cause the httpd child process to hang indefinitely.
6643c25c7b920a477f9ecad591516b72e4c07aed6b35d1aaad3b6ab25aeab395
HP Security Bulletin HPSBMU03078 - A potential security vulnerability has been identified with HP CloudSystem Foundation and HP CloudSystem Enterprise software running OpenSSL. This vulnerability could be exploited remotely resulting in unauthorized access or disclosure of information. Revision 1 of this advisory.
5d6e7f71334eb28a670d0f277f242ae20b0a2096b54f07c19dcf6c90772314f2
Debian Linux Security Advisory 2992-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation.
b301d9f7ff1c8b9091708894011578d9ffcace82fa2e17ac8e78f3fb69432557
Ubuntu Security Notice 2302-1 - David Jorm discovered that Tomcat incorrectly handled certain requests submitted using chunked transfer encoding. A remote attacker could use this flaw to cause the Tomcat server to consume resources, resulting in a denial of service. It was discovered that Tomcat did not properly restrict XSLT stylesheets. An attacker could use this issue with a crafted web application to bypass security-manager restrictions and read arbitrary files. Various other issues were also addressed.
189666d0fdd5b8688f20b755f3d2d041a8e8b55574843f3c4d5cef703fe3b976
Mandriva Linux Security Advisory 2014-140 - Owncloud versions 5.0.17 and 6.0.4 fix an unspecified security vulnerability, as well as many other bugs.
367ab066b22696b50ca46161ca38e28db8f30f3ee2f7ccdcce8b90c7d3e63a18
Mandriva Linux Security Advisory 2014-141 - It was discovered that the Hotspot component in OpenJDK did not properly verify bytecode from the class files. An untrusted Java application or applet could possibly use these flaws to bypass Java sandbox restrictions. A format string flaw was discovered in the Hotspot component event logger in OpenJDK. An untrusted Java application or applet could use this flaw to crash the Java Virtual Machine or, potentially, execute arbitrary code with the privileges of the Java Virtual Machine. Multiple improper permission check issues were discovered in the Libraries component in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions ,. Multiple flaws were discovered in the JMX, Libraries, Security, and Serviceability components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. It was discovered that the RSA algorithm in the Security component in OpenJDK did not sufficiently perform blinding while performing operations that were using private keys. An attacker able to measure timing differences of those operations could possibly leak information about the used keys. The Diffie-Hellman key exchange algorithm implementation in the Security component in OpenJDK failed to validate public DH parameters properly. This could cause OpenJDK to accept and use weak parameters, allowing an attacker to recover the negotiated key. This update is based on IcedTea version 2.5.1, which fixes these issues, as well as several others.
410a89a0f8916dd51868002b877ca25334db121005a195e78ff78eaf6e2697fd
Mandriva Linux Security Advisory 2014-139 - Use-after-free vulnerability in the CERT_DestroyCertificate function in libnss3.so in Mozilla Network Security Services 3.x, as used in Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, allows remote attackers to execute arbitrary code via vectors that trigger certain improper removal of an NSSCertificate structure from a trust domain. The updated packages have been upgraded to the latest NSS versions which is not vulnerable to this issue.
3d98eba8862e8bda7926d387ee30decd2d5596f62890e780121cd4d4a07565da
Onapsis Security Advisory - SAP BW-SYS-DB-DB4 component contains a remote-enabled RFC function that does not perform authorization checks prior to retrieving sensitive information.
51b510290e9cdab39a4eb560d76f8a1a92ad4e2479c00ecb93a399c7bd8fc80a
Onapsis Security Advisory - The SAP HANA XS Administration Tool can be abused by potential attackers, allowing them to modify displayed application content without authorization, and to potentially obtain authentication information from other legitimate users.
c6ed0fc760014885e4e1f29f5add689e261aa09131bbce902c5032d4d1638bfd
Onapsis Security Advisory - SAP FI Manager Self-Service contains a hardcoded username which could allow a user to access functions or information that should be restricted.
6af964bfb323ace71af49db49e9c09318bd3bd26ffd097eee87a3bcf28af33bb
Onapsis Security Advisory - SAP_JTECHS suffers from an HTTP verb tampering vulnerability. By exploiting this vulnerability, a remote unauthenticated attacker would be able to access restricted functionality and information. SAP Solution Manager 7.1 is affected.
6580ff640350c05f48f65976b0b95f4281af8ee4134bb35be5c0dfed235ecb75
Onapsis Security Advisory - SAP HANA IU5 SDK Application does not enforce any authentication when it is explicitly configured. It could allow an anonymous user to access functions or information that should be restricted.
012319929550f40aff45210c9e107a59b2e67cadbe0eba2ea67d08b03dc14274
Onapsis Security Advisory - SAP HANA XS does not enforce any encryption in the form based authentication. It could allow an anonymous user to get information such as valid credentials from network traffic, gaining access into the system.
3c59882224f4e683e1189c962e0c8f1e472ad02e008d6bd4c6be59028fba9d6b
Siemens SIMATIC WinCC versions prior to 7.3 suffer from unauthenticated access, privilege escalation, and hard-coded encryption key vulnerabilities.
7b2386094198c589bb175e6f6352b3527830abc474c16d1dbe09639309362020
Red Hat Security Advisory 2014-0981-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A use-after-free flaw was found in the way the ping_init_sock() function of the Linux kernel handled the group_info reference counter. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system. A NULL pointer dereference flaw was found in the way the futex_wait_requeue_pi() function of the Linux kernel's futex subsystem handled the requeuing of certain Priority Inheritance futexes. A local, unprivileged user could use this flaw to crash the system.
de80732b0357d6b9f6be6f8c9e7da59e5a32c6ff3a767b3625c79cfd20dbec82
Red Hat Security Advisory 2014-0979-01 - The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine hypervisor. It includes everything necessary to run and manage virtual machines: a subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. Note: Red Hat Enterprise Virtualization Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions. It was found that NSS accepted weak Diffie-Hellman Key exchange parameters. This could possibly lead to weak encryption being used in communication between the client and the server.
7e472af39243b2111c21f2041f546e46ac85697a4ad1633bc4b0836a92c7ee63
Red Hat Security Advisory 2014-0982-01 - This update corrects several security vulnerabilities in the IBM Java Runtime Environment shipped as part of Red Hat Network Satellite Server 5.4, 5.5, and 5.6. In a typical operating environment, these are of low security risk as the runtime is not used on untrusted applets. Several flaws were fixed in the IBM Java 2 Runtime Environment.
b4ddf444c5203044fecdf2fbe1d797919572413a3765151f718ef34faded1004
HP Security Bulletin HPSBGN02936 - A potential security vulnerability has been identified with HP and H3C VPN Firewall Module Products. The vulnerability could be remotely exploited resulting in a Denial of Service (DoS). Revision 1 of this advisory.
edff2d81ce7184365529aef787166593faca72b38d334fdef41d69d33eb4d493
Parallels Tools version 9.0 for Windows suffers from an unquoted search path local privilege escalation vulnerability.
4ac561e0a8ae43976d960ffd7ca304c4850b8d9c8ae4062502ad7e6f64ca3b20
Web Encryption Extension (WEE) suffers from an authentication bypass vulnerability.
d5595fa91a8fa0538252e28f43e88473d0efbfa67e816fb5451770506195f0b3