RSA IMG contains fixes for an insecure password reset vulnerability that could potentially be exploited by malicious users to compromise the affected system. Versions prior to 6.9 P04 and 6.9.1 P01 are affected. Versions prior to 6.9 are not affected.
c6666505e39409872aa4004d98d0640abd4df8ec788ac46a4eed4baf26c1a5a9The client management solution FrontRange Desktop and Server Management (DSM) stores and uses sensitive user credentials for required user accounts in an insecure manner which enables an attacker or malware with file system access to a managed client, for example with the privileges of a limited Windows domain user account, to recover the cleartext passwords. The recovered passwords can be used for privilege escalation attacks and for gaining unauthorized access to other client and/or server systems within the corporate network as at least one FrontRange DSM user account needs local administrative privileges on managed systems. Versions 7.2.1.2020 and 7.2.2.2331 are affected.
6dceda4b06fd7f28ead2853794061c22f60742ebcc1960711543fd9e45abc6aaThis document details a stack based buffer overflow vulnerability within TestDisk version 6.14. A buffer overflow is triggered within the software when a malicious disk image is attempted to be recovered. This may be leveraged by an attacker to crash TestDisk and gain control of program execution. An attacker would have to coerce the victim to run TestDisk against their malicious image.
7a37d596089ffb1fa811b151734f591791c8d53219a3fdd9ea5cf26e1b134cc6Ubuntu Security Notice 2589-1 - Jan Beulich discovered the Xen virtual machine subsystem of the Linux kernel did not properly restrict access to PCI command registers. A local guest user could exploit this flaw to cause a denial of service (host crash). A stack overflow was discovered in the the microcode loader for the intel x86 platform. A local attacker could exploit this flaw to cause a denial of service (kernel crash) or to potentially execute code with kernel privileges. Various other issues were also addressed.
8282d42fb6583caf6d76b6aee077dd9245ed77e5d04d2fc2bb4a081975c28256Ubuntu Security Notice 2590-1 - Jan Beulich discovered the Xen virtual machine subsystem of the Linux kernel did not properly restrict access to PCI command registers. A local guest user could exploit this flaw to cause a denial of service (host crash). A stack overflow was discovered in the the microcode loader for the intel x86 platform. A local attacker could exploit this flaw to cause a denial of service (kernel crash) or to potentially execute code with kernel privileges. Various other issues were also addressed.
1b08e536241af42cd68bdd34efa71e59d286ef81926d08113e25aa0e4a6caa10Ubuntu Security Notice 2588-1 - A stack overflow was discovered in the the microcode loader for the intel x86 platform. A local attacker could exploit this flaw to cause a denial of service (kernel crash) or to potentially execute code with kernel privileges. It was discovered that the Linux kernel's IPv6 networking stack has a flaw that allows using route advertisement (RA) messages to set the 'hop_limit' to values that are too low. An unprivileged attacker on a local network could exploit this flaw to cause a denial of service (IPv6 messages dropped). Various other issues were also addressed.
9a627000ef86237cd41df7a15f646311d33c5638f0b71888ede7a4353bc5d3b4Ubuntu Security Notice 2583-1 - A race condition between chown() and execve() was discovered in the Linux kernel. A local attacker could exploit this race by using chown on a setuid-user-binary to gain administrative privileges.
28d7b89bb124569f420a9ba709fe48765584dc12a3e3a59abbea9305fcd7dbbcUbuntu Security Notice 2584-1 - A race condition between chown() and execve() was discovered in the Linux kernel. A local attacker could exploit this race by using chown on a setuid-user-binary to gain administrative privileges.
8afb2a3026cf0f899a4947b7bd2d83d11b7cd5af96e4255b0b9375879b36674aUbuntu Security Notice 2587-1 - A stack overflow was discovered in the the microcode loader for the intel x86 platform. A local attacker could exploit this flaw to cause a denial of service (kernel crash) or to potentially execute code with kernel privileges. It was discovered that the Linux kernel's IPv6 networking stack has a flaw that allows using route advertisement (RA) messages to set the 'hop_limit' to values that are too low. An unprivileged attacker on a local network could exploit this flaw to cause a denial of service (IPv6 messages dropped). Various other issues were also addressed.
aca50e1868eb2659833e7f58be08c01df08d2b9366912a4241e743edb63ccd25Ubuntu Security Notice 2586-1 - It was discovered that the Linux kernel's IPv6 networking stack has a flaw that allows using route advertisement (RA) messages to set the 'hop_limit' to values that are too low. An unprivileged attacker on a local network could exploit this flaw to cause a denial of service (IPv6 messages dropped).
19a304728639f12fad4af354e58d2750b5c6c0b3b7ead07ae4bc438aca0151e8Ubuntu Security Notice 2591-1 - Paras Sethia discovered that curl could incorrectly re-use NTLM HTTP credentials when subsequently connecting to the same host over HTTP. Hanno B=C3=B6ck discovered that curl incorrectly handled zero-length host names. If a user or automated system were tricked into using a specially crafted host name, an attacker could possibly use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.10 and Ubuntu 15.04. Various other issues were also addressed.
58aa927ae5cde26c640c5b1fad0d3a84b7a2049bd1bb1094b604b1a5687488f4Ubuntu Security Notice 2585-1 - It was discovered that the Linux kernel's IPv6 networking stack has a flaw that allows using route advertisement (RA) messages to set the 'hop_limit' to values that are too low. An unprivileged attacker on a local network could exploit this flaw to cause a denial of service (IPv6 messages dropped).
136d5b9a293b9464db081e9dd429285bf619d901e2b79cb7e0f61c1161064c2dMandriva Linux Security Advisory 2015-218 - Multiple vulnerabilities have been found and corrected in glibc. It was discovered that, under certain circumstances, glibc's getaddrinfo() function would send DNS queries to random file descriptors. An attacker could potentially use this flaw to send DNS queries to unintended recipients, resulting in information disclosure or data loss due to the application encountering corrupted data. Various other issues were also addressed. The updated packages provides a solution for these security issues.
ca67e4afc95e67b314459d08aafa35fbb3e1d19b574ae36b9849508247891508Mandriva Linux Security Advisory 2015-217 - SQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which allows context-dependent attackers to cause a denial of service (uninitialized memory access and application crash) or possibly have unspecified other impact via a crafted COLLATE clause, as demonstrated by COLLATE at the end of a SELECT statement. The sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9 does not properly implement comparison operators, which allows context-dependent attackers to cause a denial of service (invalid free operation) or possibly have unspecified other impact via a crafted CHECK clause, as demonstrated by CHECK in a CREATE TABLE statement. The sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does not properly handle precision and width values during floating-point conversions, which allows context-dependent attackers to cause a denial of service or possibly have unspecified other impact via large integers in a crafted printf function call in a SELECT statement. The updated packages provides a solution for these security issues.
d7abd24a5ede0ffb411a19c7b4916189dd8611c728e2fd9900a0d2d4bb39756eDebian Linux Security Advisory 3241-1 - John Heasman discovered that the site plugin handling of the Elasticsearch search engine was susceptible to directory traversal.
fce5038a8b3f95eef78c548ff16d6571a4ba1f233ef9e0f3f8b8cd11472f084cHP Security Bulletin HPSBGN03324 1 - A potential security vulnerability has been identified with HP Business Service Automation Essentials Core that could allow the remote disclosure of information. Revision 1 of this advisory.
78fe7eff7e07277444127a8bba8d785bb3ee3e89771f56ff1623a076393de83aHP Security Bulletin HPSBGN03323 1 - A potential security vulnerability has been identified with HP Business Service Automation Essentials Core with JBOSS that could allow the remote disclosure of information. Revision 1 of this advisory.
7437618034ef0f75e3dcc42be435fa83372cd755f9a2c090d2eaff966799628fDebian Linux Security Advisory 3239-1 - Juliane Holzt discovered that Icecast2, a streaming media server, could dereference a NULL pointer when URL authentication is configured and the stream_auth URL is triggered by a client without setting any credentials. This could allow remote attackers to cause a denial of service (crash).
4a3db4dabf12e50966deed1f99fdeeca7e0401d11acb6dd03eea93d80cf91daeDebian Linux Security Advisory 3240-1 - It was discovered that cURL, an URL transfer library, if configured to use a proxy server with the HTTPS protocol, by default could send to the proxy the same HTTP headers it sends to the destination server, possibly leaking sensitive information.
252128cd3e64002729ccdb22bf39b8b4adca54fe0f20743af8097920dfca7772HP Security Bulletin HPSBMU03241 1 - A potential security vulnerability has been identified with HP Network Automation running SSLv3. This is the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" also known as "Poodle", which could be exploited remotely to allow disclosure of information. Revision 1 of this advisory.
3bb6f6cfee73ba02fa91b1f4859b6489e55c9a06284a0c3a40e321a3804e81b3HP Security Bulletin HPSBUX03320 SSRT101952 1 - Potential security vulnerabilities have been identified with HP-UX CIFS-Server (Samba). The vulnerabilities could be exploited remotely to cause a Denial of Service (DoS), execution of arbitrary code, or unauthorized access. Revision 1 of this advisory.
e973ffb6dafb6ca7009b2cd65cdfaa080bc145cae7286e26749ee0040f2ca8fcSevDesk version 1.1 suffers from a persistent script insertion vulnerability in the application dashboard.
b44b3d91f0262e0b448dcfc054371b496431ca08b92de3910209721ad41b89f1
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed