SGMiner versions prior to 4.2.2, CGMiner versions prior to 4.3.5, and BFGMinter versions prior to 3.3.0 suffer from a heap overflow vulnerability.
09fe64a809470500313051676e9ad8121a80b770f8f0e2a32fe86b855437d207Red Hat Security Advisory 2014-0908-01 - Oracle Java SE version 6 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes several vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.
ffbd23e1ffa92495eb815c4ce9fe146ac8dbf2ad7faab7a36f44fbff8b6e6656Red Hat Security Advisory 2014-0907-01 - The java-1.6.0-openjdk packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Java Software Development Kit. It was discovered that the Hotspot component in OpenJDK did not properly verify bytecode from the class files. An untrusted Java application or applet could possibly use these flaws to bypass Java sandbox restrictions. A format string flaw was discovered in the Hotspot component event logger in OpenJDK. An untrusted Java application or applet could use this flaw to crash the Java Virtual Machine or, potentially, execute arbitrary code with the privileges of the Java Virtual Machine.
5d4dc327b258590b3b361bd36345fb85de08449993e8a79dc78af5a20677802dRed Hat Security Advisory 2014-0910-01 - Red Hat JBoss Operations Network is a middleware management solution that provides a single point of control to deploy, manage, and monitor JBoss Enterprise Middleware, applications, and services. This JBoss Operations Network 3.2.2 release serves as a replacement for JBoss Operations Network 3.2.1, and includes several bug fixes.
7af56d5dc9c292b2a0044d35f62a3d98324ab1a497e7002967f712beb2148fa0Ubuntu Security Notice 2293-1 - Francisco Alonso discovered that the CUPS web interface incorrectly validated permissions on rss files. A local attacker could possibly use this issue to bypass file permissions and read arbitrary files, possibly leading to a privilege escalation.
d0afde3f652695a582f8f83010eff7e3e04b687512bd57083978cd1bcf5e8994Debian Linux Security Advisory 2983-1 - Multiple security issues have been discovered in the Drupal content management system, ranging from denial of service to cross-site scripting.
938dadbb8de11e8c9f694b1d0aa220d43066d093cbf3007b9fcf5251f03c8315Debian Linux Security Advisory 2982-1 - Sean Griffin discovered two vulnerabilities in the PostgreSQL adapter for Active Record which could lead to SQL injection.
331d4543cf61c142535437ee8da640bf5b3deac8ea9130d339f2b0c9876eec7bElasticsearch Logstash versions 1.0.14 through 1.4.1 suffer from a remote command execution vulnerability.
af4c8c7dd3bc0722d099ec0c672298ee3ab08240c306a42f89bf7e33cf00c9e4Debian Linux Security Advisory 2981-1 - A flaw was discovered in PolarSSL, a lightweight crypto and SSL/TLS library, which can be exploited by a remote unauthenticated attacker to mount a denial of service against PolarSSL servers that offer GCM ciphersuites. Potentially clients are affected too if a malicious server decides to execute the denial of service attack against its clients.
70a09661641d33d05f9797403b7e62219e47c569aa44ffbd36977b7ab966a7afRed Hat Security Advisory 2014-0902-01 - Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes several vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page, listed in the References section.
4ace546ea206559cc98cd2aef0db993b4b386dbd1e5f16172795f73b65d03186Debian Linux Security Advisory 2980-1 - Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in the execution of arbitrary code, breakouts of the Java sandbox, information disclosure or denial of service.
08187320a4ba1735bf8be560260f5b3d0985e9194e9446e35aa071a22aca02b2Debian Linux Security Advisory 2979-1 - Two vulnerabilities were discovered in Fail2ban, a solution to ban hosts that cause multiple authentication errors. When using Fail2ban to monitor Postfix or Cyrus IMAP logs, improper input validation in log parsing could enable a remote attacker to trigger an IP ban on arbitrary addresses, resulting in denial of service.
663686ca280e9f3c71e71611cc65c7317ff186652c7a041a969f80c3fe0d6f6fEMC RecoverPoint Appliance (RPA) version 4.1 has the internal firewall disabled by default.
d477db475619a9a78485c60133655670df67bddd853ead619c333f71fc7eca27Cisco Security Advisory - A vulnerability in the web server used in multiple Cisco Wireless Residential Gateway products could allow an unauthenticated, remote attacker to exploit a buffer overflow and cause arbitrary code execution.
6968ff4fbb937eaac9473bb098851f61c4f66b3058d93aeac5e38d2623713836Ubuntu Security Notice 2290-1 - Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol (L2TP). A local user could exploit this flaw to gain administrative privileges. It was discovered that an information leak in the Linux kernel's media- device driver. A local attacker could exploit this flaw to obtain sensitive information from kernel memory. A bounds check error was discovered in the socket filter subsystem of the Linux kernel. A local user could exploit this flaw to cause a denial of service (system crash) via crafted BPF instructions. Various other issues were also addressed.
d08146b9fea95b5609bae004d574e7ab893d68c13196106b2acc630dcddde5beUbuntu Security Notice 2288-1 - Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol (L2TP). A local user could exploit this flaw to gain administrative privileges. An information leak was discovered in the Linux kernel's media-device driver. A local attacker could exploit this flaw to obtain sensitive information from kernel memory. A bounds check error was discovered in the socket filter subsystem of the Linux kernel. A local user could exploit this flaw to cause a denial of service (system crash) via crafted BPF instructions. Various other issues were also addressed.
762c3e6b6422023b0cf7a2e4570f032da29fd554adfd4933d7c81ac2791e2d59Ubuntu Security Notice 2287-1 - Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol (L2TP). A local user could exploit this flaw to gain administrative privileges. Michael S. Tsirkin discovered an information leak in the Linux kernel's segmentation of skbs when using the zerocopy feature of vhost-net. A local attacker could exploit this flaw to gain potentially sensitive information from kernel memory. Various other issues were also addressed.
94ee00bc3e51eee0cab2b52407443420b1915d25bdf54bb8483c9baf7e584422Ubuntu Security Notice 2286-1 - Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol (L2TP). A local user could exploit this flaw to gain administrative privileges. Michael S. Tsirkin discovered an information leak in the Linux kernel's segmentation of skbs when using the zerocopy feature of vhost-net. A local attacker could exploit this flaw to gain potentially sensitive information from kernel memory. Various other issues were also addressed.
a5ef90e192f25e88bdc05dfdee78ce4c2c01c37086253de1e44f5916378ea6d5Ubuntu Security Notice 2285-1 - Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol (L2TP). A local user could exploit this flaw to gain administrative privileges. Michael S. Tsirkin discovered an information leak in the Linux kernel's segmentation of skbs when using the zerocopy feature of vhost-net. A local attacker could exploit this flaw to gain potentially sensitive information from kernel memory. Various other issues were also addressed.
53e0798c2145b912fe223a7d42f93aed871de378ec27bac50506de03da6f050fUbuntu Security Notice 2284-1 - Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol (L2TP). A local user could exploit this flaw to gain administrative privileges. Michael S. Tsirkin discovered an information leak in the Linux kernel's segmentation of skbs when using the zerocopy feature of vhost-net. A local attacker could exploit this flaw to gain potentially sensitive information from kernel memory. Various other issues were also addressed.
65de288e89273b4a19a71abb156d0c8a5e22311920ee9d2e00adb2f15336ac60Ubuntu Security Notice 2283-1 - Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol (L2TP). A local user could exploit this flaw to gain administrative privileges. Michael S. Tsirkin discovered an information leak in the Linux kernel's segmentation of skbs when using the zerocopy feature of vhost-net. A local attacker could exploit this flaw to gain potentially sensitive information from kernel memory. Various other issues were also addressed.
51f7353dddebbf98d96c1d6defd1a3d69f1782559d7243fa23fd748f4b653195Ubuntu Security Notice 2292-1 - It was discovered that the LWP::Protocol::https perl module incorrectly disabled peer certificate verification completely when only hostname verification was requested to be disabled. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could possibly be exploited in certain scenarios to alter or compromise confidential information in applications that used the LWP::Protocol::https module.
04124159814afda52855f16ba5f872746057725d6ed57e3e9e8e74d49f9a14f0Red Hat Security Advisory 2014-0900-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel's futex subsystem handled the requeuing of certain Priority Inheritance futexes. A local, unprivileged user could use this flaw to escalate their privileges on the system. A flaw was found in the way the Linux kernel's floppy driver handled user space provided data in certain error code paths while processing FDRAWCMD IOCTL commands. A local user with write access to /dev/fdX could use this flaw to free function) arbitrary kernel memory.
93d4f43f287c1cf23493c2e022072560eb159a8f9435a1c0e2e7ec757823346eUbuntu Security Notice 2291-1 - Multiple security issues were discovered in MySQL and this update includes a new upstream MySQL version to fix these issues. MySQL has been updated to 5.5.38. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Various other issues were also addressed.
723e8cb6fd677790ef2622722d59af916bd5e27e09651422f5ca6aaa4e08b132Ubuntu Security Notice 2282-1 - Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol (L2TP). A local user could exploit this flaw to gain administrative privileges. A flaw was discovered in the Linux kernel's audit subsystem when auditing certain syscalls. A local attacker could exploit this flaw to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS). Various other issues were also addressed.
7576ac5f9418fb22970fae92bda3060de5c7f880fb96a5b9f8bf23edeaa5a089
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed