Red Hat Security Advisory 2014-1843-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A race condition flaw was found in the way the Linux kernel's KVM subsystem handled PIT emulation. A guest user who has access to the PIT I/O ports could use this flaw to crash the host. A memory corruption flaw was found in the way the USB ConnectTech WhiteHEAT serial driver processed completion commands sent via USB Request Blocks buffers. An attacker with physical access to the system could use this flaw to crash the system or, potentially, escalate their privileges on the system.
e154ef355ac868abf46aa21980f64c2c9b4a1563aa31365c7ba822f982de7f79Red Hat Security Advisory 2014-1826-01 - LibVNCServer is a library that allows for easy creation of VNC server or client functionality. An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way screen sizes were handled by LibVNCServer. A malicious VNC server could use this flaw to cause a client to crash or, potentially, execute arbitrary code in the client. A NULL pointer dereference flaw was found in LibVNCServer's framebuffer setup. A malicious VNC server could use this flaw to cause a VNC client to crash.
e2c9798857c3d1e03016b0b2c618cd8a2546b36a94835a1ec41c396e9181a3ddRed Hat Security Advisory 2014-1827-01 - The kdenetwork packages contain networking applications for the K Desktop Environment. Krfb Desktop Sharing, which is a part of the kdenetwork package, is a server application that allows session sharing between users. Krfb uses the LibVNCServer library. A NULL pointer dereference flaw was found in the way LibVNCServer handled certain ClientCutText message. A remote attacker could use this flaw to crash the VNC server by sending a specially crafted ClientCutText message from a VNC client. A divide-by-zero flaw was found in the way LibVNCServer handled the scaling factor when it was set to "0". A remote attacker could use this flaw to crash the VNC server using a malicious VNC client.
19c5b36078b87b05694e12e9a3ed9002344e57ab24b279a1020435c8ad2bd837This bulletin summary lists fourteen released Microsoft security bulletins for November, 2014.
89b790a0de9d21b1f034814b454ed2cd38a2d2533bed89ab9c94d3b876a890d8Ubuntu Security Notice 2408-1 - Elena Ezhova discovered that OpenStack Neutron did not properly perform access control checks for attributes. A remote authenticated attacker could exploit this to bypass intended access controls and reset admin-only attributes to default values.
b78b1e81d8d7bf82ee2bfad9deb37644efe722c424527a767daea010f91bbd8eUbuntu Security Notice 2407-1 - Garth Mollett discovered that OpenStack Nova did not properly clean up an instance when using rescue mode with the VMWare driver. A remove authenticated user could exploit this to bypass intended quota limits. By default, Ubuntu does not use the VMWare driver. Amrith Kumar discovered that OpenStack Nova did not properly sanitize log message contents. Under certain circumstances, a local attacker with read access to Nova log files could obtain access to sensitive information. Various other issues were also addressed.
3c7205b8ebb855db59f87c5f3f505c7722720259119b91f95b3964de02a9831aUbuntu Security Notice 2406-1 - Brant Knudson discovered that OpenStack Keystone did not properly perform input sanitization when performing endpoint catalog substitution. A remote attacker with privileged access for creating endpoints could exploit this to obtain sensitive information.
a92458a0127b804c6ef0b7c59414ae9ddf147a1d9e2ae1407e74fe84dc5aa95dUbuntu Security Notice 2405-1 - Duncan Thomas discovered that OpenStack Cinder did not properly track the file format when using the GlusterFS of Smbfs drivers. A remote authenticated user could exploit this to potentially obtain file contents from the compute host. Amrith Kumar discovered that OpenStack Cinder did not properly sanitize log message contents. Under certain circumstances, a local attacker with read access to Cinder log files could obtain access to sensitive information. Various other issues were also addressed.
093befa060a0a74d20668cc4dd13401ce693514f81089d91ae807f5c8f629ff9Ubuntu Security Notice 2404-1 - Pavel Hrdina discovered that libvirt incorrectly handled locking when processing the virConnectListAllDomains command. An attacker could use this issue to cause libvirtd to hang, resulting in a denial of service. Eric Blake discovered that libvirt incorrectly handled permissions when processing the qemuDomainFormatXML command. An attacker with read-only privileges could possibly use this to gain access to certain information from the domain xml file. Various other issues were also addressed.
2a1bca2d71d848876f8b66fcb6de56f798ff097d98d80d5f05f1c682cc308136Ubuntu Security Notice 2403-1 - Sean Burford discovered that GnuTLS incorrectly handled printing certain elliptic curve parameters. A malicious remote server or client could use this issue to cause GnuTLS to crash, resulting in a denial of service, or possibly execute arbitrary code.
57c981fae3e03f635b009775c558526ac1895c8bbc0be4e1fa9d8011542aa97cThe MercadoLibre application for Android is missing SSL certificate validation.
1274342e7f84eb0760361ff12caf57c0aebaeeaa1849eaa432b0f6a63fc7e729webmail.mit.edu suffers from an open redirection vulnerability.
71230acbb262cb99d7292fd923315777ab2695cda3d14a7cc42d66e422911466PHP-Fusion version 7.02.07 suffers from a remote SQL injection vulnerability.
2249d0cca1dcee7f7c100fe42427bb2711d8fd3554f226cd372966d7f53926faProgress OpenEdge version 11.2 suffers from a directory traversal vulnerability.
2a7af6c9e05a8a5ed21c61c5a6187aa19d5abef257d9b8271a276a0e2a7a0f0cMicrosoft Internet Explorer 8 MS14-035 use-after-free exploit.
e3033fb7f9cb434533a100773bbe5fe178c4d89890c26940b7e6ed828fea0b2aUbuntu Security Notice 2402-1 - David Edmundson discovered that the KDE Clock KCM policykit helper did not properly guard against untrusted input. Under certain circumstances, a process running under the user's session could exploit this to run programs as the administrator.
34077d43260d431ce943747a82b24c7d3e95b3b288e128438808d0a1d43e292c
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed