Red Hat Security Advisory 2016-2131-01 - MariaDB is a multi-user, multi-threaded SQL database server. For all practical purposes, MariaDB is binary-compatible with MySQL. The following packages have been upgraded to a newer upstream version: mariadb55-mariadb. Security Fix: It was discovered that the MariaDB logging functionality allowed writing to MariaDB configuration files. An administrative database user, or a database user with FILE privileges, could possibly use this flaw to run arbitrary commands with root privileges on the system running the database server.
743f9b06c8508c8cda9a927f0ac89692Red Hat Security Advisory 2016-2130-01 - MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld, and many client programs. The following packages have been upgraded to a newer upstream version: mysql55-mysql. Security Fix: It was discovered that the MySQL logging functionality allowed writing to MySQL configuration files. An administrative database user, or a database user with FILE privileges, could possibly use this flaw to run arbitrary commands with root privileges on the system running the database server.
4639bae393bae65ad49bb4ab9634a3d4Red Hat Security Advisory 2016-2128-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the Linux kernel's keyring handling code: the key_reject_and_link() function could be forced to free an arbitrary memory block. An attacker could use this flaw to trigger a use-after-free condition on the system, potentially allowing for privilege escalation.
fb99ecab5d659bd43730c6df818651e2Red Hat Security Advisory 2016-2127-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write breakage of private read-only memory mappings. An unprivileged, local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system.
175155c18e9b6f574eeecbff9a379989Red Hat Security Advisory 2016-2126-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write breakage of private read-only memory mappings. An unprivileged, local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system.
9acd7fac3959493a5fb5551f0cf58b09This advisory discloses a critical severity security vulnerability which was introduced in version 1.4.1 of Crowd. Versions of Crowd starting with 1.4.1 before 2.8.8 (the fixed version for 2.8.x) and from 2.9.0 before 2.9.5 (the fixed version for 2.9.x) are affected by this vulnerability. The Crowd LDAP directory connector allowed an attacker to gain remote code execution in Crowd by injecting malicious attributes in LDAP entries.
1d8d3c4d540edd6f9547a738f73e107dS9Y Serendipity version 2.0.4 suffers from a cross site scripting vulnerability.
806ca5860014f687a91b24fd7a401c60Micro Focus Rumba versions 9.3 and below suffer from an active-x stack buffer overflow vulnerability.
9e3234252e3ab198ce4f3fe1a12462a0Micro Focus Rumba FTP client version 4.x stack overflow SEH exploit.
411fa31d391367845eceb2a82e8f101dThe included fuzz test case demonstrates an overflow in rastering for Adobe Flash.
ac6e28821e290cd837a184b32787b6e7Micro Focus Rumba versions 9.3 and below suffer from a stack overflow vulnerability.
f076f16277a0c09870e538c094607d92D-Link DIR-300NRUB5 with firmware version 1.2.94 suffers from brute force and cross site request forgery vulnerabilities.
505c2c3e0b2c535a06674e04ba8b2764ASP Gateway 1.0.0 suffers from a database disclosure vulnerability.
77c6b85e907011a63bde9b54324dac6eAngelo Emlak Scripti version 1.0 suffers from a database disclosure vulnerability.
88f09dd414e45c9254be17a7d72577acFreeFTPd version 1.0.8 suffers from a denial of service vulnerability in the mkd command.
f4896135a9a498ecb5ab3fcb842a459a
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed