Red Hat Security Advisory 2016-0087-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM. A use-after-free flaw was found in the way QEMU's IDE AHCI emulator processed certain AHCI Native Command Queuing AIO commands. A privileged guest user could use this flaw to crash the QEMU process instance or, potentially, execute arbitrary code on the host with privileges of the QEMU process. An out-of-bounds read/write flaw was discovered in the way QEMU's Firmware Configuration device emulation processed certain firmware configurations. A privileged guest user could use this flaw to crash the QEMU process instance or, potentially, execute arbitrary code on the host with privileges of the QEMU process.
3820fd476567719de351da2299fbe4bbb27515daea34691f91beda9b7521fb27Red Hat Security Advisory 2016-0085-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM. An out-of-bounds read/write flaw was discovered in the way QEMU's Firmware Configuration device emulation processed certain firmware configurations. A privileged guest user could use this flaw to crash the QEMU process instance or, potentially, execute arbitrary code on the host with privileges of the QEMU process.
6a8b228c7f7ac858e4fc3a7da5d5c7078daa6a89a200f48db62e6d5a70624587Debian Linux Security Advisory 3459-1 - Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5.5.47.
da2533bd907db169ae2f66df4819e0c401cdf4bdb46df06b257607a11de1d1b7Red Hat Security Advisory 2016-0084-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM. A use-after-free flaw was found in the way QEMU's IDE AHCI emulator processed certain AHCI Native Command Queuing AIO commands. A privileged guest user could use this flaw to crash the QEMU process instance or, potentially, execute arbitrary code on the host with privileges of the QEMU process. An out-of-bounds read/write flaw was discovered in the way QEMU's Firmware Configuration device emulation processed certain firmware configurations. A privileged guest user could use this flaw to crash the QEMU process instance or, potentially, execute arbitrary code on the host with privileges of the QEMU process.
345177f0cf55d591fe71f1727452cef76790bb5ab1bdb3638b78e5db1226db71Red Hat Security Advisory 2016-0081-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM. An out-of-bounds read/write flaw was discovered in the way QEMU's Firmware Configuration device emulation processed certain firmware configurations. A privileged guest user could use this flaw to crash the QEMU process instance or, potentially, execute arbitrary code on the host with privileges of the QEMU process.
d54dc699dcc4e5ba779d922eeb309a8a66d46295779e7bbaf1b6371542a050c5Red Hat Security Advisory 2016-0083-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. An out-of-bounds read/write flaw was discovered in the way QEMU's Firmware Configuration device emulation processed certain firmware configurations. A privileged guest user could use this flaw to crash the QEMU process instance or, potentially, execute arbitrary code on the host with privileges of the QEMU process.
f4f6a7d578b2f8bff6aa66b4fda7c3c24a1838a9204bd8a6e06ddb721d74d19bRed Hat Security Advisory 2016-0086-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM. A use-after-free flaw was found in the way QEMU's IDE AHCI emulator processed certain AHCI Native Command Queuing AIO commands. A privileged guest user could use this flaw to crash the QEMU process instance or, potentially, execute arbitrary code on the host with privileges of the QEMU process. An out-of-bounds read/write flaw was discovered in the way QEMU's Firmware Configuration device emulation processed certain firmware configurations. A privileged guest user could use this flaw to crash the QEMU process instance or, potentially, execute arbitrary code on the host with privileges of the QEMU process.
1f735938caae62235e229534357ef3cb76856379fa4746d6dfb59feceb2eeccdRed Hat Security Advisory 2016-0088-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM. A use-after-free flaw was found in the way QEMU's IDE AHCI emulator processed certain AHCI Native Command Queuing AIO commands. A privileged guest user could use this flaw to crash the QEMU process instance or, potentially, execute arbitrary code on the host with privileges of the QEMU process. An out-of-bounds read/write flaw was discovered in the way QEMU's Firmware Configuration device emulation processed certain firmware configurations. A privileged guest user could use this flaw to crash the QEMU process instance or, potentially, execute arbitrary code on the host with privileges of the QEMU process.
d8e10c4d65d65c2dd27803180c3cc659df0c29034115fc9f4afe9dd2720a940aRed Hat Security Advisory 2016-0082-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. An out-of-bounds read/write flaw was discovered in the way QEMU's Firmware Configuration device emulation processed certain firmware configurations. A privileged guest user could use this flaw to crash the QEMU process instance or, potentially, execute arbitrary code on the host with privileges of the QEMU process.
6b6e24c0b304d0c5b0addad0abdaff28108fc84bdbb91c858cec78145c3065d5The Netgear GS105Ev2 gigabit switch suffers from authentication bypass, cross site request forgery, cross site scripting, and various other vulnerabilities.
547a1d61069fbbdb42e1980b27eb64a3e37bcac9509fc466da60f318d2788af1Debian Linux Security Advisory 3458-1 - Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in breakouts of the Java sandbox, information disclosure, denial of service and insecure cryptography.
71952ffb0edce52eb3f3977140f4a70b5889c5d9461d6dd1c07e0dee27f89ef4Debian Linux Security Advisory 3457-1 - Multiple security issues have been found in Iceweasel, Debian's version buffer overflow may lead to the execution of arbitrary code. In addition the bundled NSS crypto library addresses the SLOTH attack on TLS 1.2.
47ebcd604f74922f2aca43d66c7f6c900e0605150ba8c67b8a408a6ecbc74d09Ubuntu Security Notice 2882-1 - Isaac Boukris discovered that curl could incorrectly re-use NTLM proxy credentials when subsequently connecting to the same host.
202f0ab95ab315c80b438c9593be5edd48993ea7253c35de09ef333b8372aae6Cisco Security Advisory - A vulnerability in the web-based management interface of Cisco RV220W Wireless Network Security Firewall devices could allow an unauthenticated, remote attacker to bypass authentication and gain administrative privileges on a targeted device. The vulnerability is due to insufficient input validation of HTTP request headers that are sent to the web-based management interface of an affected device. An unauthenticated, remote attacker could exploit this vulnerability by sending a crafted HTTP request that contains malicious SQL statements to the management interface of a targeted device. Depending on whether remote management is configured for the device, the management interface may use the SQL code in the HTTP request header to determine user privileges for the device. A successful exploit could allow the attacker to bypass authentication on the management interface and gain administrative privileges on the device. Cisco released a firmware update that addresses this vulnerability. There are workarounds that mitigate this vulnerability.
2281b657e0937097f15ae7278e92928c16122d125bc334429f23c131ec767d4dCisco Security Advisory - A vulnerability in the Common Internet File System (CIFS) optimization feature of the Cisco Wide Area Application Service (WAAS) device could allow an unauthenticated, remote attacker to perform a resource consumption attack which, could result in a complete denial of service (DoS) condition. The vulnerability is due to insufficient flow handling of incoming CIFS traffic. An attacker could exploit this vulnerability by sending malicious traffic designed to trigger the vulnerability. An exploit could allow the attacker to cause a DoS condition by exhausting system buffering resources, resulting in a reload of the affected device.
2715d13cf76692d67920e23b151a377b19a7661e7d9c847e77de82e2caad3f1cUbuntu Security Notice 2883-1 - Antonio Sanso discovered that OpenSSL reused the same private DH exponent for the life of a server process when configured with a X9.42 style parameter file. This could allow a remote attacker to possibly discover the server's private DH exponent when being used with non-safe primes.
e6cc39accadcc806fe59f5b71d75c4bdade362ac1da83bbaf9b3dfc0944cda77Red Hat Security Advisory 2016-0079-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled requests for TKEY DNS resource records. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS request packet.
a35918ab39e99762a3b19dc79daedc98eaadd5ba6e3ea93e97f92ef32c18ecf6Red Hat Security Advisory 2016-0078-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A denial of service flaw was found in the way BIND followed DNS delegations. A remote attacker could use a specially crafted zone containing a large number of referrals which, when looked up and processed, would cause named to use excessive amounts of memory or crash.
0ed3af1b476de859391daa5f87e999a2851fe7c925578620450a6d7ababb9e84Log2Space Central version 6.2 suffers from multiple reflective cross site scripting vulnerabilities.
dba77879de8c9efbd44b477ecd995853b0c1e6b8aff0aaba5e2d0c6d5ec3134fSuricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.
4b8feb398a0800c955fe24aa31ca446c539e79492155717e826473f902c8e65aIpswitch MOVEit DMZ versions 8.1 and below suffer from an information disclosure vulnerability.
44acfddeae314bf640341e1d035600360526ebee3cfa583373ecc064e38a9291Ipswitch MOVEit Mobile versions 1.2.0.962 and below suffer from a reflective cross site scripting vulnerability.
431564f9b2c85919d2b89891be620bd6c2fb9795285b0460d5dd50f30016763cIpswitch MOVEit Mobile versions 1.2.0.962 and below suffer from a cross site request forgery vulnerability.
75cb6f19cbf811fba6518faa4bb2a4e0c0b6a1f47f2e6248d45ee2f121fc0bffIpswitch MOVEit DMZ versions 8.1 and below suffer from a file id enumeration vulnerability.
07d2065a2651c61d15713c82deb5316a3decf15512ab4b96f6f9d122beaea8e3Ipswitch MOVEit DMZ versions 8.1 and below suffer from a persistent cross site scripting vulnerability.
75d345e15be5e9a09d0d8466d7299dfe4062a18f3cc2482fbfaf1bd9439fddf1
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed