Amazon Linux AMI : openvpn (ALAS-2017-852)

OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to remote denial-of-service when receiving malformed IPv6 packet. CVE-2017-7508 OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to denial-of-service by authenticated remote attacker via sending a certificate with an...

Amazon Linux AMI : nss (ALAS-2017-848)

NULL pointer dereference when handling empty SSLv2 messages : A NULL pointer dereference flaw was found in the way NSS handled empty SSLv2 messages. An attacker could use this flaw to crash a server application compiled against the NSS library. CVE-2017-7502 C Tenable Network Security, Inc. The...

Amazon Linux AMI : lynis (ALAS-2017-847)

Unspecified tests in Lynis before 2.5.0 allow local users to write to arbitrary files or possibly gain privileges via a symlink attack on a temporary file. CVE-2017-8108 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Amazon Linux AMI...

Amazon Linux AMI : curl (ALAS-2017-850)

The ourWriteOut function in toolwriteout.c in curl 7.53.1 might allow physically proximate attackers to obtain sensitive information from process memory in opportunistic circumstances by reading a workstation screen during use of a --write-out argument ending in a certain character, which leads t...

Amazon Linux AMI : puppet3 (ALAS-2017-849)

Unsafe YAML deserialization : Versions of Puppet prior to 4.10.1 will deserialize data off the wire from the agent to the server, in this case with a attacker-specified format. This could be used to force YAML deserialization in an unsafe manner, which would lead to remote code execution. This...

Amazon Linux AMI : httpd (ALAS-2017-851)

Apache HTTP Request Parsing Whitespace Defects It was discovered that the HTTP parser in httpd incorrectly allowed certain characters not permitted by the HTTP protocol specification to appear unencoded in HTTP request headers. If httpd was used in conjunction with a proxy or backend server that...

Amazon Linux AMI : kernel (ALAS-2017-846)

Module reference leak due to improper shut down of callback channel on umount : The NFSv4 implementation in the Linux kernel through 4.11.1 allows local users to cause a denial of service resource consumption by leveraging improper channel callback shutdown when unmounting an NFSv4 filesystem, ak...

Amazon Linux AMI : kernel (ALAS-2017-845) (Stack Clash)

An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be jmp'ed over, this affects Linux Kernel versions 4.11.5 and earlier the stackguard page was introduced in 2010. CVE-2017-1000364 The offset2lib patch as use...

Amazon Linux AMI : glibc (ALAS-2017-844) (Stack Clash)

Glibc contains a vulnerability that allows specially crafted LDLIBRARYPATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Please note that additional hardening changes have been made to glibc to prevent manipulation of stack and heap...

Amazon Linux AMI : postgresql93 / postgresql94,postgresql95 (ALAS-2017-839)

Selectivity estimators bypass SELECT privilege checks It was found that some selectivity estimation functions did not check user privileges before providing information from pgstatistic, possibly leaking information. An unprivileged attacker could use this flaw to steal some information from tabl...

Amazon Linux AMI : postgresql92 (ALAS-2017-838)

Selectivity estimators bypass SELECT privilege checks It was found that some selectivity estimation functions did not check user privileges before providing information from pgstatistic, possibly leaking information. An unprivileged attacker could use this flaw to steal some information from tabl...

Amazon Linux AMI : sudo (ALAS-2017-843)

A flaw was found in the way sudo parsed tty information from the process status file in the proc filesystem. A local user with privileges to execute commands via sudo could use this flaw to escalate their privileges to root. CVE-2017-1000367 C Tenable Network Security, Inc. The descriptive text a...

Amazon Linux AMI : ghostscript (ALAS-2017-837)

It was found that ghostscript did not properly validate the parameters passed to the .rsdparams and .eqproc functions. During its execution, a specially crafted PostScript document could execute code in the context of the ghostscript process, bypassing the -dSAFER protection. CVE-2017-8291 C...

Amazon Linux AMI : rpcbind (ALAS-2017-841)

It was found that due to the way rpcbind uses libtirpc libntirpc, a memory leak can occur when parsing specially crafted XDR messages. An attacker sending thousands of messages to rpcbind could cause its memory usage to grow without bound, eventually causing it to be terminated by the OOM killer...

Amazon Linux AMI : libtirpc (ALAS-2017-840)

Memory leak when failing to parse XDR strings or bytearrays It was found that due to the way rpcbind uses libtirpc libntirpc, a memory leak can occur when parsing specially crafted XDR messages. An attacker sending thousands of messages to rpcbind could cause its memory usage to grow without boun...

Amazon Linux AMI : git (ALAS-2017-842)

Escape out of git-shell A flaw was found in the way git-shell handled command-line options for the restricted set of git-shell commands. A remote authenticated attacker could use this flaw to bypass git-shell restrictions, to view and manipulate files, by abusing the instance of the less command...

Amazon Linux AMI : kernel (ALAS-2017-832)

Unsafe second checksum calculation in udp.c : The Linux kernel allows remote attackers to execute arbitrary code via UDP traffic that triggers an unsafe second checksum calculation during execution of a recv system call with the MSGPEEK flag. This may create a kernel panic or memory corruption...

Amazon Linux AMI : samba (ALAS-2017-834) (SambaCry)

A remote code execution flaw was found in Samba. A malicious authenticated samba client, having write access to the samba share, could use this flaw to execute arbitrary code as root. CVE-2017-7494 It was found that Samba always requested forwardable tickets when using Kerberos authentication. A...

Amazon Linux AMI : bind (ALAS-2017-833)

A denial of service flaw was found in the way BIND handled DNSSEC validation. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. CVE-2017-3139 C Tenable Network Security, Inc. The descriptive text and package check...

Amazon Linux AMI : mysql55 (ALAS-2017-831)

Server: Security: Privileges unspecified vulnerability CPU Apr 2017 : Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Security: Privileges. Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily 'exploitable...