CA Technologies is alerting customers to a vulnerability in CA Network Flow Analysis (NFA). A vulnerability exists that can allow an authenticated user to perform SQL injection attacks and access sensitive data. CA published solutions to address this vulnerability and recommends that all affected customers implement these solutions. The vulnerability occurs due to insufficient input validation. An authenticated user can potentially access sensitive data. CA Network Flow Analysis versions 9.3.8, 9.5, 10.0, 10.0.2, 10.0.3, 10.0.4, 10.0.5, 10.0.6, 10.0.7, and 21.2.1 are affected.
ac424b7c3bbc5bd14124fdfa0a0135b53b40ccc7bbf324e6be554fb4183faa61Red Hat Security Advisory 2021-4909-03 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.
3397383fc870970d52fe5d7855da284f1519dc5618dd2bb32832dc74d682e887Red Hat Security Advisory 2021-4907-04 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.
7638ed55df041a5f9cf5bbc8a0bdf5e2d697e49941d80fb1ad20d6e81c50665cRed Hat Security Advisory 2021-4902-06 - The release of RHACS 3.67 provides the following new features, bug fixes, security patches and system changes: OpenShift Dedicated support RHACS 3.67 is thoroughly tested and supported on OpenShift Dedicated on Amazon Web Services and Google Cloud Platform. 1. Use OpenShift OAuth server as an identity provider If you are using RHACS with OpenShift, you can now configure the built-in OpenShift OAuth server as an identity provider for RHACS. Issues addressed include denial of service, information leakage, memory exhaustion, remote shell upload, and traversal vulnerabilities.
16dee4f5e0086cb542abff81a08f987124ff16a3f3637cd31b0568fd6f07ae13Red Hat Security Advisory 2021-4903-05 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.
1192ea57edc3916e9c826e79f6450877a9da40ea7cf7554d8f0620c781548999Red Hat Security Advisory 2021-4904-05 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.
bc079ab6299283166cc1a45cdd92165e2824572ef9f6267da74fe88f03f3bf0bUbuntu Security Notice 5168-3 - USN-5168-1 fixed a vulnerability in NSS. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Tavis Ormandy discovered that NSS incorrectly handled verifying DSA/RSA-PSS signatures. A remote attacker could use this issue to cause NSS to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
8e46ac4b755901baf54368f8f979d7f0a588af3f6616c907f657e2c244dbb217I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.
719606c4cb510de4fe74f24bbfa53911a70531821fc1ee79a29e3d96eaa16733Ubuntu Security Notice 5168-1 - Tavis Ormandy discovered that NSS incorrectly handled verifying DSA/RSA-PSS signatures. A remote attacker could use this issue to cause NSS to crash, resulting in a denial of service, or possibly execute arbitrary code.
91fd5d7b423f92ad5a475e193f53008fd00315ad387d2f3615310d1d01b35939Ubuntu Security Notice 5168-2 - Tavis Ormandy discovered that NSS, included with Thunderbird, incorrectly handled verifying DSA/RSA-PSS signatures. A remote attacker could use this issue to cause Thunderbird to crash, resulting in a denial of service, or possibly execute arbitrary code.
2ba4e0a3f2328785f3fe60aa8fec22f213764273dcc7bb558f825a8c4fec28c0Android's vold's incremental-fs APIs trust paths from system_server for mounting. There is supposed to be privilege separation between vold (TCB) and system_server (privileged process). However, vold's IPC handlers related to incremental-fs (mountIncFs, unmountIncFs, bindMount) allow system_server to specify semi-arbitrary paths, allowing system_server to trigger mounting on directories that shouldn't be under system_server control.
6308f611ecd07bd987f8455171c29a25eff87e81ccf2cc8daeca7812645ea262
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed