Cisco Security Advisory - A vulnerability in the web framework of Cisco Unified Computing System (UCS) Central Software could allow an unauthenticated, remote attacker to execute arbitrary commands on a targeted system. The vulnerability is due to improper input validation by the affected software. An attacker could exploit this vulnerability by sending a malicious HTTP request to an affected system. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
2e6d030fae5d28b76ac8736016fce9f068231a0fdf92d0a4a48686c89aceba6fDebian Linux Security Advisory 3548-2 - The upgrade to Samba 4.2 issued as DSA-3548-1 introduced a packaging regression causing an additional dependency on the samba binary package for the samba-libs, samba-common-bin, python-samba and samba-vfs-modules binary packages. Updated packages are now available to address this problem.
af50d04b296b06f28fa050a688f99a7b316167b8c46b06c89022bfc29068b18eDebian Linux Security Advisory 3548-1 - Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix.
7a6a72fc4b7668bd8cbc57c97d60464eeffdb556c75c1914e8530a1e6d416eb8Red Hat Security Advisory 2016-0612-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. The following packages have been upgraded to a newer upstream version: Samba.
ffbf714b0edd288eeaf89811100e15d4b6b63a95aa4b7b155086d46d5b7e484aRed Hat Security Advisory 2016-0618-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. The following packages have been upgraded to a newer upstream version: Samba.
2ef3378782b2bc3031aa0f55cbc9dc7d137916e7c132e676b32ed6eddb2e01c8Red Hat Security Advisory 2016-0614-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. The following packages have been upgraded to a newer upstream version: Samba.
28b70dba8ec3f6d0feaab4a731c2c94f34f0c5f334aa07d08384ce1e210bdf87Red Hat Security Advisory 2016-0625-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix: A protocol flaw, publicly referred to as Badlock, was found in the Security Account Manager Remote Protocol and the Local Security Authority Remote Protocol. Any authenticated DCE/RPC connection that a client initiates against a server could be used by a man-in-the-middle attacker to impersonate the authenticated user against the SAMR or LSA service on the server. As a result, the attacker would be able to get read/write access to the Security Account Manager database, and use this to reveal all passwords or any other potentially sensitive information in that database.
ff28c74c3e9ee7ca93fb17e35f33b850df2eaf1ee08ce8f0366ddf8a1aa08d95Red Hat Security Advisory 2016-0620-01 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. The following packages have been upgraded to a newer upstream version: Samba.
5f6d3d79919da700baf4893a8263b2e74e4c710da66d005f53851d9b19cbfadcRed Hat Security Advisory 2016-0624-01 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. Security Fix: Multiple flaws were found in Samba's DCE/RPC protocol implementation. A remote, authenticated attacker could use these flaws to cause a denial of service against the Samba server or, possibly, execute arbitrary code with the permissions of the user running Samba. This flaw could also be used to downgrade a secure DCE/RPC connection by a man-in-the-middle attacker taking control of an Active Directory object and compromising the security of a Samba Active Directory Domain Controller.
ea7785badb40944247126ec31ac4e97e8ada0bd0e630f48e317b4de8e26f1f78Red Hat Security Advisory 2016-0619-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix: Multiple flaws were found in Samba's DCE/RPC protocol implementation. A remote, authenticated attacker could use these flaws to cause a denial of service against the Samba server or, possibly, execute arbitrary code with the permissions of the user running Samba. This flaw could also be used to downgrade a secure DCE/RPC connection by a man-in-the-middle attacker taking control of an Active Directory object and compromising the security of a Samba Active Directory Domain Controller.
ddcf6b68c566ff2d40b5f5225e025006b29b9509c7a260162b6357d22b5b92bfRed Hat Security Advisory 2016-0623-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix: Multiple flaws were found in Samba's DCE/RPC protocol implementation. A remote, authenticated attacker could use these flaws to cause a denial of service against the Samba server or, possibly, execute arbitrary code with the permissions of the user running Samba. This flaw could also be used to downgrade a secure DCE/RPC connection by a man-in-the-middle attacker taking control of an Active Directory object and compromising the security of a Samba Active Directory Domain Controller.
9378b72c47f12f2571fb3a13b7fdce1278fc98b16317b92e0774573b4b8f9872Red Hat Security Advisory 2016-0621-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix: A protocol flaw, publicly referred to as Badlock, was found in the Security Account Manager Remote Protocol and the Local Security Authority Remote Protocol. Any authenticated DCE/RPC connection that a client initiates against a server could be used by a man-in-the-middle attacker to impersonate the authenticated user against the SAMR or LSA service on the server. As a result, the attacker would be able to get read/write access to the Security Account Manager database, and use this to reveal all passwords or any other potentially sensitive information in that database.
81ed12f6335269d55b464d42cec3c9b7d85e6a7b1ad7e4d91156cae8662aa6c2Red Hat Security Advisory 2016-0613-01 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. Security Fix: Multiple flaws were found in Samba's DCE/RPC protocol implementation. A remote, authenticated attacker could use these flaws to cause a denial of service against the Samba server or, possibly, execute arbitrary code with the permissions of the user running Samba. This flaw could also be used to downgrade a secure DCE/RPC connection by a man-in-the-middle attacker taking control of an Active Directory object and compromising the security of a Samba Active Directory Domain Controller.
5633dd462f69ffaab3847b114904d8376a3fbc86b2723c88e3440a5532ec67c8Red Hat Security Advisory 2016-0611-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix: Multiple flaws were found in Samba's DCE/RPC protocol implementation. A remote, authenticated attacker could use these flaws to cause a denial of service against the Samba server or, possibly, execute arbitrary code with the permissions of the user running Samba. This flaw could also be used to downgrade a secure DCE/RPC connection by a man-in-the-middle attacker taking control of an Active Directory object and compromising the security of a Samba Active Directory Domain Controller.
c673d46b83aad8b70378276f859ae40d8d2de578960dc4d6dfe2a5a28a19b613This bulletin summary lists thirteen released Microsoft security bulletins for April, 2016.
597703e5e9fbf56ec8f7567bbdc8d59b765f4cbb98973b1342356f6bf2318d7dDebian Linux Security Advisory 3485-2 - The update for didiwiki issued as DSA-3485-1 introduced a regression that caused a large number of valid pages to not be accessible anymore. This occurred mostly for pages whose names started with non-ascii characters.
23d96d11baae59493e1cb92035ebd32bc9e2d01601d2b483772bd56ae5b77e85Red Hat Security Advisory 2016-0617-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: It was found that the fix for CVE-2015-1805 incorrectly kept buffer offset and buffer length in sync on a failed atomic read, potentially resulting in a pipe buffer state corruption. A local, unprivileged user could use this flaw to crash the system or leak kernel memory to user space.
2246baeb82266ecd6e864496d3978886666526381708e4420ff443c9d6f1fa2aRed Hat Security Advisory 2016-0615-01 - OpenShift Enterprise by Red Hat is the company's cloud computing Platform-as-a-Service solution designed for on-premise or private cloud deployments. A buffer overflow flaw was discovered in the OVS processing of MPLS labels. A remote attacker able to deliver a frame containing a malicious MPLS label that would be processed by OVS could trigger the flaw and use the resulting memory corruption to cause a denial of service or, possibly, execute arbitrary code.
bfa61db18cdc841a788d435210bf8e3a45536cd47f2ff98f128e4cb375b82766A DLL side loading vulnerability was found in the .NET Framework version 4.6 when running on Windows Vista or Windows 7. This issue can be exploited by luring a victim into opening an Office document from the attacker's share. An attacker can use this issue to execute arbitrary code with the privileges of the target user. This can potentially result in the attacker taking complete control of the affected system. If the WebDAV Mini-Redirector is enabled, it is possible to exploit this issue over the internet. This issue can be exploited even if the Office document is opened in Protected View.
1fb365836205d5377a82bf14506445c9d12b9a1770f630bfeaefcc48a647ab60RSA BSAFE Micro Edition Suite, Crypto-C Micro Edition, Crypto-J, and SSL-J contain a fix to address Lenstra's attack. RSA BSAFE Micro Edition Suite (MES) 4.1.5, RSA BSAFE Crypto-C Micro Edition (CCME) 4.1.3, RSA BSAFE Crypto-J 6.2.1, and RSA BSAFE SSL-J 6.2.1 are affected.
c3b17fc3ee05ab56bbef557f3dbd0a4892dd5ce2a6e58fcae51101192165854fUbuntu Security Notice 2948-2 - USN-2948-1 fixed vulnerabilities in the Ubuntu 14.10 Linux kernel backported to Ubuntu 14.04 LTS. An incorrect reference counting fix in the radeon driver introduced a regression that could cause a system crash. This update fixes the problem. Various other issues were also addressed.
275b81339417c812197f69eec7beeedc365d877e550b1d20ee2bd408be49fb77Debian Linux Security Advisory 3547-1 - Several vulnerabilities were discovered in Imagemagick, a program suite for image manipulation. This update fixes a large number of potential security problems such as null-pointer access and buffer-overflows that might lead to memory leaks or denial of service. Any of these security problems have a CVE number assigned.
142f78f9ac4ff42db8341a6ae0cff0f6e4fc9280be69a24bff7a6f6e449fd9ddApache OFBiz versions 13.07.02 and 13.07.01 suffer from an information disclosure vulnerability.
419380278b70977a96c3bc0eef27a2f2209090aa141ae65089eb28df4f069f25Apache OFBiz versions 13.07.02 and 13.07.01 suffer from an information disclosure vulnerability.
98d9ff0ba0ecc07dde2200a0464c40d9585db6ed97c8643098ff7cd2bbfe14c7A local privilege escalation vulnerability has been identified in the JTVNCProxy Windows service in JAWS version 13.0 and earlier. When installed, this service allows Read/Write access to any user, meaning any user can modify the location of the binary executed by the service with SYSTEM privileges. It should be noted that this vulnerability is not present in versions of JAWS from version 14 onwards.
bee135cc21b06f91f9c7f6b6ceb2d3463f5dc94cf506a5010c27657ab06af436
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed