PwC ACE software has a remotely exploitable security vulnerability which allows injection and execution of malicious ABAP code on the remote SAP system. Version 8.10.304 is affected.
09d0145e8338540901d89d889ba9cd283557db57962fdcd684e04dc0bbc61648Gentoo Linux Security Advisory 201612-19 - Multiple vulnerabilities have been found in Mercurial, the worst of which could lead to the remote execution of arbitrary code. Versions less than 3.8.4 are affected.
47c379d973e4969784c5bccded8e80c7573e79b6ec6f68d82c36130813ba786eGentoo Linux Security Advisory 201612-18 - Multiple vulnerabilities have been found in OpenSSH, the worst of which allows remote attackers to cause Denial of Service. Versions less than 7.3_p1-r7 are affected.
cc124780a02d52103b56c764eff6ad2156bc5a56b638ae35230124f1be579026Gentoo Linux Security Advisory 201612-17 - A buffer overflow in PECL HTTP might allow remote attackers to execute arbitrary code. Versions less than 2.5.6 are affected.
99e527d46139f0484a2aa25b5dafbbf27e2322d299892413fafa2bc6d28ec59eGentoo Linux Security Advisory 201612-16 - Multiple vulnerabilities have been found in OpenSSL, the worst of which allows attackers to conduct a time based side-channel attack. Versions less than 1.0.2j are affected.
267f0c13083d309d4f011bd2771d90788d5f04ad963b99fcd180d27463f73d7aRed Hat Security Advisory 2016-2872-01 - The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. Security Fix: It was discovered that the sudo noexec restriction could have been bypassed if application run via sudo executed system(), popen(), or wordexp() C library functions with a user supplied argument. A local user permitted to run such application via sudo with noexec restriction could use these flaws to execute arbitrary commands with elevated privileges.
8e41cabe0b6906610a2b234cb672a2d7cfec3592a3b6f1a8c617eab6e4f006faRed Hat Security Advisory 2016-2871-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Security Fix: A denial of service flaw was found in the way BIND handled responses containing a DNAME answer. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response.
fa6473273e61b60cd7193e68e5c5b0bd7ef710cda977793d7b048a71383b1cd1Gentoo Linux Security Advisory 201612-15 - Multiple vulnerabilities have been found in ARJ, the worst of which may allow attackers to execute arbitrary code. Versions less than 3.10.22-r5 are affected.
93ed680b4b8f65b624060451139142724745ff36774c1addc0f775b16cc6ee38Gentoo Linux Security Advisory 201612-14 - A vulnerability was discovered in util-linux, which could potentially lead to the execution of arbitrary code. Versions less than 2.26 are affected.
d3385716f80151ebb4a86fe44909384782335a2b981d22392f199815a3ab9af2A specially crafted web-page can trigger a memory corruption vulnerability in Microsoft Edge.
dbee67cc4774436af0a97fc95c4282934e4d90645ab6bff130f5ae660df69677Assisted GPS/GNSS data provided by Qualcomm for compatible receivers is often being served over HTTP without SSL. Additionally many of these files do not provide a digital signature to ensure that data was not tampered in transit. This can allow a network-level attacker to mount a MITM attack and modify the data while in transit. While HTTPS and digitally-signed files are both available, they are newer and not widely used yet.
2a18e13d34c037e28a3cfc8bbbe4a5b490d1f0516e9c8f7a3662df12c3658de3Ubuntu Security Notice 3151-1 - Philip Pettersson discovered a race condition in the af_packet implementation in the Linux kernel. A local unprivileged attacker could use this to cause a denial of service or run arbitrary code with administrative privileges.
366ea99803b45007b28975fba950ee825bcae8c517bc90500e532dac943f504eUbuntu Security Notice 3150-1 - Philip Pettersson discovered a race condition in the af_packet implementation in the Linux kernel. A local unprivileged attacker could use this to cause a denial of service or run arbitrary code with administrative privileges.
01114ec8168ca06ef876602f632596b5ac0058fb4b42a72b0b74d82c64e9f60dUbuntu Security Notice 3149-2 - USN-3149-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. Philip Pettersson discovered a race condition in the af_packet implementation in the Linux kernel. A local unprivileged attacker could use this to cause a denial of service or run arbitrary code with administrative privileges. Various other issues were also addressed.
9731ac046103f9c340d873b560f2afaaa0ca3c84506deef542342b131629c0e3Ubuntu Security Notice 3149-1 - Philip Pettersson discovered a race condition in the af_packet implementation in the Linux kernel. A local unprivileged attacker could use this to cause a denial of service or run arbitrary code with administrative privileges.
47b1b3821d04bf4ee88ff830c4355b2043041b0a774d187a6a18134e753cad2fUbuntu Security Notice 3152-2 - Philip Pettersson discovered a race condition in the af_packet implementation in the Linux kernel. A local unprivileged attacker could use this to cause a denial of service or run arbitrary code with administrative privileges.
6a40f0ee04b23e2fabfc56131ab430587cf990f38c7a6483b09550b5949ad6eeUbuntu Security Notice 3151-4 - Philip Pettersson discovered a race condition in the af_packet implementation in the Linux kernel. A local unprivileged attacker could use this to cause a denial of service or run arbitrary code with administrative privileges.
d2fab5298c22b5a5a949676daea4e21714110552ff25f80853e30f529249f2bfUbuntu Security Notice 3150-2 - Philip Pettersson discovered a race condition in the af_packet implementation in the Linux kernel. A local unprivileged attacker could use this to cause a denial of service or run arbitrary code with administrative privileges.
e27b7f3da4c744e96fa266bd5562b86cb4562b856349a55c52cd669f78d9bafbUbuntu Security Notice 3151-3 - Philip Pettersson discovered a race condition in the af_packet implementation in the Linux kernel. A local unprivileged attacker could use this to cause a denial of service or run arbitrary code with administrative privileges.
9db0f9cd682d4172f274216dae7fda69a6d76e1c289494ea22b16c4e3962bfd5Ubuntu Security Notice 3152-1 - Philip Pettersson discovered a race condition in the af_packet implementation in the Linux kernel. A local unprivileged attacker could use this to cause a denial of service or run arbitrary code with administrative privileges.
2fc1600c5a1b891c887eccc1ab9690b55958aad6e3ae9df58df425149b8c8df8Ubuntu Security Notice 3151-2 - USN-3151-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Philip Pettersson discovered a race condition in the af_packet implementation in the Linux kernel. A local unprivileged attacker could use this to cause a denial of service or run arbitrary code with administrative privileges. Various other issues were also addressed.
cac405c82a1b4cf4918d416971f4626ddaf020310ddbee3aac884eb9ea77af02Gentoo Linux Security Advisory 201612-10 - Libvirt is vulnerable to directory traversal when using Access Control Lists (ACL). Versions less than 1.2.21-r1 are affected.
1b059501eb2c63557591d9a95f0644d455c333a46016df615c5fa52a53c25838Gentoo Linux Security Advisory 201612-9 - Multiple vulnerabilities have been found in GD, the worst of which allows remote attackers to execute arbitrary code. Versions less than 2.2.3 are affected.
ffca006ac4ed95b5c403e05ca84f0447ce1e0afa104b4c0e8ddb6e3a031ccddcGentoo Linux Security Advisory 201612-8 - A vulnerability in LinuxCIFS utils' cifscreds PAM module might allow remote attackers to have an unspecified impact via unknown vectors. Versions less than 6.4 are affected.
157e1bb44b38d6fff2d5e5d88fe6ef4ef947c69fbb690162f17ab3178fbbff7bGentoo Linux Security Advisory 201612-7 - A vulnerability was discovered in dpkg which could potentially lead to arbitrary code execution. Versions less than 1.17.26 are affected.
af3399d65526a3d6e88762958bcff286e63a7aa8d0d26d59ce7f69aec343c356
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed