Asterisk Project Security Advisory - A carefully crafted URI in a From, To or Contact header could cause Asterisk to crash.
3aaf55f2e7edf3194ca408a6b81cebdb27229d2dd95377a0d81498fe1ed9affd
Asterisk Project Security Advisory - The app_minivm module has an externnotify program configuration option that is executed by the MinivmNotify dialplan application. The application uses the caller-id name and number as part of a built string passed to the OS shell for interpretation and execution. Since the caller-id name and number can come from an untrusted source, a crafted caller-id name or number allows an arbitrary shell command injection.
f609d7792da894fb6c1fb0ade8daec8f16def1711e4528d9c0115ae784979027
Asterisk Project Security Advisory - The "strictrtp" option in rtp.conf enables a feature of the RTP stack that learns the source address of media for a session and drops any packets that do not originate from the expected address. This option is enabled by default in Asterisk 11 and above. The "nat" and "rtp_symmetric" options for chan_sip and chan_pjsip respectively enable symmetric RTP support in the RTP stack. This uses the source address of incoming media as the target address of any sent media. This option is not enabled by default but is commonly enabled to handle devices behind NAT. A change was made to the strict RTP support in the RTP stack to better tolerate late media when a reinvite occurs. When combined with the symmetric RTP support this introduced an avenue where media could be hijacked. Instead of only learning a new address when expected the new code allowed a new source address to be learned at all times. If a flood of RTP traffic was received the strict RTP support would allow the new address to provide media and with symmetric RTP enabled outgoing traffic would be sent to this new address, allowing the media to be hijacked. Provided the attacker continued to send traffic they would continue to receive traffic as well.
dc5c0fb3ca5feec836d616e3705c5e6f1fe136bb73fc595a8c84c639da8487a1
HPE Security Bulletin HPESBGN03765 2 - A security vulnerability in the DES/3DES block ciphers used in the TLS protocol could potentially impact HPE LoadRunner and HPE Performance Center resulting in remote disclosure of information. This is also known as the SWEET32 attack. Revision 2 of this advisory.
948d29ad7d087b66e32a4c02373d48f779582beea0bda6a1bd420ce52660e466
HPE Security Bulletin HPESBGN03767 1 - A potential security vulnerability has been identified in HPE Operations Orchestration product. The vulnerability could be exploited remotely to allow execution of code. Revision 1 of this advisory.
4b17d418b655fd4fe6b152730a774cede78fd9a61ada68f04893915f466f72bd
Red Hat Security Advisory 2017-2561-01 - In accordance with the Red Hat Virtualization 3.x Support Life Cycle Policy, support will end on September 30, 2017. Red Hat will not provide extended support for the Red Hat Virtualization Manager and Red Hat Virtualization Host. Customers are requested to migrate to the newer Red Hat Virtualization product prior to the end of the life cycle for Red Hat Virtualization 3.x. After September 30, 2017, technical support through Red Hatas Global Support Services will no longer be provided, other than assisting in upgrades. We encourage customers to plan their migration from Red Hat Virtualization 3.x to the latest version of Red Hat Virtualization. Please contact your Red Hat account representative if you have questions and/or concerns on this matter.
5b114bd7dd14cc284504b01336be22854bf97593bdc99b359bb38bd0c83ebcf7
Red Hat Security Advisory 2017-2563-01 - OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fix: A covert timing channel flaw was found in the way OpenSSH handled authentication of non-existent users. A remote unauthenticated attacker could possibly use this flaw to determine valid user names by measuring the timing of server responses.
6772db3539ac28058a8dcd85adcd01f09d836815a6d2fd1a69ba5c6d44438755