Nginx web server packaging on Debian-based distributions such as Debian or Ubuntu was found to create log directories with insecure permissions which can be exploited by malicious local attackers to escalate their privileges from nginx/web user (www-data) to root. The vulnerability could be easily exploited by attackers who have managed to compromise a web application hosted on Nginx server and gained access to www-data account as it would allow them to escalate their privileges further to root access and fully compromise the system. This is fixed in 1.6.2-5+deb8u3 package on Debian and 1.10.0-0ubuntu0.16.04.3 on Ubuntu 16.04 LTS. UPDATE 2017/01/13 - nginx packages below version 1.10.2-r3 on Gentoo are also affected.
572946533a64d6b9af6ce4ce53d1c39bc1cc476f9cdbd639425b4aed7713bcefHP Security Bulletin HPSBGN03676 1 - A potential security vulnerability has been identified with HPE Helion OpenStack Glance image service. This vulnerability could be exploited remotely to allow a Denial of Service (DoS). Revision 1 of this advisory.
34276ff714c214f8de2d088c12dd86926ca1164a7656e3c33d1bc698bbb39afbRed Hat Security Advisory 2016-2779-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. The nss-util packages provide utilities for use with the Network Security Services libraries. The following packages have been upgraded to a newer upstream version: nss, nss-util. Multiple security issues have been addressed.
df0b83d865da079f245658c46d7eff1eab3b336b9074b5a1419917a774b695c1VMware Security Advisory 2016-0020 - vRealize Operations REST API deserialization vulnerability vRealize Operations contains a deserialization vulnerability in its REST API implementation. This issue may result in a Denial of Service as it allows for writing of files with arbitrary content and moving existing files into certain folders. The name format of the destination files is predefined and their names cannot be chosen. Overwriting files is not feasible.
29c0a098ffb0c7b27ec0d4610115a63c7d8a7f0037d9c4fba88d83dcb2ddd668WordPress All In One WP Security and Firewall plugin versions 4.1.4 through 4.1.9 suffer from a cross site scripting vulnerability.
529e84cd77541f83b0ed65669edd6479516fab6293f7fc579a4115aa74f2d889Red Hat Security Advisory 2016-2780-01 - Mozilla Firefox is an open source web browser. This update upgrades Firefox to version 45.5.0 ESR. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox.
1e6b22dca01d05d1b502a358a47e44384f7ef65d1eaf93c19aefa6b6b2e299d2A specially crafted web-page can cause the Javascript engine of Microsoft Internet Explorer 8 to free memory used for a string. The code will keep a reference to the string and can be forced to reuse it when compiling a regular expression.
a44bc80d38c01b629bf33d47219ad52a17a287e1ebeaf43f0e48e32b2c5d2cafCS-Cart versions 4.3.10 and below suffer from an unauthenticated XML external entity (XXE) injection vulnerability.
d055752e041a2e34fe412240fa6a2df718f958b7dee0c4a6b2350b08ba38432aThis is a standard meterpreter/windows/reverse_tcp_dns with a little bonus - it will remove the exe that it gets injected/compiled into. Warning: Do not run this from powershell.exe or any other system file exe, because there is a chance it will be erased forever. As is, no warranties.
c81c417caf9b767d9a10e48e8625ee66bf65b8daa94b98170474646e412b0351Red Hat Security Advisory 2016-2766-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: It was found that stacking a file system over procfs in the Linux kernel could lead to a kernel stack overflow due to deep nesting, as demonstrated by mounting ecryptfs over procfs and creating a recursion by mapping /proc/environ. An unprivileged, local user could potentially use this flaw to escalate their privileges on the system.
cc91f5aae5acf096e58503cad4e4ced602a901542b2ae666e8d8ade12d687f24Red Hat Security Advisory 2016-2765-01 - 389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. Security Fix: It was found that 389 Directory Server was vulnerable to a flaw in which the default ACI could be read by an anonymous user. This could lead to leakage of sensitive information. An information disclosure flaw was found in 389 Directory Server. A user with no access to objects in certain LDAP sub-tree could send LDAP ADD operations with a specific object name. The error message returned to the user was different based on whether the target object existed or not.
a23f2adc4f9c7000e2a14bf0039f624d18c36c133617746781bb9f35d92b15dcRed Hat Security Advisory 2016-2778-01 - Red Hat OpenShift Container Platform is the company's cloud computing Platform-as-a-Service solution designed for on-premise or private cloud deployments. Security Fix: Ansible fails to properly sanitize fact variables sent from the Ansible controller. An attacker with the ability to create special variables on the controller could execute arbitrary commands on Ansible clients as the user Ansible runs as.
c29aac5e4a84aa6b60fb8005bb7f3336c0ff6abc1ff541555ec67fe872574c88Red Hat Security Advisory 2016-2696-01 - Red Hat OpenShift Container Platform is the company's cloud computing Platform-as-a-Service solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform release 3.3.1.4. Multiple security issues have been addressed.
c10182559bc0cc2357527ebc02cd6fb0eca4428ed48a30c8201eaa78a1d10a0bHP Security Bulletin HPSBST03671 1 - A security vulnerability in PHP was addressed by the HPE StoreEver MSL6480 Tape Library firmware version 5.10. The vulnerability could be exploited remotely to allow Unauthorized Disclosure of Information. Revision 1 of this advisory.
a236eaf5199d818b254fc1971d748d5d36168d9a9c1c1304c367c3f4b563aefbA vulnerability in Cryptsetup, concretely in the scripts that unlock the system partition when the partition is ciphered using LUKS (Linux Unified Key Setup). This vulnerability allows to obtain a root initramfs shell on affected systems. The vulnerability is very reliable because it doesn't depend on specific systems or configurations. Attackers can copy, modify or destroy the hard disc as well as set up the network to data. In cloud environments it is also possible to remotely exploit this vulnerability without having "physical access". Cryptsetup versions 2:1.7.3-2 and below are affected.
a533475e588d0a35025183dd93ff60b65d867075cd009e955f89a1138f7cd7fe
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed