MyLittleForum version 2.3.5 suffers from a PHP command execution vulnerability.
2d0eb479e123885dc4f3ba4bea291050b16793c255cfefd1c779cd7cd6e61bd6Red Hat Security Advisory 2016-1345-01 - Red Hat JBoss BRMS is a business rules management system for the management, storage, creation, modification, and deployment of JBoss Rules. Security Fix: It was found that JGroups did not require necessary headers for encrypt and auth protocols from new nodes joining the cluster. An attacker could use this flaw to bypass security restrictions, and use this vulnerability to send and receive messages within the cluster, leading to information disclosure, message spoofing, or further possible attacks.
2fc622331271f6afa73eb4f7e48d1d066bc6cbbf159a462885b921ad6608bee7Ubuntu Security Notice 3016-4 - USN-3016-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility IPT_SO_SET_REPLACE events on 64 bit platforms. A local unprivileged attacker could use this to cause a denial of service (system crash) or execute arbitrary code with administrative privileges. Various other issues were also addressed.
8b422961da61bd3f40b99e99fad351371bb6609bb98f432f77cc11d8d554d24bUbuntu Security Notice 3017-3 - USN-3017-1 fixed vulnerabilities in the Linux kernel for Ubuntu 15.10. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 15.10 for Ubuntu 14.04 LTS. Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility IPT_SO_SET_REPLACE events on 64 bit platforms. A local unprivileged attacker could use this to cause a denial of service (system crash) or execute arbitrary code with administrative privileges. Various other issues were also addressed.
a1beb623f5e33a2e8c161fd6cca966622aa0882f56c90c2404ac48f36c15fc9bUbuntu Security Notice 3021-2 - Andrey Konovalov discovered that the CDC Network Control Model USB driver in the Linux kernel did not cancel work events queued if a later error occurred, resulting in a use-after-free. An attacker with physical access could use this to cause a denial of service (system crash). Kangjie Lu discovered an information leak in the core USB implementation in the Linux kernel. A local attacker could use this to obtain potentially sensitive information from kernel memory. Various other issues were also addressed.
a1920ccfc4f4c6e5f276bfd5d75431b8b3ae7cb57f8387df52a131fbfbe2120fUbuntu Security Notice 3021-1 - Andrey Konovalov discovered that the CDC Network Control Model USB driver in the Linux kernel did not cancel work events queued if a later error occurred, resulting in a use-after-free. An attacker with physical access could use this to cause a denial of service (system crash). Kangjie Lu discovered an information leak in the core USB implementation in the Linux kernel. A local attacker could use this to obtain potentially sensitive information from kernel memory. Various other issues were also addressed.
a58aea903cc903ad65202dc2ce64c473a75d915b0fa02a508452f77673343643Gentoo Linux Security Advisory 201606-19 - Kwalletd password stores are vulnerable to codebook attacks. Versions less than 4.14.3-r2 are affected.
ea592a530bcb697a8742eb3a0b6c8b5ba892f26c30d3e70a01ddfbf99e837986Gentoo Linux Security Advisory 201606-18 - Multiple vulnerabilities have been found in IcedTea allowing remote attackers to affect confidentiality, integrity, and availability through various vectors. Versions less than 7.2.6.6-r1 are affected.
ebdd1b365bfa8f378b59b53cf2276953c442ce0a028d0eab48f33412fe350ecfUbuntu Security Notice 3020-1 - Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility IPT_SO_SET_REPLACE events on 64 bit platforms. A local unprivileged attacker could use this to cause a denial of service (system crash) or execute arbitrary code with administrative privileges. Kangjie Lu discovered an information leak in the core USB implementation in the Linux kernel. A local attacker could use this to obtain potentially sensitive information from kernel memory. Various other issues were also addressed.
54f83afa154640f8024df9abd28aa401d3608933d58a98291d2ff9437c61ffc3Ubuntu Security Notice 3018-2 - USN-3018-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility IPT_SO_SET_REPLACE events on 64 bit platforms. A local unprivileged attacker could use this to cause a denial of service (system crash) or execute arbitrary code with administrative privileges. Various other issues were also addressed.
967ed36586a074ad56c5537a86344439a141220272f76359ff378d22c3a93cd7Ubuntu Security Notice 3019-1 - Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility IPT_SO_SET_REPLACE events on 64 bit platforms. A local unprivileged attacker could use this to cause a denial of service (system crash) or execute arbitrary code with administrative privileges. Kangjie Lu discovered an information leak in the core USB implementation in the Linux kernel. A local attacker could use this to obtain potentially sensitive information from kernel memory. Various other issues were also addressed.
9290b489b84336a68219bbf34af20a42bbcb89266e0f5470f3726d9949ced727Ubuntu Security Notice 3018-1 - Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility IPT_SO_SET_REPLACE events on 64 bit platforms. A local unprivileged attacker could use this to cause a denial of service (system crash) or execute arbitrary code with administrative privileges. Kangjie Lu discovered an information leak in the core USB implementation in the Linux kernel. A local attacker could use this to obtain potentially sensitive information from kernel memory. Various other issues were also addressed.
19b9ec27b0226f3c7b7630645b541791cdab6e5d2596d808843adf1e12571f08Red Hat Security Advisory 2016-1347-01 - Red Hat JBoss BPM Suite is a business rules and processes management system for the management, storage, creation, modification, and deployment of JBoss rules and BPMN2-compliant business processes. Security Fix: It was found that JGroups did not require necessary headers for encrypt and auth protocols from new nodes joining the cluster. An attacker could use this flaw to bypass security restrictions, and use this vulnerability to send and receive messages within the cluster, leading to information disclosure, message spoofing, or further possible attacks.
a0fd5df58421128c1a07f21c9a92276cf8767d845c7f9e6fc3c0aecc8f18306dRed Hat Security Advisory 2016-1346-01 - Red Hat JBoss Data Virtualization is a lean data integration solution that provides easy, real-time, and unified data access across disparate sources to multiple applications and users. JBoss Data Virtualization makes data spread across physically distinct systems - such as multiple databases, XML files, and even Hadoop systems - appear as a set of tables in a local database. Security Fix: It was found that JGroups did not require necessary headers for encrypt and auth protocols from new nodes joining the cluster. An attacker could use this flaw to bypass security restrictions, and use this vulnerability to send and receive messages within the cluster, leading to information disclosure, message spoofing, or further possible attacks.
10910d0024b75b8f8033a76719b206b712d0277d444d33e117eb8cfe6f89d1bcLinux x86 /bin/sh shellcode with ASLR bruteforce.
eb9f0e8da13c2d6306f0927441510c06cf9a7ae3abc0d02412ff3582db632f27Armadito suffers from a remote arbitrary file write due to a man-in-the-middle issue.
3c940d2b604802823a92dfde76f87dccff6b8a34a3da8280c1427ca2bcaf9d01Craft CMS versions prior to build 2791 suffer from a server-side template injection vulnerability.
d6c07b9c38fb3cfe42f98d1ca5686bfe86383f8459ba8e4a28ecb5a9583adf0bPspInitializeFullProcessImageName does not correctly handle a NULL pointer being passed to it leading to a dereference at NULL for a file object which might be exploitable on 32 bit systems for elevation of privilege.
70b82482716445062d80fb96e4fdd034b32b3c939d117b27406277646b4a03a2Kagao version 3.0 suffers from cross site scripting and remote SQL injection vulnerabilities.
3441d2b7a7e0124aa7760c90c3df1efc3b9e7bd94c8da1b4064565815f2bb51bUntangle NGFW versions 12.1.0 Beta and below execEvil() authentication root command injection exploit.
6b6b9f55e4e0320da456dbd48649b468e11cad30e125d2f8cbdbf12e0f473a27Ubuntu Security Notice 3017-1 - Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility IPT_SO_SET_REPLACE events on 64 bit platforms. A local unprivileged attacker could use this to cause a denial of service (system crash) or execute arbitrary code with administrative privileges. Kangjie Lu discovered an information leak in the core USB implementation in the Linux kernel. A local attacker could use this to obtain potentially sensitive information from kernel memory. Various other issues were also addressed.
79f36f91ab71a9288eb4ac5bd94a84055fe207a3b8ffde26e2b998bac448de0bUbuntu Security Notice 3017-2 - Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility IPT_SO_SET_REPLACE events on 64 bit platforms. A local unprivileged attacker could use this to cause a denial of service (system crash) or execute arbitrary code with administrative privileges. Kangjie Lu discovered an information leak in the core USB implementation in the Linux kernel. A local attacker could use this to obtain potentially sensitive information from kernel memory. Various other issues were also addressed.
9a2ae0d9a1ce7f3c114d1711ce02b4e07a2fdfe9dd0b82dad517fe7ff5247145Red Hat Security Advisory 2016-1341-01 - The kernel-rt package contain the Linux kernel, the core of any Linux operating system. This update provides a build of the kernel-rt package for Red Hat Enterprise MRG 2.5 that is layered on Red Hat Enterprise Linux 6, and provides a number of bug fixes.
d575326270c1ed2341561383bf71c876563587ce203f19a644eee79474e53727Ubuntu Security Notice 3016-3 - Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility IPT_SO_SET_REPLACE events on 64 bit platforms. A local unprivileged attacker could use this to cause a denial of service (system crash) or execute arbitrary code with administrative privileges. Kangjie Lu discovered an information leak in the core USB implementation in the Linux kernel. A local attacker could use this to obtain potentially sensitive information from kernel memory. Various other issues were also addressed.
4a46c330fbc5d59fcecbb0755e870ff87b7bc2891a32e3f9e0bc14cf19ac7aa1Gentoo Linux Security Advisory 201606-17 - Multiple vulnerabilities have been found in hostapd and wpa_supplicant, allowing remote attackers to execute arbitrary code or cause Denial of Service. Versions less than 2.5 are affected.
5d7af6d69f7d7ea29cb1b7d706cf8f37dc0cd7148f64745c77580d11fd656dde
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed