Red Hat Security Advisory 2017-0621-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix: An integer overflow flaw and an out-of-bounds read flaw were found in the way QEMU's VGA emulator set certain VGA registers while in VBE mode. A privileged guest user could use this flaw to crash the QEMU process instance.
5df48be0076ba6570122f9d535844bf11965e06ce3af382946e0d5a48b7e6d85Red Hat Security Advisory 2017-0574-01 - The gnutls packages provide the GNU Transport Layer Security library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. The following packages have been upgraded to a later upstream version: gnutls. Security Fix: A denial of service flaw was found in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections form other clients.
3e0fbad2d991e3754f3de9773a4b00b3ba45b6d5c193eac6121d81189ab9e730Red Hat Security Advisory 2017-0565-01 - OCaml is a high-level, strongly-typed, functional, and object-oriented programming language from the ML family of languages. The ocaml packages contain two batch compilers, an interactive top level system, parsing tools, a replay debugger, a documentation generator, and a comprehensive library. Security Fix: An integer conversion flaw was found in the way OCaml's String handled its length. Certain operations on an excessively long String could trigger a buffer overflow or result in an information leak.
7ec4a04c9b22cf05a24b055ff0a915044b74d928cafb2a5b4923b92b7dfdb68bRed Hat Security Advisory 2017-0564-01 - The libguestfs packages contain a library, which is used for accessing and modifying virtual machine disk images. Security Fix: An integer conversion flaw was found in the way OCaml's String handled its length. Certain operations on an excessively long String could trigger a buffer overflow or result in an information leak. Note: The libguestfs packages in this advisory were rebuilt with a fixed version of OCaml to address this issue.
13e2ecc8a13af222de17972b009f4a313cce49b6e9f9523c18baa3b620443535Ubuntu Security Notice 3239-1 - It was discovered that the GNU C Library incorrectly handled the strxfrm function. An attacker could use this issue to cause a denial of service or possibly execute arbitrary code. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. It was discovered that an integer overflow existed in the _IO_wstr_overflow function of the GNU C Library. An attacker could use this to cause a denial of service or possibly execute arbitrary code. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. Various other issues were also addressed.
a086af7e2dbc01251777d0699eb6cb41c5a2b8b291a0d8d90e74157971b520c5Red Hat Security Advisory 2017-0817-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: It was discovered that a remote attacker could leverage the generation of IPv6 atomic fragments to trigger the use of fragmentation in an arbitrary IPv6 flow and could subsequently perform any type of a fragmentation-based attack against legacy IPv6 nodes that do not implement RFC6946.
597c633d164dd5b659055724a7f94dfa6104bd1ddf58babc8fd4e61d37290908Ubuntu Security Notice 3240-1 - It was discovered that the NVIDIA graphics drivers contained a flaw in the kernel mode layer. A local attacker could use this issue to cause a denial of service.
2699f0a251a71c47e3720ed4b11d0f247f4f7b4f326059f83a39fbbafbfab3a5Red Hat Security Advisory 2017-0794-01 - The quagga packages contain Quagga, the free network-routing software suite that manages TCP/IP based protocols. Quagga supports the BGP4, BGP4+, OSPFv2, OSPFv3, RIPv1, RIPv2, and RIPng protocols, and is intended to be used as a Route Server and Route Reflector. Security Fix: A stack-based buffer overflow flaw was found in the way Quagga handled IPv6 router advertisement messages. A remote attacker could use this flaw to crash the zebra daemon resulting in denial of service.
382a7eb4860c0cafcd06124913757757571d5dd5111b8d10cb82337462076114Red Hat Security Advisory 2017-0744-01 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. Security Fix: It was found that Samba always requested forwardable tickets when using Kerberos authentication. A service to which Samba authenticated using Kerberos could subsequently use the ticket to impersonate Samba to other services or domain users.
1ce8166802d57628cd0aacc6d9c34081469c6920c71ff18af394355450dc4b92Red Hat Security Advisory 2017-0725-01 - The bash packages provide Bash, which is the default shell for Red Hat Enterprise Linux. Security Fix: An arbitrary command injection flaw was found in the way bash processed the hostname value. A malicious DHCP server could use this flaw to execute arbitrary commands on the DHCP client machines running bash under specific circumstances. An arbitrary command injection flaw was found in the way bash processed the SHELLOPTS and PS4 environment variables. A local, authenticated attacker could use this flaw to exploit poorly written setuid programs to elevate their privileges under certain circumstances.
ec88f4635773f8c357e90336dc5b241990df59544ff8b895b01996472d9147fbRed Hat Security Advisory 2017-0698-01 - The subscription-manager packages provide programs and libraries to allow users to manage subscriptions and yum repositories from the Red Hat entitlement platform. The subscription-manager-migration-data package provides certificates for migrating a system from the legacy Red Hat Network Classic to Red Hat Subscription Management. The python-rhsm packages provide a library for communicating with the representational state transfer interface of a Red Hat Unified Entitlement Platform. The Subscription Management tools use this interface to manage system entitlements, certificates, and access to content.
7ed7a3cd5cca5a76507d1f1a74e96ab9486e5b99469084c67b9095081b236c8fRed Hat Security Advisory 2017-0680-01 - The glibc packages provide the standard C libraries, POSIX thread libraries, standard math libraries, and the name service cache daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix: A stack overflow vulnerability was found in nan* functions that could cause applications, which process long strings with the nan function, to crash or, potentially, execute arbitrary code.
324d43db935a7ec05e599e403198eb2ed3ce4e5f8890b00bc2368b2c12b3560dRed Hat Security Advisory 2017-0654-01 - The coreutils packages contain the GNU Core Utilities and represent a combination of the previously used GNU fileutils, sh-utils, and textutils packages. Security Fix: A race condition was found in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions.
0a6e6561b675d0cda0718db60cdc2b972bac9e81b2d5915d4e6a951edb1a4a6eRed Hat Security Advisory 2017-0662-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix: It was found that Samba always requested forwardable tickets when using Kerberos authentication. A service to which Samba authenticated using Kerberos could subsequently use the ticket to impersonate Samba to other services or domain users.
442935e6a374fb7bc908d12b18c53e8f934e99f5d371e37ea8509b0e862caf86Red Hat Security Advisory 2017-0641-01 - OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fix: It was discovered that the OpenSSH sshd daemon fetched PAM environment settings before running the login program. In configurations with UseLogin=yes and the pam_env PAM module configured to read user environment settings, a local user could use this flaw to execute arbitrary code as root.
1e04f6c86073b42f0d6aac48811b28484c12a88852f4aa3a8049cc76fe1f3f41Red Hat Security Advisory 2017-0631-01 - The wireshark packages contain a network protocol analyzer used to capture and browse the traffic running on a computer network. Security Fix: Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file.
a857a0533e9d54b99d71f61dabbae572e2cb165bdc70df97f720572b2a66cc2bRed Hat Security Advisory 2017-0630-01 - Virtual Network Computing is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients. The tigervnc packages contain a client which allows users to connect to other desktops running a VNC server. Security Fix: A denial of service flaw was found in the TigerVNC's Xvnc server. A remote unauthenticated attacker could use this flaw to make Xvnc crash by terminating the TLS handshake process early.
07f7f8ba8a8df7e79f920eae4fc677b6d156caef1b63841bdec008081b481281Ubuntu Security Notice 3173-2 - USN-3173-1 fixed a vulnerability in nvidia-graphics-drivers-304 and nvidia-graphics-drivers-340. This update provides the corresponding update for nvidia-graphics-drivers-375. It was discovered that the NVIDIA graphics drivers contained a flaw in the kernel mode layer. A local attacker could use this issue to cause a denial of service. Various other issues were also addressed.
7c048d77dfb2bf8dbf684be157012eb2dd7edbede534637fe240c791a22cb615Adium version 1.5.10.2 includes a vulnerable version of libpurple that permits for arbitrary code execution on the client.
ecda5b423632c41687024c6a3f6d0c1f5e08a999e78e7e3f2993c4210cff312bSAP NetWeaver UMEADMIN versions 7.00 through 7.50 suffer from a flaw where an authenticated user, via web administration, can trigger directory creation anywhere where the SAP OS user has access.
577200dbf4a5c8490c6147ad8f89d5b575f031125524538d758210005cb31e60Mozilla Firefox suffers from a table use-after-free vulnerability.
467f7a92740d3d939226cb316dd4c5564e04846cf418f83875fb7b601f8b7208QEMU suffers from a user-to-root privilege escalation vulnerability inside a VM due to bad translation caching.
74d8a4da2eececbe3a87b250db6f2910fc8e230b7a633005d7eee64a8add2dfdMicrosoft Internet Explorer textarea.defaultValue suffers from a memory disclosure vulnerability.
ac793dbfcfd50f86e76daaec9db6ea8bbe858fab353e8120a1fd34fc827042c7Microsoft Windows Color Management library suffers from a crash vulnerability.
d8b5a0f9ed27dd056074d79c0c02c272b69aaf61b79088f8b789acd3cc8dac17Microsoft Windows Uniscribe heap-based out-of-bounds read in USP10!ScriptApplyLogicalWidth, trigger via EMF.
c976124308aa7d2309e821e4ccdfc17df48f58f1c95c1b5642a57b8d90341d41
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed