Ubuntu Security Notice 3437-1 - Radek Micek discovered that OCaml incorrectly handled sign extensions. A remote attacker could use this issue to cause applications using OCaml to crash, to possibly obtain sensitive information, or to possibly execute arbitrary code.
4fc5d9593a2242ea01f057e6a7a61b13baf8fe1bbacd8ed9d2123f3ac61c271dERS Data System version 1.8.1 suffers from a java deserialization vulnerability.
db7664c356e0313b7516c67bc791c41b1366694c81bde1fae6aade830d6ee526HPE Security Bulletin HPESBHF03776 1 - A potential security vulnerability has been identified in HPE Intelligent Management Center (iMC) Service Operation Management (SOM). The vulnerability could be remotely exploited to allow arbitrary file download and disclosure of information. Revision 1 of this advisory.
cb1d256f53870308120074e2aae29011ea977e0b63df4915d0391790433d52bbUbuntu Security Notice 3430-2 - USN-3430-1 fixed several vulnerabilities in Dnsmasq. This update provides the corresponding update for Ubuntu 12.04 ESM. A Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher A discovered that Dnsmasq incorrectly handled DNS requests. A remote A attacker could use this issue to cause Dnsmasq to crash, resulting in A a denial of service, or possibly execute arbitrary code.A A Various other issues were also addressed.
af47e78fbed8bea2d0e91ae18d941fe35ccaff045fd6e05faf0764d15c245741HPE Security Bulletin HPESBMU03753 1 - Several potential security vulnerabilities have been identified in HPE System Management Homepage (SMH) on Windows and Linux. The vulnerabilities could be exploited remotely resulting in Cross-site scripting, local and remote Denial of Service, local and remote execution of arbitrary code, local elevation of privilege and local unqualified configuration change. Revision 1 of this advisory.
8aebece5aa468ae51cd352fc00bf4f6f2e1373b2a2a9227a4a8e9385983057cbe2openplugin OpenWebif versions 0.2.9 through 1.2.4 suffer from a code execution vulnerability.
21753d40223ecda0da1e940eee1a7ab08434dd3c2965b4390c2c9e3ccecac767A proof of concept has been released that bypasses the fix for the original finding regarding an incorrect optimization in BytecodeGenerator::emitGetByVal in WebKit JSC.
424b380e7d3c1cbc0226f7a72afefbd2fcb4158f18e5251ba138a6ab2b914b5bBotan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS
39f970fee5986a4c3e425030aef50ac284da18596c004d1a9cce7688c4e6d47cBotan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference. This is the old stable release.
6847ffb64b8d2f939dccfecc17bd2c80385d08f7621e2c56d3a335118e823613Ubuntu Security Notice 3435-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to read uninitialized memory, obtain sensitive information, bypass phishing and malware protection, spoof the origin in modal dialogs, conduct cross-site scripting attacks, cause a denial of service via application crash, or execute arbitrary code. Various other issues were also addressed.
c86ee2d1eff650ae175e17d1af6c359f0bd16aa5cac13f5f74b1dfa298e8ba18Red Hat Security Advisory 2017-2836-01 - The dnsmasq packages contain Dnsmasq, a lightweight DNS forwarder and DHCP server. Security Fix: A heap buffer overflow was found in dnsmasq in the code responsible for building DNS replies. An attacker could send crafted DNS packets to dnsmasq which would cause it to crash or, potentially, execute arbitrary code. A heap buffer overflow was discovered in dnsmasq in the IPv6 router advertisement handling code. An attacker on the local network segment could send crafted RAs to dnsmasq which would cause it to crash or, potentially, execute arbitrary code. This issue only affected configurations using one of these options: enable-ra, ra-only, slaac, ra-names, ra-advrouter, or ra-stateless.
40f38afa9a7156950ba15636b6a23e5643072a5975f5c5d66d3df49b270e25fdUbuntu Security Notice 3434-1 - It was discovered that Libidn incorrectly handled decoding certain digits. A remote attacker could use this issue to cause Libidn to crash, resulting in a denial of service, or possibly execute arbitrary code.
18e90f2c41bd5875f69610e95c337df9dbf99c4971f0ef284b47b16864b6bc20Red Hat Security Advisory 2017-2839-01 - The dnsmasq packages contain Dnsmasq, a lightweight DNS forwarder and DHCP server. Security Fix: A heap buffer overflow was found in dnsmasq in the code responsible for building DNS replies. An attacker could send crafted DNS packets to dnsmasq which would cause it to crash or, potentially, execute arbitrary code.
9301e5e527415a2079a3e5a2d51158d08cb1acf07b4b31123d7e9edf847b15b6Red Hat Security Advisory 2017-2838-01 - The dnsmasq packages contain Dnsmasq, a lightweight DNS forwarder and DHCP server. Security Fix: A heap buffer overflow was found in dnsmasq in the code responsible for building DNS replies. An attacker could send crafted DNS packets to dnsmasq which would cause it to crash or, potentially, execute arbitrary code.
419b8334960678d4d5bd2530706ac6c176749a1ab7380d444363dc8317e67b4bThe Microsoft IIS UrlScan module suffers from a bypass vulnerability.
54497e82b70415d781fcd57707a5cb05e7acb0d1698546f2269bbbfaf32e45ea
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed