Red Hat Security Advisory 2016-2842-01 - In accordance with the Red Hat OpenShift Enterprise Support Life Cycle Policy, support for OpenShift Enterprise 2.x will end on December 31, 2016. Red Hat will not provide extended support for this product. Customers are requested to migrate to a supported Red Hat OpenShift Enterprise product prior to the end of the life cycle for OpenShift Enterprise 2.x. After December 31, 2016, technical support through Red Hat's Global Support Services will no longer be provided.
de452f44d733df0a1f1eaa9170985cf53bd1b11acd21b7edfbb28c9ce24c188e
This archive contains all of the 270 exploits added to Packet Storm in November, 2016.
b07ce8827414a0c482bc25856eacc41914207388d75cd8c3765e1b4717ae6c3a
Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.
41cbe19c6fd6bd51ebcbc29063f558e2fbba4a2450e5809fee2e461f16a4ed68
Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.1, 14.2, and -current to fix security issues.
4a3a2a66035388a0a73ba252d401b73840b1c52eb41d1688bc971fd062d4288e
HP Security Bulletin HPSBUX03665 3 - Potential security vulnerabilities have been identified in the HP-UX Tomcat-based Servlet Engine. These vulnerabilities could be exploited remotely to create a Denial of Service (DoS) or URL Redirection. Revision 3 of this advisory.
9d2cd9d2c5a5326760651264d9508d7f771267c319cee95f6f5733b6837bf96b
HP Security Bulletin HPSBGN03680 1 - Potential security vulnerabilities were identified in HPE Propel. The vulnerabilities could be exploited locally to allow escalation of privilege or Denial of Service (DoS). Revision 1 of this advisory.
57a0b8f53e3c2c80c2ca5903690e675b6c3f71b3a6a625cac0aa6d580cc1d45d
Ubuntu Security Notice 3141-1 - Christian Holler, Jon Coppeard, Olli Pettay, Ehsan Akhgari, Gary Kwong, Tooru Fujisawa, and Randell Jesup discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code. A same-origin policy bypass was discovered with local HTML files in some circumstances. An attacker could potentially exploit this to obtain sensitive information. Various other issues were also addressed.
0156c492b9961af8947272769020c060ab5812598c1fcfa320436988f5460391
Ubuntu Security Notice 3140-1 - It was discovered that data: URLs can inherit the wrong origin after a HTTP redirect in some circumstances. An attacker could potentially exploit this to bypass same-origin restrictions. A use-after-free was discovered in SVG animations. If a user were tricked in to opening a specially crafted website, an attacker could exploit this to cause a denial of service via application crash, or execute arbitrary code. Various other issues were also addressed.
f75f1de4f2150a8b347c4b8f5b7f8c787811b1e039813e9fee9dafd967bf9ec3
Gentoo Linux Security Advisory 201611-22 - Multiple vulnerabilities have been found in PHP, the worst of which could lead to arbitrary code execution or cause a Denial of Service condition. Versions less than 5.6.28 are affected.
52e724112af437f442f0e544ef13d31b93ca4b1cc384b4d064b812122fe84921
Gentoo Linux Security Advisory 201611-21 - Multiple vulnerabilities have been found in ImageMagick, the worst of which allows remote attackers to execute arbitrary code. Versions less than 6.9.6.2 are affected.
46dc24173e41a5be471383b74ecf85c28310e324afd76fcc85fbe71380a39534
Digital Whisper Electronic Magazine issue 78. Written in Hebrew.
600122b481d68b6888b6ee6caf827c6831bc039204f78588796731d6350c0aa3
WordPress WP Vault plugin version 0.8.6.6 suffers from a local file inclusion vulnerability.
84161506ce0eb6e7d4e86740480f18e7d76cdbd1bd9aa4b402653cf766289c27
Xfinity Gateway suffers from a cross site request forgery vulnerability.
a5245ee4cb7a637cd9fc430d92200e8012607b78dcf5bb9a2d8ba86921d6953f
Disk Savvy Enterprise version 9.1.14 GET buffer overflow exploit.
f2688ce63f19950f060c749b66895fe6923125bd1652a0af95a6ff3ae97e39dc
Microsoft Windows suffers from a limited bypass vulnerability related to traverse permissions in the kernel object manager.
32be7de6302ee4b217899cde65689522ab4b525ef091f369b88b8e92da8f7841