Red Hat Security Advisory 2018-3742-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a bypass vulnerability.
a536daf988385acb0640a8926ac1f143Ubuntu Security Notice 3834-2 - USN-3834-1 fixed a vulnerability in perl. This update provides the corresponding update for Ubuntu 12.04 ESM. Jayakrishna Menon discovered that Perl incorrectly handled Perl_my_setenv. An attacker could use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
4b1cb856c5b70ee9027861be4c5bfe83Ubuntu Security Notice 3834-1 - Jayakrishna Menon discovered that Perl incorrectly handled Perl_my_setenv. An attacker could use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. Eiichi Tsukata discovered that Perl incorrectly handled certain regular expressions. An attacker could use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 18.10. Various other issues were also addressed.
d49d4e952670e88373b599e721903471Red Hat Security Advisory 2018-3757-01 - PostgreSQL is an advanced object-relational database management system. Issues addressed include a remote SQL injection vulnerability.
a2205de1b07afe2f0e4e586bbf67caddDebian Linux Security Advisory 4349-1 - Multiple vulnerabilities have been discovered in the libtiff library and the included tools, which may result in denial of service or the execution of arbitrary code if malformed image files are processed.
6897f1ef190f40a3af0d27ad61263ffcDebian Linux Security Advisory 4348-1 - Several local side channel attacks and a denial of service via large Diffie-Hellman parameters were discovered in OpenSSL, a Secure Sockets Layer toolkit.
9f26279cb338cd2494304ede9e253c79Gentoo Linux Security Advisory 201812-4 - Multiple vulnerabilities have been found in WebKitGTK+, the worst of which may lead to arbitrary code execution. Versions less than 2.22.0 are affected.
2ba4bb9a032b71590ee90d26674984a7Gentoo Linux Security Advisory 201812-3 - A vulnerability in Nagios allows local users to escalate privileges. Versions less than 4.3.4 are affected.
299b0ec3d0ed6317fe961bf17bc2fe86Gentoo Linux Security Advisory 201812-2 - Multiple vulnerabilities have been found in ConnMan, the worst of which could result in the remote execution of code. Versions less than 1.35-r1 are affected.
5e639e0b243ff077abc2032679809193Gentoo Linux Security Advisory 201812-1 - Multiple vulnerabilities have been found in PHP, the worst of which could result in a Denial of Service condition. Multiple versions are affected.
855d25fbb1fcefb9b726efaee310ece2MicroStrategy version 10.4.0026.0049 suffers from a cross site request forgery vulnerability.
2f98aeb9c0986855d5bef56221d9fc5dATool version 1.0.0.2 suffers from a stack buffer overflow vulnerability.
175e62a0fb789b39770e9a99aaf344aaGentoo Linux Security Advisory 201811-24 - A SQL injection in PostgreSQL may allow attackers to execute arbitrary SQL statements. Many versions are affected.
2c5c05bb7720097c90c3c02d5810031cGentoo Linux Security Advisory 201811-23 - Multiple vulnerabilities have been found in libsndfile, the worst of which might allow remote attackers to cause a Denial of Service condition. Versions less than 1.0.28-r4 are affected.
97e38014b0f5277a6a8c66b8428ac6a3Ubuntu Security Notice 3833-1 - Jann Horn discovered that the Linux kernel mishandles mapping UID or GID ranges inside nested user namespaces in some situations. A local attacker could use this to bypass access controls on resources outside the namespace. Philipp Wendler discovered that the overlayfs implementation in the Linux kernel did not properly verify the directory contents permissions from within a unprivileged user namespace. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
332359216d6a177a45f3a9adbd36aa4cUbuntu Security Notice 3832-1 - Jann Horn discovered that the procfs file system implementation in the Linux kernel did not properly restrict the ability to inspect the kernel stack of an arbitrary task. A local attacker could use this to expose sensitive information. Jann Horn discovered that the mremap system call in the Linux kernel did not properly flush the TLB when completing, potentially leaving access to a physical page after it has been released to the page allocator. A local attacker could use this to cause a denial of service , expose sensitive information, or possibly execute arbitrary code. Various other issues were also addressed.
e6fcaa3ecb5ddac3d3d7836f6838675eDebian Linux Security Advisory 4347-1 - Multiple vulnerabilities were discovered in the implementation of the Perl programming language.
55b5f8a7009fa232b7fe40ce3b498a47Slackware Security Advisory - New samba packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.
22cf0b1d2a8e1c02d18427b3e8e5a3f6Red Hat Security Advisory 2018-3738-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include a name equality check.
b37cd6a549c5f7b2962bc22ae44d93f7Ubuntu Security Notice 3795-3 - USN-3795-1 and USN-3795-2 fixed a vulnerability in libssh. The upstream fix introduced a regression. This update fixes the problem. Peter Winter-Smith discovered that libssh incorrectly handled authentication when being used as a server. A remote attacker could use this issue to bypass authentication without any credentials. Various other issues were also addressed.
7f15bb7924328b6121f1a4772769aefeUbuntu Security Notice 3831-1 - It was discovered that Ghostscript contained multiple security issues. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use these issues to access arbitrary files, execute arbitrary code, or cause a denial of service.
481e81b6b20a445167d1fc2430b48d4fRed Hat Security Advisory 2018-3731-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include code execution, cross site scripting, denial of service, deserialization, and traversal vulnerabilities.
d886b0561d5de848dd645b607873d4c9Red Hat Security Advisory 2018-3730-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include code execution, cross site scripting, denial of service, deserialization, and traversal vulnerabilities.
928cb22a25c79f7c4549eddb2a4fcf7fRed Hat Security Advisory 2018-3729-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include code execution, cross site scripting, denial of service, deserialization, and traversal vulnerabilities.
9e1a463c11457fad95d3d1a9a42945d8Gentoo Linux Security Advisory 201811-21 - Multiple vulnerabilities have been found in OpenSSL, the worst of which may lead to a Denial of Service condition. Versions less than 1.0.2o are affected.
c1102f7b8c5b3ed0dd1aed5afd6d2486
© 2018 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed