HP Security Bulletin HPSBUX02866 SSRT101139 - Potential security vulnerabilities have been identified with HP-UX Running Apache. These vulnerabilities could be exploited remotely to create a Denial of Service (DoS) or to execute arbitrary code and other vulnerabilities. Revision 1 of this advisory.
d6c34385da1a0269af4fc2c91e93b32c176acbb9b42ae7cafb46c63ea03bc087
SAP Basis Components versions 4.6B through 7.30 suffer from a remote command injection vulnerability.
439e261026af63ba9c8aeee51164c2ae9e2259c65267679fcd1b65b7fa4df04f
SAP Production Planning and Control suffers from a privilege escalation vulnerability. This vulnerability allows bypassing authority checks that exist before executing a transaction. A transaction in SAP terminology is the execution of a program. By exploiting this vulnerability, an attacker can also control the transaction to be executed, allowing it to obtain critical rights in the system and bypassing certain segregation of duties (SoD) restrictions.
eff7e22f57554cfb6fb76dc4a0134bc770589d4294f8621e081e553afee5d7da
Oracle has released Java SE 7 Update 21, which among other things addresses six security vulnerabilities that were reported to the company earlier this year (Issues 51, 55 and 57-60).
db5a5e389d8d3c4c134815cc14599a283f8f6970e50643600808191ba1a9acdf
This vulnerability allows bypassing authority checks that exist before executing a transaction. A transaction in SAP terminology is the execution of a program. By exploiting this vulnerability, an attacker can also control the transaction to be executed, allowing it to obtain critical rights in the system and bypassing certain segregation of duties (SoD) restrictions. Although this vulnerability is found in the SAP industry solution for healthcare, the functionality is also present in the SAP ERP central component (ECC 6). Thus, customers in other industries are also affected.
04068b72f2c992a2fd3f3c6c9328f3a8d53414cded64945a2d57f759d3167747
Red Hat Security Advisory 2013-0747-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the Xen netback driver implementation in the Linux kernel. A privileged guest user with access to a para-virtualized network device could use this flaw to cause a long loop in netback, leading to a denial of service that could potentially affect the entire system.
9e0aa536e0da762edf8c498c10bb83405607592006ca6d9a7c71cb4b1a98321e
Red Hat Security Advisory 2013-0749-01 - Apache CXF is an open source services framework. It was found that the Apache CXF UsernameTokenPolicyValidator and UsernameTokenInterceptor allowed a UsernameToken element with no password child element to bypass authentication. A remote attacker could use this flaw to circumvent access controls applied to web services by omitting the password in a UsernameToken. This flaw was exploitable on web services that rely on WS-SecurityPolicy plain text UsernameTokens to authenticate users. It was not exploitable when using hashed passwords or WS-Security without WS-SecurityPolicy.
ca53255a02a059d91e5a702c6b1219475f8516e8f0f03108ebb607ced43031f8
Red Hat Security Advisory 2013-0748-01 - Kerberos is a network authentication system which allows clients and servers to authenticate to each other using symmetric encryption and a trusted third-party, the Key Distribution Center. A NULL pointer dereference flaw was found in the way the MIT Kerberos KDC processed certain TGS requests. A remote, authenticated attacker could use this flaw to crash the KDC via a specially-crafted TGS request. All krb5 users should upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the updated packages, the krb5kdc daemon will be restarted automatically.
7418bbcc8fbfad8c0d43913ef16a0db8c57fcdeedd65917176af08ab2350df19
Red Hat Security Advisory 2013-0741-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A race condition was found in the way the Linux kernel's ptrace implementation handled PTRACE_SETREGS requests when the debuggee was woken due to a SIGKILL signal instead of being stopped. A local, unprivileged user could use this flaw to escalate their privileges.
be58c9881dae761f77362629f07bbadce7bacffad49b827014d6616ac8b9ef4f
Ubuntu Security Notice 1802-1 - It was discovered that Samba incorrectly handled CIFS share attributes when SMB2 was used. A remote authenticated user could possibly gain write access to certain shares, bypassing the intended permissions.
ddaed35aa51889db85e8e8ee45090e553664fe39dec721fa2b619084f5911060
Mandriva Linux Security Advisory 2013-144 - Multiple cross-site scripting vulnerabilities in tbl_gis_visualization.php in phpMyAdmin 3.5.x before 3.5.8 might allow remote attackers to inject arbitrary web script or HTML via the visualizationSettings[width] or visualizationSettings[height] parameter. This upgrade provides the latest phpmyadmin version to address this vulnerability.
4b402b15c02d1cce2783b63a6160f83535655f892d79b84d2f266df0895b94e7
Mandriva Linux Security Advisory 2013-143 - poppler before 0.22.1 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via vectors that trigger an invalid memory access in splash/Splash.cc, poppler/Stream.cc. poppler/Stream.cc in poppler before 0.22.1 allows context-dependent attackers to have an unspecified impact via vectors that trigger a read of uninitialized memory by the CCITTFaxStream::lookChar function. The updated packages have been patched to correct these issues.
b5ae675f08df14c8bc676bdb7b202ab56eacf4377100b3196ff1bd32e3ea2027
Ubuntu Security Notice 1801-1 - YAMADA Yasuharu discovered that libcurl was vulnerable to a cookie leak when doing requests across domains with matching tails. curl did not properly restrict cookies to domains and subdomains. If a user or automated system were tricked into processing a specially crafted URL, an attacker could read cookie values stored by unrelated webservers.
ea0c4e42890a1098fca522fa72544604763aef3b197e27a9829c9659c96f3579
Red Hat Security Advisory 2013-0742-01 - The 389 Directory Server is an LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. It was found that the 389 Directory Server did not properly restrict access to entries when the "nsslapd-allow-anonymous-access" configuration setting was set to "rootdse". An anonymous user could connect to the LDAP database and, if the search scope is set to BASE, obtain access to information outside of the rootDSE. This issue was discovered by Martin Kosek of Red Hat.
d1c8bae030a7c5a20dd7dc9a69ceb44dd2d44cdda1a45f3c1fc50f1f3af0645c
Red Hat Security Advisory 2013-0743-01 - JBoss Enterprise BRMS Platform is a business rules management system for the management, storage, creation, modification, and deployment of JBoss Rules. This roll up patch serves as a cumulative upgrade for JBoss Enterprise BRMS Platform 5.3.1. It includes various bug fixes. The following security issues are also fixed with this release: If web services were deployed using Apache CXF with the WSS4JInInterceptor enabled to apply WS-Security processing, HTTP GET requests to these services were always granted access, without applying authentication checks. The URIMappingInterceptor is a legacy mechanism for allowing REST-like access to simple SOAP services. A remote attacker could use this flaw to access the REST-like interface of a simple SOAP service using GET requests that bypass the security constraints applied by WSS4JInInterceptor. This flaw was only exploitable if WSS4JInInterceptor was used to apply WS-Security processing. Services that use WS-SecurityPolicy to apply security were not affected.
447577374687140e0fda8af502e096ed8dde4add99ded2c0a3b1029f0a22ec4c
Ubuntu Security Notice 1800-1 - It was discovered that HAProxy incorrectly handled configurations where global.tune.bufsize was set to a value higher than the default. A remote attacker could use this issue to cause a denial of service, or possibly execute arbitrary code. Yves Lafon discovered that HAProxy incorrectly handled HTTP keywords in TCP inspection rules when HTTP keep-alive is enabled. A remote attacker could use this issue to cause a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
a60d264b8f58648cf2e1c8ac5fae817c04ec3e22d7d7a0a9a2bd2e8003c7f1ff