all things security
Showing 51 - 75 of 31,817 RSS Feed

Operating System: Linux

Red Hat Security Advisory 2017-1739-01
Posted Jul 12, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1739-01 - OpenStack Dashboard provides administrators and users with a graphical interface to access, provision, and automate cloud-based resources. Security Fix: A cross-site scripting flaw was discovered in the OpenStack dashboard which allowed remote authenticated administrators to conduct XSS attacks using a crafted federation mapping rule. For this flaw to be exploited, federation mapping must be enabled in the dashboard.

tags | advisory, remote, xss
systems | linux, redhat
advisories | CVE-2017-7400
MD5 | 95af0406275f158f0085ef9a2ede7899
Red Hat Security Advisory 2017-1731-01
Posted Jul 12, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1731-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update upgrades Flash Player to version 26.0.0.137. Security Fix: This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities, detailed in the Adobe Security Bulletin listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content.

tags | advisory, web, arbitrary, vulnerability
systems | linux, redhat
advisories | CVE-2017-3080, CVE-2017-3099, CVE-2017-3100
MD5 | 32cef9657a3ce726d633e0dba2951591
Red Hat Security Advisory 2017-1721-01
Posted Jul 12, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1721-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: It was discovered that the HTTP parser in httpd incorrectly allowed certain characters not permitted by the HTTP protocol specification to appear unencoded in HTTP request headers. If httpd was used in conjunction with a proxy or backend server that interpreted those characters differently, a remote attacker could possibly use this flaw to inject data into HTTP responses, resulting in proxy cache poisoning.

tags | advisory, remote, web, protocol
systems | linux, redhat
advisories | CVE-2016-8743
MD5 | fc524626b25012e84611eccacaa89fdf
Red Hat Security Advisory 2017-1715-01
Posted Jul 12, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1715-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lacked certain checks for the end of a buffer. A remote attacker could trigger a pointer-arithmetic error or possibly cause other unspecified impacts using crafted requests related to fs/nfsd/nfs3xdr.c and fs/nfsd/nfsxdr.c.

tags | advisory, remote, kernel
systems | linux, redhat
advisories | CVE-2017-7895
MD5 | 6cb9a3cd6aba6439cf93b7f8e27fb742
Red Hat Security Advisory 2017-1723-01
Posted Jul 12, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1723-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lacked certain checks for the end of a buffer. A remote attacker could trigger a pointer-arithmetic error or possibly cause other unspecified impacts using crafted requests related to fs/nfsd/nfs3xdr.c and fs/nfsd/nfsxdr.c.

tags | advisory, remote, kernel
systems | linux, redhat
advisories | CVE-2017-7895
MD5 | 75185b7c03dfc5dde8fb73a832f79046
xfrm Out-Of-Bounds Read
Posted Jul 12, 2017
Authored by bo Zhang

When dealing with XFRM_MSG_MIGRATE message, xfrm_migrate func does not check dir value of xfrm_userpolicy_id. This will cause out of bound access to net->xfrm.policy_bydst in policy_hash_direct func and others when dir value exceeds XFRM_POLICY_MAX. Linux kernel versions 4.12 and below are affected.

tags | advisory, kernel
systems | linux
MD5 | 0a9bccc3cad6b206f80adee221c9dd8f
Gentoo Linux Security Advisory 201707-14
Posted Jul 10, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201707-14 - A vulnerability in Gajim might allow remote attackers to intercept encrypted communications. Versions less than 0.16.6-r1 are affected.

tags | advisory, remote
systems | linux, gentoo
advisories | CVE-2016-10376
MD5 | 2ce7a444a40b74b85f8b2e84b09636cf
Slackware Security Advisory - irssi Updates
Posted Jul 10, 2017
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New irssi packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2017-10965, CVE-2017-10966
MD5 | 6f917da1caa8bfc75814b1bb03ee4aa7
Gentoo Linux Security Advisory 201707-13
Posted Jul 10, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201707-13 - Multiple vulnerabilities have been found in libcroco, the worst of which may have unspecified impacts. Versions less than 0.6.12-r1 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
advisories | CVE-2017-7960, CVE-2017-7961
MD5 | 1793e2952d6addae780a82cc3f100816
Debian Security Advisory 3905-1
Posted Jul 10, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3905-1 - Two security issues have been discovered in the X.org X server, which may lead to privilege escalation or an information leak.

tags | advisory
systems | linux, debian
advisories | CVE-2017-10971, CVE-2017-10972
MD5 | eec15ef958b064e5d22c3fbaa8454462
Gentoo Linux Security Advisory 201707-08
Posted Jul 9, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201707-8 - A vulnerability in feh might allow remote attackers to execute arbitrary code. Versions less than 2.18.3 are affected.

tags | advisory, remote, arbitrary
systems | linux, gentoo
advisories | CVE-2017-7875
MD5 | 40951553fff817c1dc86e7aab502b98f
Gentoo Linux Security Advisory 201707-07
Posted Jul 9, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201707-7 - Multiple vulnerabilities have been found in JasPer, the worst of which could could allow an attacker to execute arbitrary code. Versions less than 2.0.12 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2015-5203, CVE-2015-8751, CVE-2016-9262, CVE-2016-9591
MD5 | a80f5473fe70b14926714399895e5370
Gentoo Linux Security Advisory 201707-06
Posted Jul 9, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201707-6 - Multiple vulnerabilities have been found in virglrenderer, the worst of which could allow local guest OS users to cause a Denial of Service condition. Versions are affected.

tags | advisory, denial of service, local, vulnerability
systems | linux, gentoo
advisories | CVE-2016-10163, CVE-2016-10214, CVE-2017-5580, CVE-2017-5956, CVE-2017-5957, CVE-2017-5993, CVE-2017-5994, CVE-2017-6209, CVE-2017-6210, CVE-2017-6317, CVE-2017-6355, CVE-2017-6386
MD5 | 3f4534c3255b0846c107799ebecc5712
Gentoo Linux Security Advisory 201707-05
Posted Jul 9, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201707-5 - Multiple vulnerabilities have been found in OpenSLP, the worst of which allows remote attackers to cause a Denial of Service condition or other unspecified impacts. Versions less than 2.0.0-r4 are affected.

tags | advisory, remote, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2010-3609, CVE-2012-4428, CVE-2016-4912, CVE-2016-7567
MD5 | 1a3ddce2f748c7c3ff71382b62ca0845
Gentoo Linux Security Advisory 201707-04
Posted Jul 9, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201707-4 - Multiple vulnerabilities have been found in libsndfile, the worst of which might allow remote attackers to execute arbitrary code. Versions less than 1.0.28 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2017-7585, CVE-2017-7586, CVE-2017-7741, CVE-2017-7742
MD5 | 38cbfd5398ee180b875237e9e50b1329
Gentoo Linux Security Advisory 201707-03
Posted Jul 9, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201707-3 - A vulnerability in phpMyAdmin might allow remote attackers to bypass authentication. Versions less than 4.0.10.20 are affected.

tags | advisory, remote
systems | linux, gentoo
MD5 | 51b517f05def67e4d8a109b8077e4599
Gentoo Linux Security Advisory 201707-02
Posted Jul 9, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201707-2 - Multiple vulnerabilities have been found in Game Music Emu, the worst of which could lead to the execution of arbitrary code. Versions are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2016-9957, CVE-2016-9958, CVE-2016-9959, CVE-2016-9960, CVE-2016-9961
MD5 | 9e23fc9a4f05a5a92addf2ea5ccd7279
Gentoo Linux Security Advisory 201707-11
Posted Jul 9, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201707-11 - A vulnerability in RoundCube may allow authenticated users to bypass security restrictions. Versions less than 1.2.5 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2017-8114
MD5 | 39c1034455ea3979431c584a89fa0932
Gentoo Linux Security Advisory 201707-10
Posted Jul 9, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201707-10 - Multiple vulnerabilities have been found in VLC, the worst of which may allow remote attackers to execute arbitrary code. Versions less than 2.2.6 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2017-8310, CVE-2017-8311, CVE-2017-8312, CVE-2017-8313
MD5 | a2c2fafa64935fe01062ec3036b6835b
Gentoo Linux Security Advisory 201707-09
Posted Jul 9, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201707-9 - A vulnerability has been found in GNOME applet for NetworkManager allowing local attackers to access the local filesystem. Versions less than 1.4.6-r1 are affected.

tags | advisory, local
systems | linux, gentoo
advisories | CVE-2017-6590
MD5 | 15516137dcdcdd7dd84d94bca455ae67
Debian Security Advisory 3904-1
Posted Jul 8, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3904-1 - ClA(c)ment Berthaux from Synaktiv discovered two vulnerabilities in BIND, a DNS server implementation. They allow an attacker to bypass TSIG authentication by sending crafted DNS packets to a server.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2017-3142, CVE-2017-3143
MD5 | 614af9c12cc1f45c436a7ec95a3703db
Slackware Security Advisory - php Updates
Posted Jul 8, 2017
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New php packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.

tags | advisory, php
systems | linux, slackware
advisories | CVE-2017-9224, CVE-2017-9226, CVE-2017-9227, CVE-2017-9228, CVE-2017-9229
MD5 | b0ea49baf368fafefa60aaacd3034567
Ubuntu Security Notice USN-3350-1
Posted Jul 7, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3350-1 - Aleksandar Nikolic discovered that poppler incorrectly handled JPEG 2000 images. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service or possibly execute arbitrary code with privileges of the user invoking the program. Jiaqi Peng discovered that the poppler pdfunite tool incorrectly parsed certain malformed PDF documents. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause poppler to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-2820, CVE-2017-7511, CVE-2017-7515, CVE-2017-9083, CVE-2017-9406, CVE-2017-9408, CVE-2017-9775
MD5 | 548be691af892f773e9a819ceafa873b
Red Hat Security Advisory 2017-1712-01
Posted Jul 6, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1712-01 - Red Hat 3scale API Management Platform 2.0 is a platform for the management of access and traffic for web-based APIs across a variety of deployment options. Security Fix: It was found that RH-3scale AMP would permit creation of an access token without a client secret. An attacker could use this flaw to circumvent authentication controls and gain access to restricted APIs. The underlying container image was also rebuilt to resolve other security issues.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2017-1000364, CVE-2017-1000366, CVE-2017-7502, CVE-2017-7512
MD5 | 956dddcd24d616d3e3eb9855a25dca7e
Red Hat Security Advisory 2017-1685-01
Posted Jul 6, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1685-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. The following packages have been upgraded to a later upstream version: ansible. Multiple security issues have been addressed.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2016-8647, CVE-2016-9587, CVE-2017-7466
MD5 | 084dc8c61b5bccdb4f01fcf963d46fc5
Page 3 of 1,273
Back12345Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    2 Files
  • 24
    Jul 24th
    19 Files
  • 25
    Jul 25th
    28 Files
  • 26
    Jul 26th
    2 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close