Amazon Linux AMI : dnsmasq (ALAS-2017-907)

Information leak in the DHCPv6 relay code An information leak was found in dnsmasq in the DHCPv6 relay code. An attacker on the local network could send crafted DHCPv6 packets to dnsmasq causing it to forward the contents of process memory, potentially leaking sensitive data. CVE-2017-14494 Memor...

Amazon Linux AMI : ruby22 / ruby23 (ALAS-2017-906)

SMTP command injection via CRLF sequences in RCPT TO or MAIL FROM commands in Net::SMTP A SMTP command injection flaw was found in the way Ruby's Net::SMTP module handled CRLF sequences in certain SMTP commands. An attacker could potentially use this flaw to inject SMTP commands in a SMTP session...

Amazon Linux AMI : poppler (ALAS-2017-902)

Stack-buffer overflow in GfxState.cc : A stack-based buffer overflow was found in the poppler library. An attacker could create a malicious PDF file that would cause applications that use poppler such as Evince to crash, or potentially execute arbitrary code when opened. CVE-2017-9775 Integer...

Amazon Linux AMI : httpd24 / httpd (ALAS-2017-896) (Optionsbleed)

Apache httpd allows remote attackers to read secret data from process memory if the Limit directive can be set in a user's .htaccess file, or if httpd.conf has certain misconfigurations, aka Optionsbleed. The attacker sends an unauthenticated OPTIONS HTTP request when attempting to read secret...

Amazon Linux AMI : GraphicsMagick (ALAS-2017-891)

The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 has an out-of-order CloseBlob call, resulting in a use-after-free via a crafted file. CVE-2017-1000061 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Amazon Linux AMI...

Amazon Linux AMI : mercurial (ALAS-2017-893)

A shell command injection flaw related to the handling of 'ssh' URLs has been discovered in Mercurial. This can be exploited to execute shell commands with the privileges of the user running the Mercurial client, for example, when performing a 'checkout' or 'update' action on a sub-repository...

Amazon Linux AMI : nginx (ALAS-2017-894)

A flaw within the processing of ranged HTTP requests has been discovered in the range filter module of nginx. A remote attacker could possibly exploit this flaw to disclose parts of the cache file header, or, if used in combination with third party modules, disclose potentially sensitive memory b...

Amazon Linux AMI : xmlsec1 (ALAS-2017-890)

It was discovered xmlsec1's use of libxml2 inadvertently enabled external entity expansion XXE along with validation. An attacker could craft an XML file that would cause xmlsec1 to try and read local files or HTTP/FTP URLs, leading to information disclosure or denial of service. CVE-2017-1000061...

Amazon Linux AMI : aws-cfn-bootstrap (ALAS-2017-895)

The default umask value is set to 022 to address a privilege escalation security vulnerability. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Amazon Linux AMI Security Advisory ALAS-2017-895. include"compat.inc"; if description...

Amazon Linux AMI : wget (ALAS-2017-881)

CRLF injection in the urlparse function in url.c A CRLF injection flaw was found in the way wget handled URLs. A remote attacker could use this flaw to inject arbitrary HTTP headers in requests, via CRLF sequences in the host sub-component of a URL, by tricking a user running wget into processing...

Amazon Linux AMI : glibc (ALAS-2017-877)

Unbounded stack allocation in catopen function A stack based buffer overflow vulnerability was found in the catopen function. An excessively long string passed to the function could cause it to crash or, potentially, execute arbitrary code.CVE-2015-8779 Integer overflow in hcreate and hcreater An...

Amazon Linux AMI : postgresql94 / postgresql95 (ALAS-2017-885)

pgusermappings view discloses passwords to users lacking server privileges : An authorization flaw was found in the way PostgreSQL handled access to the pgusermappings view on foreign servers. A remote authenticated attacker could potentially use this flaw to retrieve passwords from the user...

Amazon Linux AMI : curl (ALAS-2017-889)

FILE buffer read out of bounds CVE-2017-1000099 TFTP sends more than buffer size CVE-2017-1000100 URL globbing out of bounds read CVE-2017-1000101 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Amazon Linux AMI Security Advisory...

Amazon Linux AMI : subversion / mod_dav_svn (ALAS-2017-883)

Command injection through clients via malicious svn+ssh URLs A shell command injection flaw related to the handling of 'svn+ssh' URLs has been discovered in Subversion. An attacker could use this flaw to execute shell commands with the privileges of the user running the Subversion client, for...

Amazon Linux AMI : mysql56 (ALAS-2017-888)

Server: Charsets unspecified vulnerability CPU Jul 2017 : Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Charsets. Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows...

Amazon Linux AMI : git (ALAS-2017-882)

Command injection via malicious ssh URLs : A shell command injection flaw related to the handling of 'ssh' URLs has been discovered in Git. An attacker could use this flaw to execute shell commands with the privileges of the user running the Git client, for example, when performing a 'clone' acti...

Amazon Linux AMI : ruby23 (ALAS-2017-880)

IV Reuse in GCM Mode : The openssl gem for Ruby uses the same initialization vector IV in GCM Mode aes--gcm when the IV is set before the key, which makes it easier for context-dependent attackers to bypass the encryption protection mechanism. CVE-2016-7798 C Tenable Network Security, Inc. The...

Amazon Linux AMI : postgresql93 / postgresql92 (ALAS-2017-884)

pgusermappings view discloses passwords to users lacking server privileges : An authorization flaw was found in the way PostgreSQL handled access to the pgusermappings view on foreign servers. A remote authenticated attacker could potentially use this flaw to retrieve passwords from the user...

Amazon Linux AMI : authconfig (ALAS-2017-875)

Information leak when SSSD is used for authentication against remote server : A flaw was found where authconfig could configure sssd in a way that treats existing and non-existing logins differently, leaking information on existence of a user. An attacker with physical or network access to the...

Amazon Linux AMI : aws-cfn-bootstrap (ALAS-2017-886)

New optional parameter 'umask' introduced into cfn-hup.conf file in order to configure the cfn-hup daemon's umask. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Amazon Linux AMI Security Advisory ALAS-2017-886. include"compat.inc"; if...