Säkerhet

Debian: 3295-1: cacti: Summary

Linux Security - tis, 2015-06-30 11:15
Kategorier: Säkerhet

Fedora 20 xen-4.3.4-6.fc20

Linux Security - tis, 2015-06-30 11:15
Kategorier: Säkerhet

Fedora 21 xen-4.4.2-6.fc21

Linux Security - tis, 2015-06-30 11:15
Kategorier: Säkerhet

Fedora 22 xen-4.5.0-11.fc22

Linux Security - tis, 2015-06-30 11:15
Kategorier: Säkerhet

Fedora 21 libwmf-0.2.8.4-43.fc21

Linux Security - tis, 2015-06-30 11:15
Kategorier: Säkerhet

Fedora 22 curl-7.40.0-5.fc22

Linux Security - tis, 2015-06-30 11:15
Kategorier: Säkerhet

Fedora 21 openssl-1.0.1k-10.fc21

Linux Security - tis, 2015-06-30 11:15
Kategorier: Säkerhet

Debian: 3294-1: wireshark: Summary

Linux Security - tis, 2015-06-30 11:15
Kategorier: Säkerhet

Debian Security Advisory 3297-1

Packet storm - tis, 2015-06-30 02:15
Debian Linux Security Advisory 3297-1 - It was discovered that unattended-upgrades, a script for automatic installation of security upgrades, did not properly authenticate downloaded packages when the force-confold or force-confnew dpkg options were enabled via the DPkg::Options::* apt configuration.
Kategorier: Säkerhet

Ubuntu Security Notice USN-2657-1

Packet storm - tis, 2015-06-30 02:15
Ubuntu Security Notice 2657-1 - It was discovered that unattended-upgrades incorrectly performed authentication checks in certain configurations. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could potentially be used to install altered packages.
Kategorier: Säkerhet

Red Hat Security Advisory 2015-1196-01

Packet storm - tis, 2015-06-30 02:15
Red Hat Security Advisory 2015-1196-01 - PostgreSQL is an advanced object-relational database management system. A double-free flaw was found in the connection handling. An unauthenticated attacker could exploit this flaw to crash the PostgreSQL back end by disconnecting at approximately the same time as the authentication time out is triggered. It was discovered that PostgreSQL did not properly check the return values of certain standard library functions. If the system is in a state that would cause the standard library functions to fail, for example memory exhaustion, an authenticated user could exploit this flaw to disclose partial memory contents or cause the GSSAPI authentication to use an incorrect keytab file.
Kategorier: Säkerhet

Red Hat Security Advisory 2015-1195-01

Packet storm - tis, 2015-06-30 02:15
Red Hat Security Advisory 2015-1195-01 - PostgreSQL is an advanced object-relational database management system. A double-free flaw was found in the connection handling. An unauthenticated attacker could exploit this flaw to crash the PostgreSQL back end by disconnecting at approximately the same time as the authentication time out is triggered. It was discovered that PostgreSQL did not properly check the return values of certain standard library functions. If the system is in a state that would cause the standard library functions to fail, for example memory exhaustion, an authenticated user could exploit this flaw to disclose partial memory contents or cause the GSSAPI authentication to use an incorrect keytab file.
Kategorier: Säkerhet

Red Hat Security Advisory 2015-1193-01

Packet storm - tis, 2015-06-30 02:15
Red Hat Security Advisory 2015-1193-01 - Xerces-C is a validating XML parser written in a portable subset of C++. A flaw was found in the way the Xerces-C XML parser processed certain XML documents. A remote attacker could provide specially crafted XML input that, when parsed by an application using Xerces-C, would cause that application to crash. All xerces-c users are advised to upgrade to this updated package, which contains a backported patch to correct this issue.
Kategorier: Säkerhet

Red Hat Security Advisory 2015-1194-01

Packet storm - tis, 2015-06-30 02:15
Red Hat Security Advisory 2015-1194-01 - PostgreSQL is an advanced object-relational database management system. A double-free flaw was found in the connection handling. An unauthenticated attacker could exploit this flaw to crash the PostgreSQL back end by disconnecting at approximately the same time as the authentication time out is triggered. It was discovered that PostgreSQL did not properly check the return values of certain standard library functions. If the system is in a state that would cause the standard library functions to fail, for example memory exhaustion, an authenticated user could exploit this flaw to disclose partial memory contents or cause the GSSAPI authentication to use an incorrect keytab file.
Kategorier: Säkerhet

Watchguard XCS 10.0 SQL Injection / Command Execution

Packet storm - tis, 2015-06-30 02:12
The Watchguard XCS virtual appliance contains a number of vulnerabilities, including unauthenticated SQL injection, command execution and privilege escalation. By combining these vulnerabilities, an attacker may remotely obtain root privileges on the underlying host. Versions 10.0 and below are affected.
Kategorier: Säkerhet