Ubuntu Security Notice 2388-2 - USN-2388-1 fixed vulnerabilities in OpenJDK 7 for Ubuntu 14.04 LTS. This update provides the corresponding updates for Ubuntu 14.10. A vulnerability was discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit this to expose sensitive data over the network. Various other issues were also addressed.
4693a6bd44cd1e3723cd23fa1afcd9712920e3f66c3e4cc92286cfc16b6dacfeRed Hat Security Advisory 2014-1668-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A NULL pointer dereference flaw was found in the way the Linux kernel's Stream Control Transmission Protocol implementation handled simultaneous connections between the same hosts. A remote attacker could use this flaw to crash the system. This update also fixes several bugs and adds one enhancement.
01a170866c4a0d40ca22a3813281625f83ff86f1c137a71121dc4af73fcba5eeFree WMA MP3 Converter version 1.8 buffer overflow exploit.
349244591b06fbf45c6c3bedbd84816ba5dcbd0c7d2698f07d5d8377c0189e32ElectricCommander version 4.2.4.71224 suffers from a local privilege escalation vulnerability.
139302eb4b0999cd770c756251480454ce0ddd8d7d7211bca12f6045642487b9bl0wsshd00r backdoors OpenSSH 6.7p1 with a magic password for any user, sniffs and records traffic, and mitigates logging to lastlog/wtmp/utmp.
17bb28d0c4a3e2058cf728936b45586915c671f6cadd0920f2e695332adabeb7Wonderful World-Wide CMS suffers from having default administrative credentials and a remote SQL injection vulnerability.
f8f1bd8511a3df393b1fdfd3d84a7f1a3b129ef78ffbc88ee33f78ee48fcd0e6Ubuntu Security Notice 2387-1 - The pollinate package bundles the certificate for entropy.ubuntu.com. This update refreshes the certificate to match the one currently used on the server.
a188bf8bf6bfe165725370d20ffcde00049886143be72c42733217cd209ca290PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
6269aeacb49020342541efa4a666b54aff178ce6d8160d071a0f7c625b68139aFreeBSD Security Advisory - A flaw in the DTLS SRTP extension parsing code allows an attacker, who sends a carefully crafted handshake message, to cause OpenSSL to fail to free up to 64k of memory causing a memory leak. When an OpenSSL SSL/TLS/DTLS server receives a session ticket the integrity of that ticket is first verified. In the event of a session ticket integrity check failing, OpenSSL will fail to free memory causing a memory leak. The SSL protocol 3.0, as supported in OpenSSL and other products, supports CBC mode encryption where it could not adequately check the integrity of padding, because of the use of non-deterministic CBC padding. This protocol weakness makes it possible for an attacker to obtain clear text data through a padding-oracle attack. Some client applications (such as browsers) will reconnect using a downgraded protocol to work around interoperability bugs in older servers. This could be exploited by an active man-in-the-middle to downgrade connections to SSL 3.0 even if both sides of the connection support higher protocols. SSL 3.0 contains a number of weaknesses including POODLE.
1338c6e5d97b6096c8316516c16ede168dd7ee9fb4220f57cfcb0077bbbdbdbeiFunBox Free version 1.1 suffers from a local file inclusion vulnerability.
a6b1648c529a9a0941a3df3a8a7715c0433175744acbe0ac28bdbdd9fdc27bd8There are weak permissions for IBackupWindows default installation where everyone is allowed to change the ib_service.exe with an executable of their choice. When the service restarts or the system reboots the attacker payload will execute on the system with SYSTEM privileges. Versions 10.0.0.32 and below are affected.
242ccf791d59eefa7b2dae5e7a23750351c763b99ad78523cea13e2cb9d8be66FreeBSD Security Advisory - The input path in routed(8) will accept queries from any source and attempt to answer them. However, the output path assumes that the destination address for the response is on a directly connected network. Upon receipt of a query from a source which is not on a directly connected network, routed(8) will trigger an assertion and terminate. The affected system's routing table will no longer be updated. If the affected system is a router, its routes will eventually expire from other routers' routing tables, and its networks will no longer be reachable unless they are also connected to another router.
4417c0ac7112fd0a1df452df61df6f5046872f2983c2f925f6d59dcf0333ff89This Metasploit module exploits an arbitrary file upload vulnerability found in DotNetNuke DNNspot Store module versions below 3.0.0.
8d7b2e5c58eb4c7ab4147e4b1bbfc4bb6ee33a5ccd9b1c34821eb93b975e53ffFreeBSD Security Advisory - Due to a missing length check in the code that handles DNS parameters, a malformed router advertisement message can result in a stack buffer overflow in rtsold(8). Receipt of a router advertisement message with a malformed DNSSL option, for instance from a compromised host on the same network, can cause rtsold(8) to crash. While it is theoretically possible to inject code into rtsold(8) through malformed router advertisement messages, it is normally compiled with stack protection enabled, rendering such an attack extremely difficult. When rtsold(8) crashes, the existing DNS configuration will remain in force, and the kernel will continue to receive and process periodic router advertisements.
e1f62a6f25f130e67a8c1e26993a5607009075d124b8af637931966a65521b56FreeBSD Security Advisory - The namei facility will leak a small amount of kernel memory every time a sandboxed process looks up a nonexistent path name. A remote attacker that can cause a sandboxed process (for instance, a web server) to look up a large number of nonexistent path names can cause memory exhaustion.
9f8ed0e936fbf5d1fb78455e4ed7b09c663c7772d634ea2b4ab832a530fd924dThe Cisco Ironport WSA virtual appliances are vulnerable to an old FreeBSD telnetd encryption Key ID buffer overflow which allows remote attackers to execute arbitrary code. Cisco WSA Virtual appliances have the vulnerable telnetd daemon enabled by default.
1e50defbccefef3b6417c5dae6f4b42e12ae0ee91e5966ab9e31f8406c261827File Manager version 4.2.10 suffers from a code execution vulnerability.
484ac02dc4a0004f691cf9fe24df57db3dad1c95ed0f38a4cbd870263711a3e3Mulesoft ESB Runtime version 3.5.1 suffers from an authenticated privilege escalation vulnerability that can lead to remote code execution.
08794d520edeb726f186f14cdf7b89697a8145e119476f5b25642ede0d501b5cRed Hat Security Advisory 2014-1691-01 - PackStack is a command-line utility that uses Puppet modules to support rapid deployment of OpenStack on existing servers over an SSH connection. PackStack is suitable for deploying both single node proof-of-concept installations and more complex multi-node installations. It was discovered that the nova.conf configuration generated by PackStack did not correctly set the libvirt_vif_driver configuration option if the Open vSwitch monolithic plug-in was not used. This could result in deployments defaulting to having the firewall disabled unless the nova configuration was manually modified after PackStack was started.
f4fd29f4deafb921937eac96169ee90bc72bc629e80d09199a5916266953c442Red Hat Security Advisory 2014-1689-01 - OpenStack Compute launches and schedules large networks of virtual machines, creating a redundant and scalable cloud computing platform. Compute provides the software, control panels, and APIs required to orchestrate a cloud, including running virtual machine instances, managing networks, and controlling access through users and projects. A race condition flaw was found in the way the nova VMware driver handled VNC port allocation. An authenticated user could use this flaw to gain unauthorized console access to instances belonging to other tenants by repeatedly spawning new instances. Note that only nova setups using the VMware driver and the VNC proxy service were affected.
9a2bc3551d2a5e4275947e9efb42042cdc9a763e4a26b1f4b5cce23d426ab8fcRed Hat Security Advisory 2014-1690-01 - The python-backports-ssl_match_hostname package provides RFC 6125 compliant wildcard matching. A denial of service flaw was found in the way Python's SSL module implementation performed matching of certain certificate names. A remote attacker able to obtain a valid certificate that contained multiple wildcard characters could use this flaw to issue a request to validate such a certificate, resulting in excessive consumption of CPU. This issue was discovered by Florian Weimer of Red Hat Product Security.
630f007e3d3cbb97e3d958feade33386613235e76e9498f96c508f28f5197ea2Red Hat Security Advisory 2014-1687-02 - OpenStack Orchestration is a template-driven engine used to specify and deploy configurations for Compute, Storage, and OpenStack Networking. It can also be used to automate post-deployment actions, which in turn allows automated provisioning of infrastructure, services, and applications. Orchestration can also be integrated with Telemetry alarms to implement auto-scaling for certain infrastructure resources. It was discovered that a user could temporarily be able to see the URL of a provider template used in another tenant. If the template itself could be accessed, then additional information could be leaked that would otherwise not be visible.
7f7405ebb67a23bad0a5e03b8ca3295a9538a7dcba558003c4904fa12d6899b1Red Hat Security Advisory 2014-1688-01 - The OpenStack Identity service authenticates and authorizes OpenStack users by keeping track of users and their permitted activities. The Identity service supports multiple forms of authentication, including user name and password credentials, token-based systems, and AWS-style logins. A flaw was found in the keystone V3 API. An attacker could send a single request with the same authentication method multiple times, possibly leading to a denial of service due to generating excessive load with minimal requests. Only keystone setups with the V3 API enabled were affected by this issue.
bc5ed9f6d904f1a939908666e1172587fbdc5ef969af0ca5fa10b16749557d41Red Hat Security Advisory 2014-1692-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer, Transport Layer Security, and Datagram Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. This update adds support for the TLS Fallback Signaling Cipher Suite Value, which can be used to prevent protocol downgrade attacks against applications which re-connect using a lower SSL/TLS protocol version when the initial connection indicating the highest supported protocol version fails.
477e81c0daa2c159986f76e111440acbc133e23811a280839718932c86498c2cRed Hat Security Advisory 2014-1685-01 - OpenStack Image service provides discovery, registration, and delivery services for disk and server images. It provides the ability to copy or snapshot a server image, and immediately store it away. Stored images can be used as a template to get new servers up and running quickly and more consistently than installing a server operating system and individually configuring additional services. It was discovered that the image_size_cap configuration option in glance was not honored. An authenticated user could use this flaw to upload an image to glance and consume all available storage space, resulting in a denial of service.
a0090c9c0db888d7edb166344afcc29c4908804d642c308d51e21d0462a2cc7d
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed