Feed aggregator

Vuln: Docker CVE-2016-9962 Local Privilege Escalation Vulnerability

Security Focus Latest Security Advisories - January 14, 2017 - 12:00am
Docker CVE-2016-9962 Local Privilege Escalation Vulnerability
Categories:

Vuln: Linux Kernel Multiple Local Memory Corruption Vulnerabilities

Security Focus Latest Security Advisories - January 14, 2017 - 12:00am
Linux Kernel Multiple Local Memory Corruption Vulnerabilities
Categories:

[security bulletin] HPSBGN03694 rev.1 - HPE SiteScope, Remote Disclosure of Information

BugTraq Latest Security Advisories - January 13, 2017 - 12:25am

Posted by security-alert on Jan 12

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05369403

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05369403
Version: 1

HPSBGN03694 rev.1 - HPE SiteScope, Remote Disclosure of Information

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release Date: 2017-01-12
Last Updated: 2017-01-12

Potential...
Categories:

Bugtraq: CA20170109-01: Security Notice for CA Service Desk Manager

Security Focus Latest Security Advisories - January 13, 2017 - 12:00am
CA20170109-01: Security Notice for CA Service Desk Manager
Categories:

Vuln: GNU ed CVE-2017-5357 Denial of Service Vulnerability

Security Focus Latest Security Advisories - January 13, 2017 - 12:00am
GNU ed CVE-2017-5357 Denial of Service Vulnerability
Categories:

Vuln: Libxml2 'xmlLoadEntityContent()' Function CVE-2016-4449 Security Bypass Vulnerability

Security Focus Latest Security Advisories - January 13, 2017 - 12:00am
Libxml2 'xmlLoadEntityContent()' Function CVE-2016-4449 Security Bypass Vulnerability
Categories:

Vuln: Libxml2 CVE-2016-4448 Remote Format String Vulnerability

Security Focus Latest Security Advisories - January 13, 2017 - 12:00am
Libxml2 CVE-2016-4448 Remote Format String Vulnerability
Categories:

Vuln: OpenSSH CVE-2016-6515 Denial of Service Vulnerability

Security Focus Latest Security Advisories - January 13, 2017 - 12:00am
OpenSSH CVE-2016-6515 Denial of Service Vulnerability
Categories:

Vuln: Multiple F5 BIG-IP Products CVE-2016-9247 Denial of Service Vulnerability

Security Focus Latest Security Advisories - January 13, 2017 - 12:00am
Multiple F5 BIG-IP Products CVE-2016-9247 Denial of Service Vulnerability
Categories:

Vuln: OpenSSH CVE-2015-6565 Local Security Bypass Vulnerability

Security Focus Latest Security Advisories - January 13, 2017 - 12:00am
OpenSSH CVE-2015-6565 Local Security Bypass Vulnerability
Categories:

Vuln: OpenSSH CVE-2016-0777 Information Disclosure Vulnerability

Security Focus Latest Security Advisories - January 13, 2017 - 12:00am
OpenSSH CVE-2016-0777 Information Disclosure Vulnerability
Categories:

Vuln: OpenSSH CVE-2016-0778 Heap Based Buffer Overflow Vulnerability

Security Focus Latest Security Advisories - January 13, 2017 - 12:00am
OpenSSH CVE-2016-0778 Heap Based Buffer Overflow Vulnerability
Categories:

Vuln: libxml2 CVE-2016-1762 Multiple Memory Corruption Vulnerabilities

Security Focus Latest Security Advisories - January 13, 2017 - 12:00am
libxml2 CVE-2016-1762 Multiple Memory Corruption Vulnerabilities
Categories:

Vuln: OpenSSH CVE-2016-3115 Remote Command Injection Vulnerability

Security Focus Latest Security Advisories - January 13, 2017 - 12:00am
OpenSSH CVE-2016-3115 Remote Command Injection Vulnerability
Categories:

next-20170113: linux-next

Linux Kernel Updates - January 12, 2017 - 11:10pm
Version:next-20170113 (linux-next) Released:2017-01-13

ICMPv6 PTBs and IPv6 frag filtering (particularly at BGP peers)

BugTraq Latest Security Advisories - January 12, 2017 - 11:56am

Posted by Fernando Gont on Jan 12

Folks,

I'm curious about whether folks are filtering ICMPv6 PTB<1280
and/or IPv6 fragments targeted to BGP routers (off-list datapoints are
welcome).

In any case, you mind find it worth reading to check if you're affected
(from Section 2 of recently-published RFC8021):

---- cut here ----
The security implications of IP fragmentation have been discussed at
length in [RFC6274] and [RFC7739]. An attacker can leverage the...
Categories:

[SECURITY] [DSA 3760-1] ikiwiki security update

BugTraq Latest Security Advisories - January 12, 2017 - 10:19am

Posted by Moritz Muehlenhoff on Jan 12

-------------------------------------------------------------------------
Debian Security Advisory DSA-3760-1 security () debian org
https://www.debian.org/security/ Moritz Muehlenhoff
January 12, 2017 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : ikiwiki
CVE ID : CVE-2016-9646 CVE-2016-10026...
Categories:

CVE-2017-5350: Unexpected SystemUI FC driven by arbitrary application

BugTraq Latest Security Advisories - January 12, 2017 - 7:24am

Posted by unlimitsec on Jan 12

Description of the potential vulnerability:Lack of appropriate exception handling in some applications allows attackers
to make a systemUI crash easily resulting in a possible DoS attack
Affected versions: L(5.0/5.1), M(6.0), and N(7.0)
Disclosure status: Privately disclosed.
The patch prevents systemUI crashes by handling unexpected exceptions.

Fix:
http://security.samsungmobile.com/smrupdate.html#SMR-JAN-2017
SVE-2016-7122: Unexpected...
Categories:

[slackware-security] bind (SSA:2017-011-01)

BugTraq Latest Security Advisories - January 12, 2017 - 6:20am

Posted by Slackware Security Team on Jan 12

[slackware-security] bind (SSA:2017-011-01)

New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
14.2, and -current to fix a security issue.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/bind-9.10.4_P5-i586-1_slack14.2.txz: Upgraded.
This update fixes a denial-of-service vulnerability. An error in handling
certain queries can cause an assertion failure when a...
Categories:

[slackware-security] gnutls (SSA:2017-011-02)

BugTraq Latest Security Advisories - January 12, 2017 - 6:10am

Posted by Slackware Security Team on Jan 12

[slackware-security] gnutls (SSA:2017-011-02)

New gnutls packages are available for Slackware 14.0, 14.1, 14.2, and -current
to fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/gnutls-3.5.8-i586-1_slack14.2.txz: Upgraded.
This update fixes some bugs and security issues.
For more information, see:
https://gnutls.org/security.html#GNUTLS-SA-2017-1...
Categories: