Red Hat Security Advisory 2016-1944-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Security Fix: A denial of service flaw was found in the way BIND constructed a response to a query that met certain criteria. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS request packet.
63f1574ac630676fcf0eff4827fb27a6d2d47e11f2e55f0e0d10550f09bf49f6Red Hat Security Advisory 2016-1945-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Security Fix: A denial of service flaw was found in the way BIND constructed a response to a query that met certain criteria. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS request packet.
be43c5a097e942ecd307ebf4297bc06f0d866bd50f9d3352b9a0006c698abcc0Symantec Messaging Gateway versions 10.6.1 and below suffer from a directory traversal vulnerability.
23dad5e838b6046a002fbf6522886e375030f3559a852920266cc22b7246dc03Cisco Security Advisory - On September 22, 2016, the OpenSSL Software Foundation released an advisory that describes 14 vulnerabilities.
8a01e5818235e52620d9168ec7848771a0b5ee468ce6cb8088cecce9cffb935eSlackware Security Advisory - New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix a security issue.
fa36deda59b2671cb8b2e580d7603a1022589c6028f745b10155c2f43650482aD-Link DWR-932B suffers from backdoor accounts, default WPS PIN, weak WPS PIN generation, and various other bad security practices and issues.
c6622e059d37bef9eede516a3030b6a743db38a5cd314be7e8c8d9f7cd9c8022Exponent CMS version 2.3.9 suffers from a cross site scripting vulnerability.
816a6aa0ebc0fcfe56debdb5c17f8ac1d66b9b19c5aee73f74e398c5bd601fa8VLC Media Player version 2.2.1 suffers from a buffer overflow vulnerability.
8d54ac5735ae7e4cb830045676f5c7c657f8076814f587a26a777142ade24e68Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.
effa5b93d1e6c284ea6317a87f041a8a24428c9acc26e00a29844bf161a3267fUbuntu Security Notice 3090-1 - It was discovered that a flaw in processing a compressed text chunk in a PNG image could cause the image to have a large size when decompressed, potentially leading to a denial of service. Andrew Drake discovered that Pillow incorrectly validated input. A remote attacker could use this to cause Pillow to crash, resulting in a denial of service. Eric Soroos discovered that Pillow incorrectly handled certain malformed FLI, Tiff, and PhotoCD files. A remote attacker could use this issue to cause Pillow to crash, resulting in a denial of service. Various other issues were also addressed.
c423e110ad23bb74b24341dabc7ba03ff800cb994f63644b57a221bccb5ab251Debian Linux Security Advisory 3680-1 - Two vulnerabilities were reported in BIND, a DNS server.
81652422716b58bfe6ea4eccd254e3a93df6d4a155e0256d07bd4585d1d2f875Red Hat Security Advisory 2016-1943-01 - KVM is a full virtualization solution for Linux on x86 hardware. Using KVM, one can run multiple virtual machines running unmodified Linux or Windows images. Each virtual machine has private virtualized hardware: a network card, disk, graphics adapter, etc. Security Fix: An out-of-bounds read/write access flaw was found in the way QEMU's VGA emulation with VESA BIOS Extensions support performed read/write operations using I/O port methods. A privileged guest user could use this flaw to execute arbitrary code on the host with the privileges of the host's QEMU process.
19acd910684295a9f3feaeb5760ea7ded99a3951cfa1694f184ff09abb1386b2Ubuntu Security Notice 3088-1 - It was discovered that Bind incorrectly handled building responses to certain specially crafted requests. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service.
ad97f2b494b3ef287c7b8529154c3ed34f14dca7df9d30513033b8c7544cb1e2TP-Link Archer CR-700 suffers from a cross site scripting vulnerability.
0e163a6e16369c19892e24b88484d24959a8547ea7924587bbff4c9f9772831aNetMan 204 suffers from having a backdoor account being installed by default.
f2fff6d1bfb6a675b49c9757f603d7bf49b30faf9519240309de8b832ebaf70bFreePBX versions prior to 13.0.188 remote root exploit.
c50d60263569d98ac322bb608bf8b7cb2500c42bb78316971aa0bc255d1c9a75This security update addresses issues that were caused by patches included in the previous security update, released on 22nd September 2016. Given the Critical severity of one of these flaws they have chosen to release this advisory immediately to prevent upgrades to the affected version, rather than delaying in order to provide their usual public pre-notification.
77e4bc126822f74950332b755111a67d667dfdb76d28ac707831dec3730de752
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed