Red Hat Security Advisory 2017-1272-01 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. Security Fix: A remote code execution flaw was found in Samba. A malicious authenticated samba client, having write access to the samba share, could use this flaw to execute arbitrary code as root.
3d53f1508681a3887c096d61a062efb7cef117f6fd39b41e56023e54566d794b
Ubuntu Security Notice 3283-2 - Dave McDaniel discovered that rtmpdump incorrectly handled certain malformed streams. If a user were tricked into processing a specially crafted stream, a remote attacker could cause rtmpdump to crash, resulting in a denial of service, or possibly execute arbitrary code.
78fba43163463e6413f6ff10627ce9cf71e958bb6330e4749a8eb95bd943f7bf
Red Hat Security Advisory 2017-1268-01 - The libtirpc packages contain SunLib's implementation of transport-independent remote procedure call documentation, which includes a library required by programs in the nfs-utils and rpcbind packages. Security Fix: It was found that due to the way rpcbind uses libtirpc, a memory leak can occur when parsing specially crafted XDR messages. An attacker sending thousands of messages to rpcbind could cause its memory usage to grow without bound, eventually causing it to be terminated by the OOM killer.
0007e2623162483258a522432d2bf8028209d9e4813b7b7580508a084bb149bc
Red Hat Security Advisory 2017-1267-01 - The rpcbind utility is a server that converts Remote Procedure Call program numbers into universal addresses. It must be running on the host to be able to make RPC calls on a server on that machine. Security Fix: It was found that due to the way rpcbind uses libtirpc, a memory leak can occur when parsing specially crafted XDR messages. An attacker sending thousands of messages to rpcbind could cause its memory usage to grow without bound, eventually causing it to be terminated by the OOM killer.
be1bec16ec036a0c7830fe3c4598296e0dca514477d0acaa83c8975bede107bd
Secunia Research has discovered multiple vulnerabilities in Microsoft Windows, which can be exploited by malicious people to compromise a vulnerable system. An error within the "LoadUvsTable()" function can be exploited to cause a heap-based buffer overflow via a font file containing specially crafted Unicode Variation Sequences tables. An integer overflow error within the "LoadFont()" function can be exploited to cause a heap-based buffer overflow via a font file containing specially crafted Unicode Variation Sequences tables. Successful exploitation of the vulnerabilities allows execution of arbitrary code.
6171c4189358444433b6d183844713287c38ff36227d913c707846f7d310476c
On Linux, the eBPF verifier log leaks the lower half of a map pointer.
ef14e5eae522759ea9bf260c2ff05b930f1f5f5dadc31821f6ec15b48675f085
Broadcom suffers from a host to dongle information leak via wldev_ioctl.
041b12daf028a74772de5874f4f3807b189eefcc5651de1a44fae1f291723a91
HPE Security Bulletin HPESBHF03744 1 - Potential security vulnerabilities with OpenSSL have been addressed for HPE Intelligent Management Center (iMC) PLAT. The vulnerabilities could be remotely exploited resulting in Denial of Service (DoS). Revision 1 of this advisory.
99aeebea1c35a4f406782d080470c69bf66978ba45cc37f1440ba6f370c6f25f
Debian Linux Security Advisory 3858-1 - Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in privilege escalation, denial of service, newline injection in SMTP or use of insecure cryptography.
e8004e244bc9ba3237af6bccc9d6a3803da5f5860ae47f04632bea3d25f01406
Red Hat Security Advisory 2017-1262-01 - The rpcbind utility is a server that converts Remote Procedure Call program numbers into universal addresses. It must be running on the host to be able to make RPC calls on a server on that machine. Security Fix: It was found that due to the way rpcbind uses libtirpc, a memory leak can occur when parsing specially crafted XDR messages. An attacker sending thousands of messages to rpcbind could cause its memory usage to grow without bound, eventually causing it to be terminated by the OOM killer.
9df768ffe02abc9c9d33d36f5d1cb57af1e669c292ca02824422babbe60dd117
Red Hat Security Advisory 2017-1263-01 - The libtirpc packages contain SunLib's implementation of transport-independent remote procedure call documentation, which includes a library required by programs in the nfs-utils and rpcbind packages. Security Fix: It was found that due to the way rpcbind uses libtirpc, a memory leak can occur when parsing specially crafted XDR messages. An attacker sending thousands of messages to rpcbind could cause its memory usage to grow without bound, eventually causing it to be terminated by the OOM killer.
49d9acba01c695412d6018d26794d50acb5f77b1730e133e0169fa768d25b526
Red Hat Security Advisory 2017-1265-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix: It was found that Samba always requested forwardable tickets when using Kerberos authentication. A service to which Samba authenticated using Kerberos could subsequently use the ticket to impersonate Samba to other services or domain users.
4098aa20948ce3f8ca4c274f5eed9f9ca798a1f08ce911aefc1cc64b5cf7492f
Red Hat Security Advisory 2017-1264-01 - The K Desktop Environment is a graphical desktop environment for the X Window System. The kdelibs packages include core libraries for the K Desktop Environment. Security Fix: A privilege escalation flaw was found in the way kdelibs handled D-Bus messages. A local user could potentially use this flaw to gain root privileges by spoofing a callerID and leveraging a privileged helper application.
55b5ec56d5fdf924706e71ec4e094f503df4e61144152b03ddfde919983c2a85
Atlassian SourceTree versions 2.5c and below suffer from a command injection vulnerability. This advisory gives a ridiculously small amount of information regarding the issue itself.
e2a767420fa68c4a02c5ef67ce359c7a39caef6bd52157da4e47059779e79f74
Apache Archiva versions 2.0.0 through 2.2.1 suffer from multiple cross site request forgery vulnerabilities.
7e745caabdb2d9e9ff82737b721c9ac26e4ec440e1f189a056da73a88ab8820e
Asterisk Project Security Advisory - A remote memory exhaustion can be triggered by sending an SCCP packet to Asterisk system with chan_skinny enabled that is larger than the length of the SCCP header but smaller than the packet length specified in the header. The loop that reads the rest of the packet does not detect that the call to read() returned end-of-file before the expected number of bytes and continues infinitely. The partial data message logging in that tight loop causes Asterisk to exhaust all available memory.
8d5f47cf0e67ce5864a2b2a4177e62f386b1d90a8d45c93551e617023efa518c
Asterisk Project Security Advisory - The multi-part body parser in PJSIP contains a logical error that can make certain multi-part body parts attempt to read memory from outside the allowed boundaries. A specially-crafted packet can trigger these invalid reads and potentially induce a crash.
dffc64dd4e5928c9a21df82604d70762c92068e2145f6bc7293d2eb080f35bbc
Asterisk Project Security Advisory - A remote crash can be triggered by sending a SIP packet to Asterisk with a specially crafted CSeq header and a Via header with no branch parameter. The issue is that the PJSIP RFC 2543 transaction key generation algorithm does not allocate a large enough buffer. By overrunning the buffer, the memory allocation table becomes corrupted, leading to an eventual crash.
60ef218a0c056d6aec0776e903fa217b0958d9a103decc2e014f49f5d98412d9
This bulletin summary lists one bulletin that has undergone a major revision increment.
e9644ba34af5fc468f284a8211f278b9180d4ad29b4398daec9fe8adb57be2f5
Google I/O 2017 application for Android versions prior to 5.1.4 suffer from a man-in-the-middle vulnerability.
1fa0559e9edae7e21ef67d5f155d2d2b4db4d4651ee541249e1393abaf366ace
In default installations of HP SiteScope version 11.32, access to Java Management Extensions (JMX) is allowed to unauthenticated users over port 28006. This configuration allows for remote code execution exploits.
52544054868c2ef0c003c8317520227934d8c939f448bb6d5e4d362256c9015c
Debian Linux Security Advisory 3856-1 - Two vulnerabilities have been discovered in the web interface of the Deluge BitTorrent client (directory traversal and cross-site request forgery).
ffd4b2a7a8f00187b94f35a5055d76e483f4645d61a3bcd2ed54463b4ab27be8
HPE Security Bulletin HPESBGN03748 1 - A potential security vulnerability has been identified in HPE Cloud Optimizer. The vulnerability could be remotely exploited resulting in disclosure of information. Revision 1 of this advisory.
7483e63110b0bf1c8c541a2f924bb2bf09ca0c60d99d6ea43f0e7571351d4d97
Western Digital TV Media Player version 1.03.07 suffers from file upload, local file inclusion, cross site request forgery, private key issue, remote SQL injection, and other vulnerabilities.
385687d49d2c40482bc4095866410a41b9a17b1428c065bcb0a4be85c09e9a45
Red Hat Security Advisory 2017-1256-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. This release of Red Hat JBoss Enterprise Application Platform 6.4.15 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.14, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix: It was discovered that under certain conditions RESTEasy could be forced to parse a request with YamlProvider, resulting in unmarshalling of potentially untrusted data. An attacker could possibly use this flaw execute arbitrary code with the permissions of the application using RESTEasy.
66a0b9ebd91f3d58b18c164ce18f959b822d47b029a739de04202319a8322641