Red Hat Security Advisory 2015-2248-03 - The netcf packages contain a library for modifying the network configuration of a system. Network configuration is expressed in a platform-independent XML format, which netcf translates into changes to the system's "native" network configuration files. A denial of service flaw was found in netcf. A specially crafted interface name could cause an application using netcf to crash. This issue was discovered by Hao Liu of Red Hat.
83b356c6dbbc4bef40d3ce810c81c870e2f44d1af6ef5bf81da853afb66c6ad6Red Hat Security Advisory 2015-2345-01 - The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol, including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base browser. A denial of service flaw was found in the way snmptrapd handled certain SNMP traps when started with the "-OQ" option. If an attacker sent an SNMP trap containing a variable with a NULL type where an integer variable type was expected, it would cause snmptrapd to crash.
39d3c90e21cd7f01f9b921b8bf0ce2af6a366718079a6eb5acd08fdc18a9a588Red Hat Security Advisory 2015-2241-03 - The chrony suite, chronyd and chronyc, is an advanced implementation of the Network Time Protocol, specially designed to support systems with intermittent connections. It can synchronize the system clock with NTP servers, hardware reference clocks, and manual input. It can also operate as an NTPv4 server or peer to provide a time service to other computers in the network. An out-of-bounds write flaw was found in the way chrony stored certain addresses when configuring NTP or cmdmon access. An attacker that has the command key and is allowed to access cmdmon could use this flaw to crash chronyd or, possibly, execute arbitrary code with the privileges of the chronyd process.
9dcd1e723bb8317bbfc69f9f7175740614fd51f6bffa6bfacdfedd26b82d3eb2Ubuntu Security Notice 2815-1 - Mikulas Patocka discovered that libpng incorrectly handled certain large fields. If a user or automated system using libpng were tricked into opening a specially crafted image, an attacker could exploit this to cause libpng to crash, leading to a denial of service. This issue only affected Ubuntu 12.04 LTS. Qixue Xiao discovered that libpng incorrectly handled certain time values. If a user or automated system using libpng were tricked into opening a specially crafted image, an attacker could exploit this to cause libpng to crash, leading to a denial of service. Various other issues were also addressed.
3f66141721123e6e77158af7cb6d3179568157de879748ae7ba8e9b651149f13Red Hat Security Advisory 2015-2155-07 - The file command is used to identify a particular file according to the type of data the file contains. It can identify many different file types, including Executable and Linkable Format binary files, system libraries, RPM packages, and different graphics formats. Multiple denial of service flaws were found in the way file parsed certain Composite Document Format files. A remote attacker could use either of these flaws to crash file, or an application using file, via a specially crafted CDF file.
04a6ee9092dd32d61ea6bb3d141cce1697e5330904bf01426b4f34fcc545167fNetwin SurgeFTP server version 23d6 suffers from multiple stored cross site scripting vulnerabilities.
8a738fcf73b0741fa19ac83402727e9db5fc3288bf5f2c65355a00eec7780e86Red Hat Security Advisory 2015-2180-07 - Bundler manages an application's dependencies through its entire life, across many machines, systematically and repeatably. Thor is a toolkit for building powerful command-line interfaces. A flaw was found in the way Bundler handled gems available from multiple sources. An attacker with access to one of the sources could create a malicious gem with the same name, which they could then use to trick a user into installing, potentially resulting in execution of code from the attacker-supplied malicious gem. Bundler has been upgraded to upstream version 1.7.8 and Thor has been upgraded to upstream version 1.19.1, both of which provide a number of bug fixes and enhancements over the previous versions.
3b957b59454b262adda06e37502b489b3ecac69d2933766c355c1e78c1ed8bebRed Hat Security Advisory 2015-2154-07 - Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center. It was found that the krb5_read_message() function of MIT Kerberos did not correctly sanitize input, and could create invalid krb5_data objects. A remote, unauthenticated attacker could use this flaw to crash a Kerberos child process via a specially crafted request.
5ad980f4c68fede003281d3f75b3cf69921e4939654d38992cb7f8254c273b7dRed Hat Security Advisory 2015-2231-04 - The Network Time Protocol is used to synchronize a computer's time with another referenced time source. These packages include the ntpd service which continuously adjusts system time and utilities used to query and configure the ntpd service. It was found that because NTP's access control was based on a source IP address, an attacker could bypass source IP restrictions and send malicious control and configuration packets by spoofing ::1 addresses. A denial of service flaw was found in the way NTP hosts that were peering with each other authenticated themselves before updating their internal state variables. An attacker could send packets to one peer host, which could cascade to other peers, and stop the synchronization process among the reached peers.
367755c77b0b38eda48b414ce2bd65326fc2b4deda486e3ad955cc5616ae75beRed Hat Security Advisory 2015-2233-03 - Virtual Network Computing is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients. The tigervnc packages contain a client which allows users to connect to other desktops running a VNC server. An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way TigerVNC handled screen sizes. A malicious VNC server could use this flaw to cause a client to crash or, potentially, execute arbitrary code on the client.
5ccada7c34caaf958800cfea1e733ad5e87e737bb36e29a0e87a6d0b2f1b64bcRed Hat Security Advisory 2015-2151-01 - The xfsprogs packages contain a set of commands to use the XFS file system, including the mkfs.xfs command to construct an XFS system. It was discovered that the xfs_metadump tool of the xfsprogs suite did not fully adhere to the standards of obfuscation described in its man page. In case a user with the necessary privileges used xfs_metadump and relied on the advertised obfuscation, the generated data could contain unexpected traces of potentially sensitive information. The xfsprogs packages have been upgraded to upstream version 3.2.2, which provides a number of bug fixes and enhancements over the previous version. This release also includes updates present in upstream version 3.2.3, although it omits the mkfs.xfs default disk format change which is present upstream.
f7bc74b13a084820f1daa18bd44f76b5de1ea07096c4cf208c26454d41059e61Red Hat Security Advisory 2015-2152-02 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel's file system implementation handled rename operations in which the source was inside and the destination was outside of a bind mount. A privileged user inside a container could use this flaw to escape the bind mount and, potentially, escalate their privileges on the system. A race condition flaw was found in the way the Linux kernel's IPC subsystem initialized certain fields in an IPC object structure that were later used for permission checking before inserting the object into a globally visible list. A local, unprivileged user could potentially use this flaw to elevate their privileges on the system.
06dbad210262abe32fe40f41673bf1f3c59cc04c20cc43a1e532a4849a8b46c6Red Hat Security Advisory 2015-2199-07 - The glibc packages provide the standard C libraries, POSIX thread libraries, standard math libraries, and the Name Server Caching Daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. It was discovered that, under certain circumstances, glibc's getaddrinfo() function would send DNS queries to random file descriptors. An attacker could potentially use this flaw to send DNS queries to unintended recipients, resulting in information disclosure or data loss due to the application encountering corrupted data.
f94e9bae1ee9312a7c4a7f82ecb9725f410c0b7a137de93a1b8c44897482e087Red Hat Security Advisory 2015-2159-06 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. It was found that the libcurl library did not correctly handle partial literal IP addresses when parsing received HTTP cookies. An attacker able to trick a user into connecting to a malicious server could use this flaw to set the user's cookie to a crafted domain, making other cookie-related issues easier to exploit. A flaw was found in the way the libcurl library performed the duplication of connection handles. If an application set the CURLOPT_COPYPOSTFIELDS option for a handle, using the handle's duplicate could cause the application to crash or disclose a portion of its memory.
4c8f1214c87209b025a888e27c36d8b6ff081c288e2cfca9b6e90d6d41fae18dRed Hat Security Advisory 2015-2140-07 - The libssh2 packages provide a library that implements the SSH2 protocol. A flaw was found in the way the kex_agree_methods() function of libssh2 performed a key exchange when negotiating a new SSH session. A man-in-the-middle attacker could use a crafted SSH_MSG_KEXINIT packet to crash a connecting libssh2 client. Previously, libssh2 did not correctly adjust the size of the receive window while reading from an SSH channel. This caused downloads over the secure copy protocol to consume an excessive amount of memory. A series of upstream patches has been applied on the libssh2 source code to improve handling of the receive window size. Now, SCP downloads work as expected.
b68e45af8025497478fc0ae997caa7323085b856d2be7c4e4f55033346d7dc6eHPE Security Bulletin HPSBUX03522 SSRT102942 1 - A potential security vulnerability has been identified in the HP-UX BIND service running named. This vulnerability could be exploited remotely to create a Denial of Service (DoS). Revision 1 of this advisory.
633b86234c3422d4596642a9db25d7bc7a4fba620db6fd90ceb1ab81467cc759The Help Forum on LinkedIn suffered from a cross site scripting vulnerability.
2a9bd1ced4f661fb3399fe7cdf77a6afff11cf4a90862e613b8e31b764cbbe69SHAREit WebShare version 2.3.80 suffers from a cross site request forgery vulnerability.
490d8d74a088ae1e4e4d195dd7241004c00b9d1b1902cad5c9bccb3ab6cd3669Kibana versions prior to 4.1.3 and 4.2.1 suffer from a cross site request forgery vulnerability.
6045ea2c042b81972ed4a68e93347e2b9910ce5897698ea762510910c470cac1VMware Security Advisory 2015-0008 - VMware product updates address information disclosure issue.
1c1a650290da77afa5cfb03bf88b3028205f532ac7c23a35fb455c034ad606faRed Hat Security Advisory 2015-2078-01 - PostgreSQL is an advanced object-relational database management system. A memory leak error was discovered in the crypt() function of the pgCrypto extension. An authenticated attacker could possibly use this flaw to disclose a limited amount of the server memory. A stack overflow flaw was discovered in the way the PostgreSQL core server processed certain JSON or JSONB input. An authenticated attacker could possibly use this flaw to crash the server backend by sending specially crafted JSON or JSONB input.
aac049a21ae427bf24643576d8701e697cfabc9ea4d02e806cb365d534decbceHP Security Bulletin HPSBGN03521 2 - A potential security vulnerability has been identified in HP Operations Orchestration Central. The vulnerability could be exploited to allow Cross-Site Request Forgery (CSRF). Revision 2 of this advisory.
e92f97e1cfb23f448556b38e851e40c4fae3071be411c7a5e4dfb582b77d66c5Debian Linux Security Advisory 3399-1 - Several vulnerabilities have been discovered in the libpng PNG library.
fc770fc5d8fb31cbec5d8f894af8183e571f9cdcc0236dffad328691216700daWireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.
90026c761a85701d7783c7e2eaa4c1de247dfbadbd53221df355f121e42691ddThis Metasploit module exploits an authenticated privilege escalation vulnerability in the iControl API on the F5 BIG-IP LTM (and likely other F5 devices). This requires valid credentials and the Resource Administrator role. The exploit should work on BIG-IP 11.3.0 - 11.6.0, (11.5.x < 11.5.3 HF2 or 11.6.x < 11.6.0 HF6, see references for more details).
f329ba79799be3587e190db0a03ebd17f524e5bca267576582b6c1d628f1c3ce
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed