Gentoo Linux Security Advisory 201709-18 - Multiple vulnerabilities have been found in Mercurial, the worst of which could lead to the remote execution of arbitrary code. Versions less than 4.3 are affected.
89aefc9a366cff54114ccf79e3fe3ca7be36701152914d2c0e752658790e251bGentoo Linux Security Advisory 201709-17 - A command injection vulnerability in CVS may allow remote attackers to execute arbitrary code. Versions less than 1.12.12-r12 are affected.
78f216f749a83a59358d93b2407ec3478ef2da3649ff8b7511fbd25def623d28Gentoo Linux Security Advisory 201709-16 - Multiple vulnerabilities have been found in Adobe Flash Player, the worst of which allows remote attackers to execute arbitrary code. Versions less than 27.0.0.130-r1 are affected.
1f1f846175f0899cf7579a530d3a0f6ba45337a805744b1f2ee7bd01546c7dbcGentoo Linux Security Advisory 201709-15 - Multiple vulnerabilities have been found in Chromium, the worst of which could result in the execution of arbitrary code. Versions less than 61.0.3163.79 are affected.
131fec0e0b3d7226331ef6385d05b2dfcd5b79bfa21635682acea468e5e5bed2Slackware Security Advisory - New libxml2 packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.
4d6b678c3314fa71af254ef3e0b8d2513919f18fac4a8a69d0e2e408d3d10701Debian Linux Security Advisory 3983-1 - Multiple security issues have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix.
d20e3978bfa76603621405671436ff72e2de88512d266516e792372b832b4216Apple products suffers from an information leak when handling WLC_E_COUNTRY_CODE_CHANGED event packets.
d9fd260e76fa5bb413e17f4cda2ada7d5e896a778a13ebaf5b7d8bf3679a09e6The Apple PCIe Message Ring protocol suffers from multiple race conditions that can lead to out-of-bounds read and writes.
9d829639573f82bd62beacc1312bfa32eb067d298b7f05c51fa7d65065d918c1Heap overflow and information disclosure vulnerabilities exist in Apple's setVendorIE when handling ioctl results.
c549b5fce03407f8bce467f2a8413f2729a2df5e52d5696e76a216319fcaedd3Apple products suffer from an issue where an out-of-band NUL byte write occurs when handling WLC_E_TRACE event packets.
47ee5c128bfcfb4a1dc15e92a364f7ed639bb5fa9a32e0849814541a789a8c46A heap overflow vulnerability exists in Apple's updateRateSetAsyncCallback when handling ioctl results.
5baf4461e02f823d473ce5e80cdf29107fb3e4d0bc77201b0a37d01d752ae1baThere is a heap overflow vulnerability in Apple's assembleBGScanResults when handling ioctl results.
e497d754530da645d0dfa81b8d9378547e7195bb0e4f5b900f516e4799502c81There is a heap overflow in Apple's AppleBCMWLANCore driver when handling Completed Firmware Timestamp messages (0x27).
859f5e2dd3a8465d5b3ba18254bb4a28a1247d2b72149d337adb0d58d1245663Red Hat Security Advisory 2017-2787-01 - MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld, and many client programs. The following packages have been upgraded to a later upstream version: rh-mysql56-mysql. Security Fix: An integer overflow flaw leading to a buffer overflow was found in the way MySQL parsed connection handshake packets. An unauthenticated remote attacker with access to the MySQL port could use this flaw to crash the mysqld daemon.
c2fbd0ec54d0bfa9ad2a7c6d11b3885aed12d2e86bc392ddc02f7778c1606199Red Hat Security Advisory 2017-2778-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix: A race condition was found in samba server. A malicious samba client could use this flaw to access files and directories in areas of the server file system not exported under the share definitions.
90e4d59d523bfd0324aa344e6329f791d3e861d3915594325338f11b5393a026Red Hat Security Advisory 2017-2788-01 - Augeas is a configuration editing tool. It parses configuration files in their native formats and transforms them into a tree. Configuration changes are made by manipulating this tree and saving it back into native config files. Security Fix: A vulnerability was discovered in augeas affecting the handling of escaped strings. An attacker could send crafted strings that would cause the application using augeas to copy past the end of a buffer, leading to a crash or possible code execution.
1f462b1f7c629927ce4d52271c2e05e7f8c0b9018b4e5e8bfccbf1cd04e731b8Red Hat Security Advisory 2017-2791-01 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. Security Fix: It was found that samba did not enforce "SMB signing" when certain configuration options were enabled. A remote attacker could launch a man-in-the-middle attack and retrieve information in plain-text.
4d4892162624cc5f56a309259e711433107bdaff738b0902cd06a0920c2357d1Red Hat Security Advisory 2017-2790-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix: It was found that samba did not enforce "SMB signing" when certain configuration options were enabled. A remote attacker could launch a man-in-the-middle attack and retrieve information in plain-text.
6fdc918f44a544b6b95ca2d43f660a74ab6f5bafc9df5d9b96e58d4d2091ea74Ubuntu Security Notice 3428-1 - Charles A. Roelli discovered that Emacs incorrectly handled certain files. If a user were tricked into opening a specially crafted file, an attacker could possibly use this to execute arbitrary code.
6562f178517cc3601b9d7f603897baabf458f7268887dc51206c086abd540529Ubuntu Security Notice 3427-1 - Charles A. Roelli discovered that Emacs incorrectly handled certain files. If a user were tricked into opening a specially crafted file, an attacker could possibly use this to execute arbitrary code.
bd9cfadaec51d38cdd314bcf510fa56941a2f71fc610aea2f87e7e878381665bUbuntu Security Notice 3426-1 - Stefan Metzmacher discovered that Samba incorrectly enforced SMB signing in certain situations. A remote attacker could use this issue to perform a man in the middle attack. Stefan Metzmacher discovered that Samba incorrectly handled encryption across DFS redirects. A remote attacker could use this issue to perform a man in the middle attack. Yihan Lian and Zhibin Hu discovered that Samba incorrectly handled memory when SMB1 is being used. A remote attacker could possibly use this issue to obtain server memory contents. Various other issues were also addressed.
fa491e751279b5ea9e1da0bb1115ba5f62388c95fddad08cf232e729f712f242Red Hat Security Advisory 2017-2789-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix: A race condition was found in samba server. A malicious samba client could use this flaw to access files and directories in areas of the server file system not exported under the share definitions.
a8cc2c9ae85665ac880ca785b563e8c299483d8d2baeccb37150982ed7663e29Apple Security Advisory 2017-09-20-3 - tvOS 11 addresses code execution vulnerabilities.
15a3c1f5437e40580d8e005ab73b5fa1f21710b492e652da0283bb117e57a3dcApple Security Advisory 2017-09-20-2 - watchOS 4 addresses code execution vulnerabilities.
f9cdedf252be3c12ad1d0907e2e8a94476a0fcf654d70bf2648b39d50c47b8a3EMC ViPR SRM, EMC Storage M and R, EMC VNX M and R, EMC M and R (Watch4Net) for SAS Solution Packs contain directory traversal and denial of service vulnerabilities.
d8fd541238a290126b690b97c35135c5a00a337a9f9c9294e18f218ff29f8426
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed