Red Hat Security Advisory 2016-2131-01 - MariaDB is a multi-user, multi-threaded SQL database server. For all practical purposes, MariaDB is binary-compatible with MySQL. The following packages have been upgraded to a newer upstream version: mariadb55-mariadb. Security Fix: It was discovered that the MariaDB logging functionality allowed writing to MariaDB configuration files. An administrative database user, or a database user with FILE privileges, could possibly use this flaw to run arbitrary commands with root privileges on the system running the database server.
e0d4017aacc635d92ac81e00a91de05fc52686499e7f45be1d6e5caccce336c2Red Hat Security Advisory 2016-2130-01 - MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld, and many client programs. The following packages have been upgraded to a newer upstream version: mysql55-mysql. Security Fix: It was discovered that the MySQL logging functionality allowed writing to MySQL configuration files. An administrative database user, or a database user with FILE privileges, could possibly use this flaw to run arbitrary commands with root privileges on the system running the database server.
03b624cce91b1d69085d50e89a4e1be58cfa8a759a1b0832a830b379c914eadbRed Hat Security Advisory 2016-2128-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the Linux kernel's keyring handling code: the key_reject_and_link() function could be forced to free an arbitrary memory block. An attacker could use this flaw to trigger a use-after-free condition on the system, potentially allowing for privilege escalation.
064109d1f9097273e59a95ac536bdb2ed8465248b5e65eb33343f64e67309daaRed Hat Security Advisory 2016-2127-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write breakage of private read-only memory mappings. An unprivileged, local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system.
c0736d65532e494126ea50be535fdef4dfabaa7b03a6ca23838cc7f02d9865d4Red Hat Security Advisory 2016-2126-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write breakage of private read-only memory mappings. An unprivileged, local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system.
f09a78e152c6c812ade2dfbb919a30d1f96f9f106801e89893520c4241892d11This advisory discloses a critical severity security vulnerability which was introduced in version 1.4.1 of Crowd. Versions of Crowd starting with 1.4.1 before 2.8.8 (the fixed version for 2.8.x) and from 2.9.0 before 2.9.5 (the fixed version for 2.9.x) are affected by this vulnerability. The Crowd LDAP directory connector allowed an attacker to gain remote code execution in Crowd by injecting malicious attributes in LDAP entries.
00e91976667b938daa14e3aa6743fb0498e57d84e1eb456c7cb1f29f942fcf81S9Y Serendipity version 2.0.4 suffers from a cross site scripting vulnerability.
a6318fcff394e7612527ace484b5372fe20c4713d41951f3083500bec34234cfMicro Focus Rumba versions 9.3 and below suffer from an active-x stack buffer overflow vulnerability.
c79368afc2366c417c9c7e601de6a8543ba47d00308cedc97805983a7b31a5adMicro Focus Rumba FTP client version 4.x stack overflow SEH exploit.
be1012cdb8afc4e08376e9770153918dc17b5b9b92e58a72ff40055f45aa4f07The included fuzz test case demonstrates an overflow in rastering for Adobe Flash.
637e42b945221fae8e6dae651bf8b8608a73661c378f35d81a53e8b60128cc71Micro Focus Rumba versions 9.3 and below suffer from a stack overflow vulnerability.
83db544fff6382ef133c3c32853ff2c703184c47028629175ad2b4b283e69259D-Link DIR-300NRUB5 with firmware version 1.2.94 suffers from brute force and cross site request forgery vulnerabilities.
6fcaf080ad4668f175dfcb528fb241556341493d443999c15cfa649388b7e175ASP Gateway 1.0.0 suffers from a database disclosure vulnerability.
7117d0ed47e50d0cd2ca5bc4a1b4c5a29c59a1035262d55ef463a436105f5798Angelo Emlak Scripti version 1.0 suffers from a database disclosure vulnerability.
adf76a22527689b5bdd8a63738ec437361cc88d84caf4c57e44198ae435b82a7FreeFTPd version 1.0.8 suffers from a denial of service vulnerability in the mkd command.
c62ddbe1bd61ae43d76ad0180dfa39d819c035202c2a21e16b0791e1af50a901
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed