Red Hat Security Advisory 2017-0868-01 - Red Hat JBoss Fuse, based on Apache ServiceMix, provides a small-footprint, flexible, open source enterprise service bus and integration platform. Red Hat JBoss A-MQ, based on Apache ActiveMQ, is a standards compliant messaging system that is tailored for use in mission critical applications. This patch is an update to Red Hat JBoss Fuse 6.3 and Red Hat JBoss A-MQ 6.3. It includes bug fixes and enhancements, which are documented in the readme.txt file included with the patch files. Multiple security issues have been addressed.
b44baec06b4aa30482485d1d8aad1f8dcd12a8a67d5b08f4763ee3b328caa8b9Ubuntu Security Notice 3253-1 - It was discovered that Nagios incorrectly handled certain long strings. A remote authenticated attacker could use this issue to cause Nagios to crash, resulting in a denial of service, or possibly obtain sensitive information. It was discovered that Nagios incorrectly handled certain long messages to cmd.cgi. A remote attacker could possibly use this issue to cause Nagios to crash, resulting in a denial of service. Various other issues were also addressed.
c79b4480ec225f484a4c3353e13bf0f2725307d7e9ba6254c20baa738cf5326fGentoo Linux Security Advisory 201804-2 - Multiple vulnerabilities have been found in glibc, the worst of which could allow remote attackers to execute arbitrary code. Versions less than 2.25-r11 are affected.
20bcb176dc8f678b8fcebb3c25e5481340c2a49599d9b052bbd05cff312da576Ubuntu Security Notice 3617-2 - USN-3617-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.10. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 17.10 for Ubuntu 16.04 LTS. It was discovered that a race condition leading to a use-after-free vulnerability existed in the ALSA PCM subsystem of the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
0f276e7a9b2bfbe06e0d855d178a4c603928a7a485688ab62d5262889acef454Gentoo Linux Security Advisory 201804-1 - Multiple vulnerabilities were discovered in libxslt, the worst of which may allow a remote attacker to execute arbitrary code. Versions less than 1.1.30 are affected.
d1879b034e5fc47ed24dc480f47c4e7a0c8ee1432d5e5748e9cd53782da9a161Ubuntu Security Notice 3617-1 - It was discovered that a race condition leading to a use-after-free vulnerability existed in the ALSA PCM subsystem of the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the KVM implementation in the Linux kernel allowed passthrough of the diagnostic I/O port 0x80. An attacker in a guest VM could use this to cause a denial of service in the host OS. Various other issues were also addressed.
fe4a210e922b4739e377a7859b8122e447d7ffe0cc9c2252e70ad5829f91e7d1Mongoose OS versions 1.2 and below suffers from use-after-free and denial of service vulnerabilities.
29230e265e6385403b48459f9970358441ef14a35850ac8f58e0c0615ecbb02cKony Enterprise Mobile Management version 4.2.0 suffers from a private key disclosure vulnerability.
dfac23b8cfe379e80ab577f0e5961abd9d7facc3a6363c97daf642b809407477Red Hat Security Advisory 2017-0863-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, Extended Life Cycle Support for Red Hat Enterprise Linux 4 was retired on March 31, 2017, and active support is no longer provided. Accordingly, Red Hat will no longer provide updated packages, including Critical Impact security patches or Urgent Priority bug fixes, for Red Hat Enterprise Linux 4 ELS after March 31, 2017.
131beb38cc9b40830d94c90e126d4e23e59e6a45e730087ab1ac6ab776c32045Red Hat Security Advisory 2017-0862-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, support for Red Hat Enterprise Linux 5 was retired on March 31, 2017, at the end of Production Phase 3 and active support is no longer provided. As the product will now be in the Extended Life Phase, customers will continue to have access to all previously released content, and limited technical support will be available through Red Hat's Customer Experience and Engagement as described in the Knowledge Base article available at https://access.redhat.com/articles/64664. However, we recognize that some customers will wish to remain on Red Hat Enterprise Linux 5 even after the March 31, 2017 retirement date. To meet this customer requirement, Red Hat will offer customers the option to purchase the Extended Life Cycle Support Add-On as an annually renewable subscription. This ELS Add-On provides customers with up to an additional three and a half years of Critical Impact security fixes and selected Urgent Priority bug fixes for Red Hat Enterprise Linux 5.11. Red Hat Enterprise Linux 5 ELS coverage will conclude on November 30, 2020.
d20db9cfe243dcc9600d667c3912980b508184bbf305692a5b59f606afb7193fRed Hat Security Advisory 2017-0861-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, Advanced Mission Critical for Red Hat Enterprise Linux 5.6 was retired on March 31, 2017, and active support is no longer provided. Accordingly, Red Hat will no longer provide updated packages, including Critical Impact security patches or Urgent Priority bug fixes, for Red Hat Enterprise Linux 5.6 AMC after March 31, 2017.
73af0a91302880b0fda84ff2a350359ef8afc8ca8e1ada416d43d14f11c22c58Red Hat Security Advisory 2017-0864-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, Extended Update Support for Red Hat Enterprise Linux 7.1 was retired on March 31, 2017, and active support is no longer provided. Accordingly, Red Hat will no longer provide updated packages, including Critical Impact security patches or Urgent Priority bug fixes, for Red Hat Enterprise Linux 7.1 EUS after March 31, 2017.
1726950944e029aa9e87b05926c45da5d19892259fd9378d3a11527bf5a608d1OpenManage Server Administrator version 8.4 suffers from a directory traversal vulnerability.
64df1022197272561fbf522b26472bc450a0c8b7c4f7cf66729ba27dcad0eadcPHP version 7.1.2 suffers from an incorrect behavior with fsockopen.
f95a66bf357d7a4d4cc45ea50c1c6154b09b14db99cf7f747b69412d4f11e0e0Apple Security Advisory 2017-04-03-1 - iOS 10.3.1 is now available and addresses a wifi vulnerability.
8b5f0e4a03e750a7b56884a02e8dfd789cb35bb0287acfccf2e07d060e4d0524GeoMoose versions 2.9.2 and below suffer from a directory traversal vulnerability.
e8ffd351cb42c9c1aa1f94365a6e68fff547aebacc6c9e8b8dfc861633983dd6Chimein.mozilla.org suffers from multiple cross site scripting vulnerabilities.
677bf08f3abab45727864c625f11fef8a1d0809f03498843151760f1272f19e3This Metasploit module abuses the sudo access granted to tomcat and the mvtroubleshooting.sh script to escalate privileges. In order to work, a tomcat session with access to sudo on the sudoers is needed. This Metasploit module is useful for post exploitation of BlueCoat vulnerabilities, where typically web server privileges are acquired, and this user is allowed to execute sudo on the sudoers file.
e2893d0c823a71c5e42bc07dcb197f2a382e0587c64f12ee1c7ad55690e5b7f2360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands.
f2753c34c9883dfe15003f5b0814c44255ff34cfd31b9a7bf514172123ed05ff
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed