Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.
900e22af04c8b35e0d02a25a360ab1fb7cfe5ac18fc48a9afd75a7103e569149The vApp Manager which is embedded in EMC Unisphere for VMAX and Solutions Enabler Virtual Appliances suffers from multiple command execution vulnerabilities. Affected include EMC Unisphere for VMAX Virtual Appliance versions 8.0.x through 8.2.x and EMC Solutions Enabler Virtual Appliance versions 8.0.x through 8.2.x.
abb998fe7c04d824663c03de9f090fa19bec28d52e5a9a6c331f75e330a4950aUbuntu Security Notice 3095-1 - Taoguang Chen discovered that PHP incorrectly handled certain invalid objects when unserializing data. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. Taoguang Chen discovered that PHP incorrectly handled invalid session names. A remote attacker could use this issue to inject arbitrary session data. Various other issues were also addressed.
5aec96083f99da181560a00863dcd9ce51c64d925bc8cd911930c3d8b4c4d77eEMC Replication Manager (RM) is affected by a remote code execution vulnerability that may be exploited by an attacker to compromise an affected system. A remote unauthenticated attacker may execute arbitrary commands on an RM Client, with high privileges, by starting a rogue RM Server that connects to the RM Client and executes the malicious script/payload that is placed in an SMB share, by the attacker, that is accessible to the RM Client. Affected include EMC Replication Manager versions prior to 5.5.3 on all supported OS, EMC Network Module for Microsoft version 3.x, and EMC Networker Module for Microsoft version 8.2.x.
8059f29d7b62d602762d9929ab5df11e813ed3be3cd31bfb824fd17aef285ae2Red Hat Security Advisory 2016-2006-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the Linux kernel's keyring handling code, where in key_reject_and_link() an uninitialized variable would eventually lead to arbitrary free address which could allow attacker to use a use-after-free style attack. A heap-based buffer overflow vulnerability was found in the Linux kernel's hiddev driver. This flaw could allow a local attacker to corrupt kernel memory, possible privilege escalation or crashing the system.
32ce72b5b458c557f4ab3d50ce8702dedabed061461192aef785dc0d826191e4Red Hat Security Advisory 2016-1996-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. An input validation flaw was found in the way CloudForms regular expressions were passed to the expression engine via the JSON API and the web-based UI. A user with the ability to view collections and filter them could use this flaw to execute arbitrary shell commands on the host with the privileges of the CloudForms process.
1c2918693d8225ca8ca6a15efb410a91e7c416778e97c4c3978e4f96a4818ceaRed Hat Security Advisory 2016-1994-01 - In accordance with the Red Hat OpenShift Enterprise Support Life Cycle Policy, support for OpenShift Enterprise 2.x will end on December 31, 2016. Red Hat will not provide extended support for this product. Customers are requested to migrate to a supported Red Hat OpenShift Enterprise product prior to the end of the life cycle for OpenShift Enterprise 2.x. After December 31, 2016, technical support through Red Hat's Global Support Services will no longer be provided. We encourage customers to plan their migration from Red Hat OpenShift Enterprise 2.x to the latest version of Red Hat OpenShift Enterprise. Please contact your Red Hat account representative if you have questions and/or concerns on this matter.
5f7756c36359184d5244dca34e5c5946dc9519d305492c4a3a6c2522c7c98cfcDisk Pulse Enterprise version 9.0.34 suffers from a buffer overflow vulnerability.
78df5fb921f7ad09d985772541a6dabff06723ac962c5e9627e7185fdde511a8Serimux SSH Console Switch version 2.4 suffers from client cross site scripting vulnerabilities.
04af710c778eb36f8656554f5b18f2c76ca00d4d1d9e7cb1897b5bb502085dcdAura Video Converter version 1.6.3 suffers from a dll hijacking vulnerability.
cf7d091c302fbfafdff1b4464948e031cdf86374c3b5514dee8ac1ba52f6e645AuraDVD Ripper Professional version 1.6.3 suffers from a dll hijacking vulnerability.
9b2a91cf8d4ea2dbef5fc6e7a432f9cf3ce41f226d28252dbfc14aaf820723a8BoxBilling version 4.20 suffers from a cross site scripting vulnerability.
4de3724305dd0eaa1fd24b71397703b9e82643aa5955217ddc7ddbde85f6588dBIND 9 remote denial of service exploit.
bf5ac1c02d35423e6236ecbd930b0b74db57208c27d396facf7be2bf3dec7e95Telaen version 1.3.2-0 suffers from a cross site scripting vulnerability.
c4da3881d4ff5b35a2406cc51be5062fed21bec7bc51b98820f0783e98c0262b
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed