FreeBSD Security Advisory - A malicious client can negotiate SSLv2 ciphers that have been disabled on the server and complete SSLv2 handshakes even if all SSLv2 ciphers have been disabled, provided that the SSLv2 protocol was not also disabled via SSL_OP_NO_SSLv2. An active MITM attacker may be able to force a protocol downgrade to SSLv2, which is a flawed protocol and intercept the communication between client and server.
827e9ad8f6704f864f01a7b83b9a552d36a3e9f6236faf2b0176021619eee998Gentoo Linux Security Advisory 201601-5 - Multiple vulnerabilities have been found in OpenSSL, allowing remote attackers to disclose sensitive information and complete weak handshakes. Versions less than 1.0.2f are affected.
3e4a19fb2f2cd2aa82d1304dd1ac46b284296f7ad05d6f86c70a3baddba1a5cbHP Security Bulletin HPSBHF03539 1 - Vulnerabilities in OpenSSH and ISC BIND were addressed by HPE VCX. The vulnerabilities could be exploited remotely resulting in Denial of Service (DoS). Revision 1 of this advisory.
58fee4a06d3f5edda1809be66e0702659884cd9a5e2567b6665e9ab43eea6133HP Security Bulletin HPSBGN03533 1 - A potential security vulnerability in the TLS protocol was addressed by the HPE Cloud Service Automation and Codar products. This vulnerability known as "Logjam" could be exploited remotely to allow unauthorized modification. Revision 1 of this advisory.
cf6069c0991822da440b819958e83439853f867586477a6e76b4e2c258ec3eceHP Security Bulletin HPSBOV03540 1 - Potential security vulnerabilities have been identified with the OpenVMS TCPIP Bind Services and OpenVMS TCPIP IPC Services for OpenVMS. These vulnerabilities could be exploited remotely resulting in execution of code with the privileges of Bind, disclosure of information, or cause a Denial of Service (DoS). Revision 1 of this advisory.
172ff73cf346da8d896484da1bbb74a962da41e89f917e23789840d3a1898675HP Security Bulletin HPSBHF03510 1 - A potential security vulnerability has been identified in HP Integrated Lights Out 2/3/4. The TLS vulnerability using US export-grade 512-bit keys in Diffie-Hellman key exchange known as "Logjam" could be exploited remotely to allow unauthorized modification. Unlike the TLS server-side version of Logjam, this vulnerability affects the client-side TLS connection on iLO, or when the iLO acts as a client in a client-server connection. Revision 1 of this advisory.
199db3ee349f25e9e2fdaf21db7af5a54640ca7785affe30de49926d26d552e8HP Security Bulletin HPSBHF03419 3 - A potential security vulnerability has been identified in HPE Networking Products. This is a Virtual routing and forwarding (VRF) hopping vulnerability that could be exploited remotely resulting in Denial of Service (DoS) or unauthorized access. Note: This vulnerability could be exploited remotely as a result of the following network interface conditions: VRF (Virtual Routing and Forwarding) is enabled. MPLS (Multiprotocol Label Switching) is disabled. MPLS-labeled packets are received that match FIB (Forwarding Information Base) entries. When all the above conditions exist, the interface could incorrectly forward the MPLS-labeled packets. Revision 3 of this advisory.
d12057a6756234c7135ccc5f772d5eb69b1f112e1fef08ddd290a77f5c0932b8HP Security Bulletin HPSBGN03542 1 - A vulnerability in Apache Commons Collections for handling Java object deserialization was addressed by HPE Operations Manager for Windows. The vulnerability could be exploited remotely to allow remote code execution. Revision 1 of this advisory.
f393ae1ffb7884abbf8bc85c4778f72a5961128df05dd3cc435aec1682afd7ebSome partition-level operations exist that do not explicitly also authorize privileges of the parent table. This can lead to issues when the parent table would have denied the operation, but no denial occurs because the partition-level privilege is not checked by the authorization framework, which defines authorization entities only from the table level upwards. This issue is known to affect Hive clusters protected by both Ranger as well as SqlStdHiveAuthorization. Apache Hive versions 1.0.0 through 1.0.1, 1.1.0 through 1.1.1, and 1.2.0 through 1.2.1 are affected.
1e3f7eddd341045ea6ba03ec5ed1a303d3cb2b39f09dc8a24cf4afaabbfcad13HP Security Bulletin HPSBHF03538 1 - Potential security vulnerabilities in Adobe Flash have been addressed with HPE iMC Service Health Manager (SHM), and iMC PLAT. The vulnerabilities could be exploited remotely resulting in execution of code or Denial of Service (DoS). Revision 1 of this advisory.
021fafb148eaa7499368e2f492a72e294ccb2bb8b74ab1e934650ab7292fb145HP Security Bulletin HPSBHF03535 3 - Potential security vulnerabilities in Adobe Flash have been addressed with HPE iMC Service Health Manager (SHM) and iMC PLAT. The vulnerabilities could be exploited remotely resulting in execution of code, Denial of Service (DoS), or other impacts to affect confidentiality, integrity, and availability. Revision 3 of this advisory.
f3a3c76102909b14ccbb8a9688572e5d7ba30e69104f6f891e6671e9e131ecfeRed Hat Security Advisory 2016-0087-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM. A use-after-free flaw was found in the way QEMU's IDE AHCI emulator processed certain AHCI Native Command Queuing AIO commands. A privileged guest user could use this flaw to crash the QEMU process instance or, potentially, execute arbitrary code on the host with privileges of the QEMU process. An out-of-bounds read/write flaw was discovered in the way QEMU's Firmware Configuration device emulation processed certain firmware configurations. A privileged guest user could use this flaw to crash the QEMU process instance or, potentially, execute arbitrary code on the host with privileges of the QEMU process.
3820fd476567719de351da2299fbe4bbb27515daea34691f91beda9b7521fb27Red Hat Security Advisory 2016-0085-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM. An out-of-bounds read/write flaw was discovered in the way QEMU's Firmware Configuration device emulation processed certain firmware configurations. A privileged guest user could use this flaw to crash the QEMU process instance or, potentially, execute arbitrary code on the host with privileges of the QEMU process.
6a8b228c7f7ac858e4fc3a7da5d5c7078daa6a89a200f48db62e6d5a70624587Debian Linux Security Advisory 3459-1 - Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5.5.47.
da2533bd907db169ae2f66df4819e0c401cdf4bdb46df06b257607a11de1d1b7Red Hat Security Advisory 2016-0084-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM. A use-after-free flaw was found in the way QEMU's IDE AHCI emulator processed certain AHCI Native Command Queuing AIO commands. A privileged guest user could use this flaw to crash the QEMU process instance or, potentially, execute arbitrary code on the host with privileges of the QEMU process. An out-of-bounds read/write flaw was discovered in the way QEMU's Firmware Configuration device emulation processed certain firmware configurations. A privileged guest user could use this flaw to crash the QEMU process instance or, potentially, execute arbitrary code on the host with privileges of the QEMU process.
345177f0cf55d591fe71f1727452cef76790bb5ab1bdb3638b78e5db1226db71Red Hat Security Advisory 2016-0081-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM. An out-of-bounds read/write flaw was discovered in the way QEMU's Firmware Configuration device emulation processed certain firmware configurations. A privileged guest user could use this flaw to crash the QEMU process instance or, potentially, execute arbitrary code on the host with privileges of the QEMU process.
d54dc699dcc4e5ba779d922eeb309a8a66d46295779e7bbaf1b6371542a050c5Red Hat Security Advisory 2016-0083-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. An out-of-bounds read/write flaw was discovered in the way QEMU's Firmware Configuration device emulation processed certain firmware configurations. A privileged guest user could use this flaw to crash the QEMU process instance or, potentially, execute arbitrary code on the host with privileges of the QEMU process.
f4f6a7d578b2f8bff6aa66b4fda7c3c24a1838a9204bd8a6e06ddb721d74d19bRed Hat Security Advisory 2016-0086-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM. A use-after-free flaw was found in the way QEMU's IDE AHCI emulator processed certain AHCI Native Command Queuing AIO commands. A privileged guest user could use this flaw to crash the QEMU process instance or, potentially, execute arbitrary code on the host with privileges of the QEMU process. An out-of-bounds read/write flaw was discovered in the way QEMU's Firmware Configuration device emulation processed certain firmware configurations. A privileged guest user could use this flaw to crash the QEMU process instance or, potentially, execute arbitrary code on the host with privileges of the QEMU process.
1f735938caae62235e229534357ef3cb76856379fa4746d6dfb59feceb2eeccdRed Hat Security Advisory 2016-0088-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM. A use-after-free flaw was found in the way QEMU's IDE AHCI emulator processed certain AHCI Native Command Queuing AIO commands. A privileged guest user could use this flaw to crash the QEMU process instance or, potentially, execute arbitrary code on the host with privileges of the QEMU process. An out-of-bounds read/write flaw was discovered in the way QEMU's Firmware Configuration device emulation processed certain firmware configurations. A privileged guest user could use this flaw to crash the QEMU process instance or, potentially, execute arbitrary code on the host with privileges of the QEMU process.
d8e10c4d65d65c2dd27803180c3cc659df0c29034115fc9f4afe9dd2720a940aRed Hat Security Advisory 2016-0082-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. An out-of-bounds read/write flaw was discovered in the way QEMU's Firmware Configuration device emulation processed certain firmware configurations. A privileged guest user could use this flaw to crash the QEMU process instance or, potentially, execute arbitrary code on the host with privileges of the QEMU process.
6b6e24c0b304d0c5b0addad0abdaff28108fc84bdbb91c858cec78145c3065d5Debian Linux Security Advisory 3458-1 - Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in breakouts of the Java sandbox, information disclosure, denial of service and insecure cryptography.
71952ffb0edce52eb3f3977140f4a70b5889c5d9461d6dd1c07e0dee27f89ef4Debian Linux Security Advisory 3457-1 - Multiple security issues have been found in Iceweasel, Debian's version buffer overflow may lead to the execution of arbitrary code. In addition the bundled NSS crypto library addresses the SLOTH attack on TLS 1.2.
47ebcd604f74922f2aca43d66c7f6c900e0605150ba8c67b8a408a6ecbc74d09Ubuntu Security Notice 2882-1 - Isaac Boukris discovered that curl could incorrectly re-use NTLM proxy credentials when subsequently connecting to the same host.
202f0ab95ab315c80b438c9593be5edd48993ea7253c35de09ef333b8372aae6Cisco Security Advisory - A vulnerability in the web-based management interface of Cisco RV220W Wireless Network Security Firewall devices could allow an unauthenticated, remote attacker to bypass authentication and gain administrative privileges on a targeted device. The vulnerability is due to insufficient input validation of HTTP request headers that are sent to the web-based management interface of an affected device. An unauthenticated, remote attacker could exploit this vulnerability by sending a crafted HTTP request that contains malicious SQL statements to the management interface of a targeted device. Depending on whether remote management is configured for the device, the management interface may use the SQL code in the HTTP request header to determine user privileges for the device. A successful exploit could allow the attacker to bypass authentication on the management interface and gain administrative privileges on the device. Cisco released a firmware update that addresses this vulnerability. There are workarounds that mitigate this vulnerability.
2281b657e0937097f15ae7278e92928c16122d125bc334429f23c131ec767d4dCisco Security Advisory - A vulnerability in the Common Internet File System (CIFS) optimization feature of the Cisco Wide Area Application Service (WAAS) device could allow an unauthenticated, remote attacker to perform a resource consumption attack which, could result in a complete denial of service (DoS) condition. The vulnerability is due to insufficient flow handling of incoming CIFS traffic. An attacker could exploit this vulnerability by sending malicious traffic designed to trigger the vulnerability. An exploit could allow the attacker to cause a DoS condition by exhausting system buffering resources, resulting in a reload of the affected device.
2715d13cf76692d67920e23b151a377b19a7661e7d9c847e77de82e2caad3f1c
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed