Red Hat Security Advisory 2016-2994-01 - Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. Security Fix: A flaw was found in the way Ceph Object Gateway would process cross-origin HTTP requests if the CORS policy was set to allow origin on a bucket. A remote unauthenticated attacker could use this flaw to cause denial of service by sending a specially-crafted cross-origin HTTP request.
092a4667d4e41b5a2490a5b67b5a653174210a7906cb45471c348e50d14ff43dRed Hat Security Advisory 2016-2995-01 - Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. Security Fix: A flaw was found in the way Ceph Object Gateway would process cross-origin HTTP requests if the CORS policy was set to allow origin on a bucket. A remote unauthenticated attacker could use this flaw to cause denial of service by sending a specially-crafted cross-origin HTTP request.
9286c561a561d081acd703570e66d73ab1604692e3bd219adda20044de65df1aRed Hat Security Advisory 2016-2998-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, Advanced Mission Critical for Red Hat Enterprise Linux 6.2 will be retired as of December 31, 2017, and active support will no longer be provided. Accordingly, Red Hat will no longer provide updated packages, including Critical impact security patches or urgent priority bug fixes, for Red Hat Enterprise Linux 6.2 AMC after December 31, 2017.
ba35fd29d3de92186fa56a88b75ecd2c84a29b1999454998c1562599a697144eRed Hat Security Advisory 2016-2996-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, Extended Life Cycle Support for Red Hat Enterprise Linux 4 will be retired as of March 31, 2017, and active support will no longer be provided. Accordingly, Red Hat will no longer provide updated packages, including Critical impact security patches or Urgent priority bug fixes, for Red Hat Enterprise Linux 4 ELS after March 31, 2017.
707f44af90efb38e6fa9002911b9926f3de3b5e321ad8cc07a39785c415da0f6Red Hat Security Advisory 2016-2997-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, support for Red Hat Enterprise Linux 5 will be retired on March 31, 2017, at the end of Production Phase 3. Until that date, customers will continue to receive Critical impact security patches and selected Urgent priority bug fixes for RHEL 5.11. On that date, active support included with your RHEL Premium or Standard subscription will conclude. This means that customers will continue to have access to all previously released content.
913dc5b3d98e7cafe9e71fcada7961d338d4ca68cdddd17c2653cbe510b9e115Red Hat Security Advisory 2016-2991-01 - OpenStack Compute launches and schedules large networks of virtual machines, creating a redundant and scalable cloud computing platform. Compute provides the software, control panels, and APIs required to orchestrate a cloud, including running virtual machine instances and controlling access through users and projects. OpenStack Block Storage manages block storage mounting and the presentation of such mounted block storage to instances. The backend physical storage can consist of local disks, or Fiber Channel, iSCSI, and NFS mounts attached to Compute nodes.
ebc3c8210118437f15107c351ab4d593725196be311a46313bfb14685e29f2eaSysdig falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.
b7ee1b90503e4e7f1d936621e4b6b378ed31da31d816f2421ce08d886ade7835Vesta Control Panel versions 0.9.7 through 0.9.8-16 suffer from a local privilege escalation vulnerability.
92b3241e8441af834584c0d465c45d6ae5c0868954554b3b59ef1a096edb42daGoogle Chrome suffers from a renderer->extension privilege escalation vulnerability via sync.
975a584a1d4bcfdd7917a895628174c41f71e744dce4abe0833a8037067a9675IBM AIX versions 6.1, 7.1, and 7.2 suffer from a Bellmail privilege escalation vulnerability.
577087b11048468d456a5ce063092a8f85bcb6d7399a0d04a31068c2aecaf02aMac OS suffers from a kernel code execution vulnerability due to writable privileged IOKit registry properties.
a68b5ccbfb9fc13755fd889600a87bb8e5605b88270d85bc52f265ebd895419aMicrosoft Edge suffers from a type confusion vulnerability in internationalization initialization.
0be320830419d4d413759485f8f9434390d748bbadbe6240c606e8d40c43b5f1syslogd on Mac OS and iOS suffers from an arbitrary port replacement vulnerability.
99a94dcd03523d376a072610f043b1209de8f254832968af4d257e80e30721f3Android suffers from a stack overflow vulnerability in WifiNative::setHotlist.
cd3a91f7963d6333306d556e62ac5339d4d9c7785ac58b5b1dbe108c918528b9Microsoft Edge suffers from an uninitialized memory vulnerability in SIMD.toLocaleString.
643bb73906252ab5624064b3341377969b656d9e7c0942f2729b87dab962bac4powerd on Mac OS and iOS suffers from an arbitrary port replacement vulnerability.
3e5a21bc29ff1a558770231e308bd600e6410b4a304e2859b2163f3dd2cd5cdfMacOS Sierra version 10.12 16A323 allows a double vm_deallocate in userspace MIG code that can lead to a use-after-free vulnerability in mach services.
58a7ed2e19c9a5fce731f15aa8b83ace30921a87bf6431e44964fdb9a6e2d1d9A lack of error checking leads to a reference count leak and OS X / iOS kernel use-after-free vulnerability in _kernelrpc_mach_port_insert_right_trap.
cac9c1a81d04f178479bf07a83852204325d3d8036f55cdb5e9e23a10b46cb54A broken kernel mach port name uref handling on iOS and Mac OS can lead to privileged port name replacement in other processes.
ec46204069f275edad54bb9993ef3883c9de93719d666d76af2753a535b88de9This Metasploit module achieves persistence by executing payloads via at(1).
eec5ec5ef01a82dae2c5cd893e51333a0196cb32b3048342445a1aa8c944a00fThere is an ipc_port_t reference count leak due to incorrect externalMethod overrides that lead to a Mac OS X / iOS kernel use-after-free vulnerability.
67d8687d9545ab1a2ccd1bda5d239a1cd88fcab8e19837adaef0762100aedf39
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed