Red Hat Security Advisory 2017-0396-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix: Quick emulator built with the Cirrus CLGD 54xx VGA emulator support is vulnerable to an out-of-bounds access issue. It could occur while copying VGA data via bitblt copy in backward mode. A privileged user inside a guest could use this flaw to crash the QEMU process resulting in DoS or potentially execute arbitrary code on the host with privileges of QEMU process on the host.
04cf835162e6148729b97eced9a5fda5e036d78e4e9ce3eb9c83c3652980afdeUbuntu Security Notice 3214-1 - A large number of security issues were discovered in the w3m browser. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
0c5f6601de4ca9365d7a126df50fd535abe392784a793f9dbbb848ef3edecc6bUbuntu Security Notice 3215-1 - It was discovered that Munin incorrectly handled CGI graphs. A remote attacker could use this issue to overwrite arbitrary files as the www-data user.
95b8c80540d3747ccf378aafb583153fa0ffd8abc40e7095fa39c7304119274fbuntu Security Notice 3211-2 - USN-3211-1 fixed vulnerabilities in PHP by updating to the new 7.0.15 upstream release. PHP 7.0.15 introduced a regression when using MySQL with large blobs. This update fixes the problem with a backported fix. It was discovered that PHP incorrectly handled certain invalid objects when unserializing data. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that PHP incorrectly handled certain invalid objects when unserializing data. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that PHP incorrectly handled unserializing certain wddxPacket XML documents. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
395852aeeb90db3e7f13ca41dc38ada3e18b361a3bb7c07acfca5df0267d117cWordPress Mobile App Native plugin version 3.0 suffers from a remote shell upload vulnerability.
82c684ffec16cec057a097ac53b55c3e0975581fe9a3b9827068d8e17f8e043aDebian Linux Security Advisory 3794-2 - The update for munin issues as DSA-3794-1 caused a regression in the zooming functionality in munin-cgi-graph. Updated packages are now available to correct this issue.
adcf387d333df0d5bb5d4dc3ded88ceac577ab02829956918cb72340d0bf14d3Red Hat Security Advisory 2017-0359-01 - openstack-puppet-modules provides a collection of Puppet modules which Red Hat OpenStack Platform director uses to install and configure OpenStack. Security Fix: An information-disclosure flaw was discovered in Red Hat OpenStack Platform director's installation of Object Storage. During installation, the Puppet script responsible for deploying the service incorrectly removes and recreates the proxy-server.conf file with world-readable permissions.
56cd24e7eff7fc7b7c4fd7b13700a746607d7596f21ff372f0a9f36b6f22f3caRed Hat Security Advisory 2017-0361-01 - openstack-puppet-modules provides a collection of Puppet modules which Red Hat OpenStack Platform director uses to install and configure OpenStack. Security Fix: An information-disclosure flaw was discovered in Red Hat OpenStack Platform director's installation of Object Storage. During installation, the Puppet script responsible for deploying the service incorrectly removes and recreates the proxy-server.conf file with world-readable permissions.
e3726331cb9fee8b11f902b9bf9490fef83778e552654cd451f92f9ae369c8d4Red Hat Security Advisory 2017-0365-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A use-after-free flaw was found in the way the Linux kernel's Datagram Congestion Control Protocol implementation freed SKB resources for a DCCP_PKT_REQUEST packet when the IPV6_RECVPKTINFO option is set on the socket. A local, unprivileged user could use this flaw to alter the kernel memory, allowing them to escalate their privileges on the system.
d9ef458911309cb2316221f6062be51938eb34d73c399d567006702fbdea8ef0Red Hat Security Advisory 2017-0366-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A use-after-free flaw was found in the way the Linux kernel's Datagram Congestion Control Protocol implementation freed SKB resources for a DCCP_PKT_REQUEST packet when the IPV6_RECVPKTINFO option is set on the socket. A local, unprivileged user could use this flaw to alter the kernel memory, allowing them to escalate their privileges on the system.
5889edb61dd5f84d21d71e6917a96f2d86bbc9e277f448c4b77bcd8323057919Red Hat Security Advisory 2017-0352-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix: Quick emulator built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access issue. The issue could occur while copying VGA data in cirrus_bitblt_cputovideo. A privileged user inside guest could use this flaw to crash the QEMU process OR potentially execute arbitrary code on host with privileges of the QEMU process.
1b87ebe9141ad5f1903675d1aff60f68f171760d5668f6744a7744a6a95185daRed Hat Security Advisory 2017-0350-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Security Fix: Quick emulator built with the Cirrus CLGD 54xx VGA emulator support is vulnerable to an out-of-bounds access issue. It could occur while copying VGA data via bitblt copy in backward mode. A privileged user inside a guest could use this flaw to crash the QEMU process resulting in DoS or potentially execute arbitrary code on the host with privileges of QEMU process on the host.
75931a925a10b8789148351f8d5e8d6874563480c942e62b489352a1a4adb10bRed Hat Security Advisory 2017-0351-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Security Fix: Quick emulator built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access issue. The issue could occur while copying VGA data in cirrus_bitblt_cputovideo. A privileged user inside guest could use this flaw to crash the QEMU process OR potentially execute arbitrary code on host with privileges of the QEMU process.
caf21d6248d446f692cf3b0ee3959f0c4f26c45c1ac4d1420a3da363cde4213dDebian Linux Security Advisory 3798-1 - Eric Sesterhenn, from X41 D-Sec GmbH, discovered several vulnerabilities in tnef, a tool used to unpack MIME attachments of type "application/ms-tnef". Multiple heap overflows, type confusions and out of bound reads and writes could be exploited by tricking a user into opening a malicious attachment. This would result in denial of service via application crash, or potential arbitrary code execution.
bbd49c0c46d64d21fabc7c7b1c12d055760af924afd1df74cdd1ccbfd5bfaaf6This archive contains all of the 285 exploits added to Packet Storm in February, 2017.
ad3bd3d523750cf691df6d417700304fed2b028f9ea96267336e179e66621a72Cisco AnyConnect Start Before Logon (SBL) versions 4.3.04027 and below suffer from a local privilege escalation vulnerability.
a940cb43f59488ff489670ff1c373d98a9bcd072247f920b103d88a5edb179d8PHP Classified OLX Clone Script suffers from a remote SQL injection vulnerability.
c14fea51e4917b80c7759a57d3a5f8117352ac11a389c3643a33d77db0c5f535
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed