FLIR utilizes hard-coded credentials within its Linux distribution image. These sets of credentials are never exposed to the end-user and cannot be changed through any normal operation of the camera.
e592ff3872f75caea44a65c9cf351b4dGentoo Linux Security Advisory 201709-25 - Multiple vulnerabilities have been found in Chromium, the worst of which could result in the execution of arbitrary code. Versions less than 61.0.3163.100 are affected.
f80f94ad5d876eb0d68553260041a12eGentoo Linux Security Advisory 201709-24 - Multiple vulnerabilities have been found in RAR and UnRAR, the worst of which may allow attackers to execute arbitrary code. Versions less than 5.5.0_p20170811 are affected.
744dcd51a8f0144278e893e8f3a2a61bUbuntu Security Notice 3429-1 - Wang Junjie discovered that Libplist incorrectly handled certain files. If a user were tricked into opening a crafted file, an attacker could possibly use this to cause a crash or denial or service.
3f7875fd0d82b91926603a8e065335f1Gentoo Linux Security Advisory 201709-23 - Multiple vulnerabilities have been found in Tcpdump, the worst of which may allow execution of arbitrary code. Versions less than 4.9.2 are affected.
ff8a03c4dc3fd32708e44ae07f1a71a2Red Hat Security Advisory 2017-2792-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 61.0.3163.100. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim.
af9a395b5c81640f5171a1af26e95dbfGentoo Linux Security Advisory 201709-22 - Multiple vulnerabilities have been found in Oracle's JRE and JDK software suites, and IcedTea, the worst of which may allow execution of arbitrary code. Versions less than 1.8.0.141 are affected.
702931abb96a5de04ac95434ba1896f0Gentoo Linux Security Advisory 201709-21 - Multiple vulnerabilities have been found in PHP, the worst of which could result in the execution of arbitrary code. Versions less than 5.6.31:5.6 are affected.
e37ef91858dce51d5410cc67c898748fGentoo Linux Security Advisory 201709-20 - A vulnerability in Postfix may allow local users to gain root privileges. Versions less than 3.1.6 are affected.
52755bd8a08016b2a85cec49eaaf5015Gentoo Linux Security Advisory 201709-19 - A vulnerability in Exim may allow local users to gain root privileges. Versions less than 4.89-r1 are affected.
c4cda9020eacdc18314d460e10c57921Gentoo Linux Security Advisory 201709-18 - Multiple vulnerabilities have been found in Mercurial, the worst of which could lead to the remote execution of arbitrary code. Versions less than 4.3 are affected.
6d02a0446582a8ec15b99209a9eab5ecGentoo Linux Security Advisory 201709-17 - A command injection vulnerability in CVS may allow remote attackers to execute arbitrary code. Versions less than 1.12.12-r12 are affected.
171398e6faeace9a376cb8e0553dd671BlueBorne BlueTooth buffer overflow proof of concept exploit that causes a denial of service vulnerability on Linux kernels prior to 4.13.1.
8fe062e0b377bb75c70ddb9e02781792Gentoo Linux Security Advisory 201709-16 - Multiple vulnerabilities have been found in Adobe Flash Player, the worst of which allows remote attackers to execute arbitrary code. Versions less than 27.0.0.130-r1 are affected.
8e180349adc073694cc7b8486abdbf34Gentoo Linux Security Advisory 201709-15 - Multiple vulnerabilities have been found in Chromium, the worst of which could result in the execution of arbitrary code. Versions less than 61.0.3163.79 are affected.
d048c4800c946e9207820e838da49cd1Slackware Security Advisory - New libxml2 packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.
b46a3296e21e541a621e9ec13dd76d78Debian Linux Security Advisory 3983-1 - Multiple security issues have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix.
001e567c05ebb98dda23c0460e9e7f05Red Hat Security Advisory 2017-2787-01 - MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld, and many client programs. The following packages have been upgraded to a later upstream version: rh-mysql56-mysql. Security Fix: An integer overflow flaw leading to a buffer overflow was found in the way MySQL parsed connection handshake packets. An unauthenticated remote attacker with access to the MySQL port could use this flaw to crash the mysqld daemon.
4a5b74dd1133da4dc8dd48f82d747670Red Hat Security Advisory 2017-2778-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix: A race condition was found in samba server. A malicious samba client could use this flaw to access files and directories in areas of the server file system not exported under the share definitions.
a2223c4fb9976c36e1cdf43e8720d475Red Hat Security Advisory 2017-2788-01 - Augeas is a configuration editing tool. It parses configuration files in their native formats and transforms them into a tree. Configuration changes are made by manipulating this tree and saving it back into native config files. Security Fix: A vulnerability was discovered in augeas affecting the handling of escaped strings. An attacker could send crafted strings that would cause the application using augeas to copy past the end of a buffer, leading to a crash or possible code execution.
830550689386d8cf449f961c2cea0eaaRed Hat Security Advisory 2017-2791-01 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. Security Fix: It was found that samba did not enforce "SMB signing" when certain configuration options were enabled. A remote attacker could launch a man-in-the-middle attack and retrieve information in plain-text.
48157316bb57da5482376daa7dbb1bb4Red Hat Security Advisory 2017-2790-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix: It was found that samba did not enforce "SMB signing" when certain configuration options were enabled. A remote attacker could launch a man-in-the-middle attack and retrieve information in plain-text.
d4cd7c1e7b87af03b00efb105c06a969Ubuntu Security Notice 3428-1 - Charles A. Roelli discovered that Emacs incorrectly handled certain files. If a user were tricked into opening a specially crafted file, an attacker could possibly use this to execute arbitrary code.
0ad0f2d28e272eaec11afd8faea9d360Ubuntu Security Notice 3427-1 - Charles A. Roelli discovered that Emacs incorrectly handled certain files. If a user were tricked into opening a specially crafted file, an attacker could possibly use this to execute arbitrary code.
90491b275c7839b7a56f2df76dcd5546Ubuntu Security Notice 3426-1 - Stefan Metzmacher discovered that Samba incorrectly enforced SMB signing in certain situations. A remote attacker could use this issue to perform a man in the middle attack. Stefan Metzmacher discovered that Samba incorrectly handled encryption across DFS redirects. A remote attacker could use this issue to perform a man in the middle attack. Yihan Lian and Zhibin Hu discovered that Samba incorrectly handled memory when SMB1 is being used. A remote attacker could possibly use this issue to obtain server memory contents. Various other issues were also addressed.
e2078333b00028eb10dbb8aa6c2c164f
© 2016 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed