Red Hat Security Advisory 2016-2098-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write breakage of private read-only memory mappings. An unprivileged, local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system.
1a7703808b61b134ce934b44a191731a72e9b982be3726705ca0fa7d7c812707Ubuntu Security Notice 3108-1 - Toshifumi Sakaguchi discovered that Bind incorrectly handled certain packets with malformed options. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service.
1825157108134d56ce557d85f3c881f0923ca4fb6df7cd65742768414ccecfb1Red Hat Security Advisory 2016-2093-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Security Fix: A denial of service flaw was found in the way BIND handled packets with malformed options. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS packet.
3ad95d743a9e68225f25748c5f705b7a39525284c37ad0848988e10dc6ac38fbRed Hat Security Advisory 2016-2094-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Security Fix: A denial of service flaw was found in the way BIND handled packets with malformed options. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS packet.
752e005fbb17eb10e18a548e65192e9500deb13006d873420adbf6f114913029Vladimir Benes discovered an unbounded recursion in the VLAN and TEB Generic Receive Offload (GRO) processing implementations in the Linux kernel, A remote attacker could use this to cause a stack corruption, leading to a denial of service (system crash). It was discovered that a race condition existed in the memory manager of the Linux kernel when handling copy-on-write breakage of private read-only memory mappings. A local attacker could use this to gain administrative privileges.
c25b2da43c7e870d98f3d2287f8bfebc1dba46d2dba4f24ed45b8ee608b6d7b9EMC Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) versions 7.3 and older contain a vulnerability that may expose the Avamar servers to potentially be compromised by malicious users.
21fd79cfda57fbd6d590a4128ee0cc95685b3feb95caedb9d7eda3775d1cf70dUbuntu Security Notice 3106-3 - It was discovered that a race condition existed in the memory manager of the Linux kernel when handling copy-on-write breakage of private read-only memory mappings. A local attacker could use this to gain administrative privileges.
54dc612ad33491d5c22dfe6dd3f19d1ef8d1b2ff741f4c58d7bc2ebaecdc440dUbuntu Security Notice 3104-2 - It was discovered that a race condition existed in the memory manager of the Linux kernel when handling copy-on-write breakage of private read-only memory mappings. A local attacker could use this to gain administrative privileges.
42da95c3019a05a732fd4164b20e64e1a67bfb7a680f42ed7ac1501af860170fUbuntu Security Notice 3106-2 - USN-3106-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that a race condition existed in the memory manager of the Linux kernel when handling copy-on-write breakage of private read-only memory mappings. A local attacker could use this to gain administrative privileges. Various other issues were also addressed.
926b3aca0acb71dd8364c923524df46af106987d2fa4f9d5ea71d8c3cbc34feeUbuntu Security Notice 3105-2 - USN-3105-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. It was discovered that a race condition existed in the memory manager of the Linux kernel when handling copy-on-write breakage of private read-only memory mappings. A local attacker could use this to gain administrative privileges. Various other issues were also addressed.
1059c9cb9772bd4f0e4fba02125c8667195b352129374f5c0c47ca804be95860Ubuntu Security Notice 3107-1 - It was discovered that a race condition existed in the memory manager of the Linux kernel when handling copy-on-write breakage of private read-only memory mappings. A local attacker could use this to gain administrative privileges.
8fcd9e29885ea6a1fb4d638e3abc2384fd7a0c1d11a5588c6cd25280f59e564bUbuntu Security Notice 3104-1 - It was discovered that a race condition existed in the memory manager of the Linux kernel when handling copy-on-write breakage of private read-only memory mappings. A local attacker could use this to gain administrative privileges.
d5db4a68e548a88b7bf4ece1b1b09d58b21b17e5892021900d42e63e2816c3a1Red Hat Security Advisory 2016-2091-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Security Fix: CloudForms did not properly apply permissions controls to VM IDs passed by users. A remote, authenticated attacker could use this flaw to execute arbitrary VMs on systems managed by CloudForms if they know the ID of the VM.
3bfc17d2edd4c4be4126f06265fc584b744f8e6732bfb1b3584f301329560960Ubuntu Security Notice 3105-1 - It was discovered that a race condition existed in the memory manager of the Linux kernel when handling copy-on-write breakage of private read-only memory mappings. A local attacker could use this to gain administrative privileges.
6c27b69795ca815d5900811ea489c6243526c9c057eeb3eab31371651319f1aaRed Hat Security Advisory 2016-2090-01 - Oracle Java SE version 6 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 6 to version 6 Update 131. Security Fix: This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.
dd82109673331b20604cba40c06021afa603086cf8201c15134c0f6c2034a274Red Hat Security Advisory 2016-2089-01 - Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 7 to version 7 Update 121. Security Fix: This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.
c7db79745450f37460c66132d831b704fe8721e6e1b9222a8f631920232fc1e4Red Hat Security Advisory 2016-2088-01 - Oracle Java SE version 8 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 8 to version 8 Update 111. Security Fix: This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.
0f133062101abc52e81d34dc01252367e7889fe7ecfbabb4ab1e886533f0a933Ubuntu Security Notice 3106-1 - It was discovered that a race condition existed in the memory manager of the Linux kernel when handling copy-on-write breakage of private read-only memory mappings. A local attacker could use this to gain administrative privileges.
9fa63387e970d3725ac9ee08f55deb766ad47e2eef6b9b14f8f74e0b5581de93HP Security Bulletin HPSBGN03663 1 - Potential security vulnerability has been identified in ArcSight WINC Connector. The vulnerability could be exploited remotely to allow code execution. Revision 1 of this advisory.
e647f41e2a69d366d92b0b03226e51ef80d673d097395d338484b800e270cc7cUbuntu Security Notice 3106-4 - It was discovered that a race condition existed in the memory manager of the Linux kernel when handling copy-on-write breakage of private read-only memory mappings. A local attacker could use this to gain administrative privileges.
cb0d48fc3befd214ae08cf09e046477f9bd1e67f09c4d2d9bd2539424887a858The CAPTCHA in dotCMS versions prior to 3.6.0 allows for reuse of a valid code.
29a73c14faaa05b81b9eeda110a0f49d8af1d2341b03371d3664beb58d8c3e5cCisco Security Advisory - A vulnerability in the Identity Firewall feature of Cisco ASA Software could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code. The vulnerability is due to a buffer overflow in the affected code area. An attacker could exploit this vulnerability by sending a crafted NetBIOS packet in response to a NetBIOS probe sent by the ASA software. An exploit could allow the attacker to execute arbitrary code and obtain full control of the system or cause a reload of the affected system. Note: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability affects systems configured in routed and transparent firewall mode and in single or multiple context mode. This vulnerability can be triggered by IPv4 traffic. Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.
ec71423c8a13380eb28398b2ca96acf7cd796aa893ce8fd1eda95fa5b8b341eaRed Hat Security Advisory 2016-2082-01 - Red Hat Storage Console is a new Red Hat offering for storage administrators that provides a graphical management platform for Red Hat Ceph Storage 2. Red Hat Storage Console allows users to install, monitor, and manage a Red Hat Ceph Storage cluster. Security Fix: A flaw was found in the way authentication details were passed between rhscon-ceph and rhscon-core. An authenticated, local attacker could use this flaw to recover the cleartext password.
3a9748381fe7e0aeef711fb28a1dcb07552bd2e859c93cc001261330adb97920Red Hat Security Advisory 2016-2079-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix: It was discovered that the Hotspot component of OpenJDK did not properly check arguments of the System.arraycopy() function in certain cases. An untrusted Java application or applet could use this flaw to corrupt virtual machine's memory and completely bypass Java sandbox restrictions.
42291419234b4a70c11c7b17d62668758ec3fd60b82421825806aa232d148151Debian Linux Security Advisory 3695-1 - It was discovered that the zebra daemon in the Quagga routing suite suffered from a stack-based buffer overflow when processing IPv6 Neighbor Discovery messages.
0a6fe662afafd6bf511f90cd0e9886abdfea148d3df5cd0f6cb473868935e597
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed